booking.greif.it/
135.125.240.140302 Found 0 B IP 135.125.240.140:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: booking.greif.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
content-length: 0
location: https://booking.greif.it/
cache-control: no-cache
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7751
Expires: Tue, 06 Dec 2022 03:01:46 GMT
Date: Tue, 06 Dec 2022 00:52:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10242
Expires: Tue, 06 Dec 2022 03:43:17 GMT
Date: Tue, 06 Dec 2022 00:52:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XGoGfAoFfhVVPquI/GdJuEQFYvTBTiWXw05ZnQZ4gyv7vVhTfp76WcVXFrhv0eXFT2vFwPxNNe4=
x-amz-request-id: 6F66PH3853K6E2E7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 00:46:53 GMT
age: 342
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4220
Cache-Control: max-age=125344
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:35 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:41:39 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4220
Cache-Control: max-age=125344
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:35 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:41:39 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 00:20:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1935
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:52:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 00:08:58 GMT
cache-control: public,max-age=3600
age: 2618
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/media/bf-icons-extended.00ff8422.ttf
54.230.245.206200 OK 94 kB URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/media/bf-icons-extended.00ff8422.ttf
IP 54.230.245.206:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash 439b52438c772a69ba68cddd45b0ba56
acc851fc76bade985719ddd6b688e184f1096121
fd15c1d08eecfa3bebd1c8a1e28836de2f04036509f7ee65e1945cc0decd725d
GET /_next/static/media/bf-icons-extended.00ff8422.ttf HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://booking.greif.it
Connection: keep-alive
Referer: https://d2jtzd336hs8un.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 93868
date: Tue, 15 Nov 2022 13:37:21 GMT
last-modified: Tue, 03 May 2022 12:24:17 GMT
etag: "62711ef1-16eac"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MhDR9jdoxfY2TnfkeQjZrGyVm9l-5Z4WeHNkBWn2tdAGwAMALRHKyg==
age: 1768515
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/static/themes/default/assets/fonts/icons.woff
54.230.245.206200 OK 50 kB URL HTTP/2 d2jtzd336hs8un.cloudfront.net/static/themes/default/assets/fonts/icons.woff
IP 54.230.245.206:0
File type Web Open Font Format, TrueType, length 50524, version 1.0\012- data
Hash faff92145777a3cbaf8e7367b4807987
9c293328f39dc54bd654d273d0cc5af0d11905c6
95b6a4840f8711ecab427bc236eb86098db7e5c782bafb139c8c30805aa5ffe1
GET /static/themes/default/assets/fonts/icons.woff HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://booking.greif.it
Connection: keep-alive
Referer: https://d2jtzd336hs8un.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
content-length: 50524
date: Mon, 05 Dec 2022 06:21:15 GMT
last-modified: Tue, 03 May 2022 12:34:48 GMT
etag: "62712168-c55c"
access-control-allow-origin: *
accept-ranges: bytes
strict-transport-security: max-age=15768000
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -xfmvfY1zbMgayNd7Oa-4UW-fYFwC4q-DpCMGUlX6cf8ecQV60KQSw==
age: 66681
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4223
Cache-Control: max-age=120279
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:36 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:17:15 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
d2jtzd336hs8un.cloudfront.net/_next/static/media/bf-icons.3014e895.ttf
54.230.245.206200 OK 156 kB URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/media/bf-icons.3014e895.ttf
IP 54.230.245.206:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Size 156 kB (156184 bytes)
Hash e457529d073c28d569d2808199a9bffe
689f15a06422982cc641b6406abb13db284a9ab1
6004f0b7111e09c8acdae325b3e75d38f965d89d6321df8811dabaf44d76d5df
GET /_next/static/media/bf-icons.3014e895.ttf HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://booking.greif.it
Connection: keep-alive
Referer: https://d2jtzd336hs8un.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 156184
date: Tue, 15 Nov 2022 13:37:21 GMT
last-modified: Tue, 03 May 2022 12:34:30 GMT
etag: "62712156-26218"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1BqnUt-5cZVJ5yMVupEa0gCpxtMQUaxyFsVVPFcvBUCCM5w0nUAUlg==
age: 1768515
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/static/bf-icons-extended.ttf
54.230.245.206200 OK 94 kB URL HTTP/2 d2jtzd336hs8un.cloudfront.net/static/bf-icons-extended.ttf
IP 54.230.245.206:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash 439b52438c772a69ba68cddd45b0ba56
acc851fc76bade985719ddd6b688e184f1096121
fd15c1d08eecfa3bebd1c8a1e28836de2f04036509f7ee65e1945cc0decd725d
GET /static/bf-icons-extended.ttf HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://booking.greif.it
Connection: keep-alive
Referer: https://d2jtzd336hs8un.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 93868
last-modified: Tue, 03 May 2022 12:34:48 GMT
access-control-allow-origin: *
accept-ranges: bytes
strict-transport-security: max-age=15768000
date: Mon, 05 Dec 2022 14:12:56 GMT
etag: "62712168-16eac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qTjJ3K500juD4Vn0RtZzuwSD_m08CMTEXSupVZuNni0IwSyFhYz3Gg==
age: 38380
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-K3VT895
142.250.74.168200 OK 58 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K3VT895
IP 142.250.74.168:0
File type ASCII text, with very long lines (31869)
Hash cb67e7c7fd27acf4df539ba638ebd372
dc62f165051177a1611ebb33de15895e2aafec78
2e192317e4a11b8bbdb2c5cfab56122cac5096598f3e244a0901718c73fe018d
GET /gtm.js?id=GTM-K3VT895 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 00:52:36 GMT
expires: Tue, 06 Dec 2022 00:52:36 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 57661
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.seekda.com/assets/fonts/google/taviraj-v11-latin-regular.woff2
135.125.240.147200 OK 22 kB URL HTTP/2 static.seekda.com/assets/fonts/google/taviraj-v11-latin-regular.woff2
IP 135.125.240.147:0
File type Web Open Font Format (Version 2), TrueType, length 22244, version 1.0\012- data
Hash d0c1a927dcd0c9815679fc072b69d31f
bf8d01fd1180e11dbd6427a6a9d55c3e56ef2eb2
88866a75f72c7c8692a0bd39047f73bf1869ad5bb6bb032c0804001b0bf34142
GET /assets/fonts/google/taviraj-v11-latin-regular.woff2 HTTP/1.1
Host: static.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://booking.greif.it
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:52:36 GMT
content-type: font/woff2
content-length: 22244
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://booking.greif.it
access-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
content-security-policy: block-all-mixed-content
etag: "d0c1a927dcd0c9815679fc072b69d31f"
last-modified: Wed, 23 Nov 2022 09:00:36 GMT
no-gzip-compression: true
vary: Origin, Accept-Encoding
x-amz-replication-status: COMPLETED
x-amz-request-id: 172E0E0BF83A7A78
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-version-id: e842cd07-131d-41a5-917d-781c0e692f4e
strict-transport-security: max-age=15768000
server: Kognitiv
set-cookie: WEIU3SASDIO=5e35dcc058629f0; path=/; HttpOnly; Secure; SameSite=none
cache-control: max-age=43200, private
X-Firefox-Spdy: h2
static.seekda.com/assets/fonts/google/taviraj-v11-latin-700.woff2
135.125.240.147200 OK 22 kB URL HTTP/2 static.seekda.com/assets/fonts/google/taviraj-v11-latin-700.woff2
IP 135.125.240.147:0
File type Web Open Font Format (Version 2), TrueType, length 22412, version 1.0\012- data
Hash f0cb1b3d85b08f5b91acf880770885df
0e274a3d78a3c631031798a989f41e0438aa7a61
ebc652a494bedff73bb21ff9d2833441586b792e29f0bafa8081d562233cbb5d
GET /assets/fonts/google/taviraj-v11-latin-700.woff2 HTTP/1.1
Host: static.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://booking.greif.it
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:52:36 GMT
content-type: font/woff2
content-length: 22412
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://booking.greif.it
access-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
content-security-policy: block-all-mixed-content
etag: "f0cb1b3d85b08f5b91acf880770885df"
last-modified: Wed, 23 Nov 2022 09:00:36 GMT
no-gzip-compression: true
vary: Origin, Accept-Encoding
x-amz-replication-status: COMPLETED
x-amz-request-id: 172E0E0BF890AADD
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-version-id: 08af64d6-702c-4a99-912c-9c3ebaec6d81
strict-transport-security: max-age=15768000
server: Kognitiv
set-cookie: WEIU3SASDIO=5e586ba66df10c0; path=/; HttpOnly; Secure; SameSite=none
cache-control: max-age=43200, private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.216.88.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.88.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RZd1E+wCjZaseWyZDk7zxA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eJiQVagfzvxTZMchCGUIJ+YA4iU=
res.cloudinary.com/seekda/image/upload/w_1920,ar_3.0,c_fill,f_auto,fl_lossy,q_auto/v1625478647/production/IT_BOZEN_GREIF/_211_MA_MAYR_02.jpg
151.101.129.137200 OK 94 kB URL HTTP/2 res.cloudinary.com/seekda/image/upload/w_1920,ar_3.0,c_fill,f_auto,fl_lossy,q_auto/v1625478647/production/IT_BOZEN_GREIF/_211_MA_MAYR_02.jpg
IP 151.101.129.137:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 831f07dfd11dbe464216dccfec24ae8d
d7d0d996345472178b4381ec33ad912b699587cf
64181d480003aa1cac3020303ef0bb92387178f388dfd90a6ac20f42d5098367
GET /seekda/image/upload/w_1920,ar_3.0,c_fill,f_auto,fl_lossy,q_auto/v1625478647/production/IT_BOZEN_GREIF/_211_MA_MAYR_02.jpg HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="_211_MA_MAYR_02.webp"
content-type: image/webp
etag: "831f07dfd11dbe464216dccfec24ae8d"
last-modified: Mon, 05 Jul 2021 12:18:34 GMT
date: Tue, 06 Dec 2022 00:52:36 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=169;cpu=1;start=2022-12-06T00:52:36.775Z;desc=miss,rtt;dur=13,cloudinary;dur=74;start=2022-12-06T00:52:36.823Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 93820
X-Firefox-Spdy: h2
res.cloudinary.com/seekda/image/upload/w_192,h_192,c_fill/v1625484710/production/IT_BOZEN_GREIF/Greif_Favicon_96x96.png
151.101.129.137200 OK 9.3 kB URL HTTP/2 res.cloudinary.com/seekda/image/upload/w_192,h_192,c_fill/v1625484710/production/IT_BOZEN_GREIF/Greif_Favicon_96x96.png
IP 151.101.129.137:0
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash 05daa1b49a74502ba08712f2fd1580b0
64acc188872e618d2ab0d52488829251b4230cec
3c146c87751e9208a43298431bddd93a6a917016537dac52e97e0b07cb9c9144
GET /seekda/image/upload/w_192,h_192,c_fill/v1625484710/production/IT_BOZEN_GREIF/Greif_Favicon_96x96.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
etag: "05daa1b49a74502ba08712f2fd1580b0"
last-modified: Mon, 05 Jul 2021 12:36:03 GMT
date: Tue, 06 Dec 2022 00:52:37 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=0;start=2022-12-06T00:52:37.064Z;desc=hit,rtt;dur=9
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 9263
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1eff7e01ef0aa6e1e88129b837ce5385
708844087e420d43d6b6cd94621f8d1d35036d44
28af039f41bd6a4f062c0d9e35f8438aaab63de8ea211d4801be0b1d44ee5269
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5511
Cache-Control: max-age=123355
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:37 GMT
Etag: "638dbba9-1d7"
Expires: Wed, 07 Dec 2022 11:08:32 GMT
Last-Modified: Mon, 05 Dec 2022 09:36:41 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
static.seekda.com/widgets/tracking-api/js/tracking-api.min.js?R9f343f5a1880f9815284e9ef9423a193ba6976d2
135.125.240.147200 OK 25 kB URL HTTP/2 static.seekda.com/widgets/tracking-api/js/tracking-api.min.js?R9f343f5a1880f9815284e9ef9423a193ba6976d2
IP 135.125.240.147:0
Hash d4d1e15824e9943c16705ec2ad0035ce
76c78fc43c5d66a631d56b87e2ba885cebde6c34
873621498499c2a9bfeb01b57cb4b3790421fabe2df3d961beb66926af9faa5c
GET /widgets/tracking-api/js/tracking-api.min.js?R9f343f5a1880f9815284e9ef9423a193ba6976d2 HTTP/1.1
Host: static.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:52:37 GMT
content-type: application/javascript
content-security-policy: block-all-mixed-content
etag: W/"3868633285d5ac63f9bd0ba84f051796"
last-modified: Thu, 13 Oct 2022 12:11:40 GMT
vary: Accept-Encoding, Origin, Accept-Encoding
x-amz-replication-status: COMPLETED
x-amz-request-id: 172E0E0C1DC767CB
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-version-id: 01da0275-ff14-45b1-acdb-50ac57ea90aa
content-encoding: gzip
strict-transport-security: max-age=15768000
server: Kognitiv
set-cookie: WEIU3SASDIO=5e586ba66df10c0; path=/; HttpOnly; Secure; SameSite=none
cache-control: max-age=43200, private
X-Firefox-Spdy: h2
static.sojern.com/utils/sjrn_autocx.js
35.244.188.9200 OK 5.7 kB URL HTTP/2 static.sojern.com/utils/sjrn_autocx.js
IP 35.244.188.9:0
File type ASCII text, with very long lines (452), with CRLF line terminators
Hash 678919a5ae4d9dff301b50a9a127783f
2b0e2f56c61bfbe161f3561f34887bea3fac4636
e8cae9236b198dae1d1430a4fa1a4a71c39b00567ac9ffa3d593ba9e07037170
GET /utils/sjrn_autocx.js HTTP/1.1
Host: static.sojern.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduZwOBQtBV04dNc-MPvZzt8E2bTrNK1Y9AOPhFBlaqb6JwK5cGEijsEG5p9PjfyFo4J91IiQtXHuhdCfjFpiOkB3w
x-goog-generation: 1669119938578616
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5668
x-goog-hash: crc32c=T/rddQ==, md5=Z4kZpa5Nnf8wG1CpoSd4Pw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 5668
server: UploadServer
date: Tue, 06 Dec 2022 00:06:22 GMT
expires: Tue, 06 Dec 2022 01:06:22 GMT
cache-control: public, max-age=3600
age: 2775
last-modified: Tue, 22 Nov 2022 12:25:38 GMT
etag: "678919a5ae4d9dff301b50a9a127783f"
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1eff7e01ef0aa6e1e88129b837ce5385
708844087e420d43d6b6cd94621f8d1d35036d44
28af039f41bd6a4f062c0d9e35f8438aaab63de8ea211d4801be0b1d44ee5269
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5511
Cache-Control: max-age=123355
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:37 GMT
Etag: "638dbba9-1d7"
Expires: Wed, 07 Dec 2022 11:08:32 GMT
Last-Modified: Mon, 05 Dec 2022 09:36:41 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
d2jtzd336hs8un.cloudfront.net/static/icons.css?checksum=10237f48c3fa09118c62aea0fad9d4f4
54.230.245.206200 OK 3.6 kB URL HTTP/2 d2jtzd336hs8un.cloudfront.net/static/icons.css?checksum=10237f48c3fa09118c62aea0fad9d4f4
IP 54.230.245.206:0
Hash 8666a87fb7a014bacae05270f978e410
c9c0f98a814edd77b8392fb9198619ca2acb370e
64231892ffe9c3e2279ef0c0ee645e89bd31b239a2cfb71b1f9ca45f494dfb01
GET /static/icons.css?checksum=10237f48c3fa09118c62aea0fad9d4f4 HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 03 May 2022 12:24:30 GMT
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=15768000
date: Mon, 05 Dec 2022 11:08:36 GMT
etag: W/"62711efe-4a0a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TxALiQ1QvFy-sqeRTZ7r9yaQDC4i8gcwpX77ZCI49befdw599Dx3xQ==
age: 49439
X-Firefox-Spdy: h2
hbe-api.kognitiv.com/offers
135.125.240.149200 OK 9.9 kB URL HTTP/2 hbe-api.kognitiv.com/offers
IP 135.125.240.149:0
Hash 4f9437124e0b0be1720a1e334e4e58d6
4ac90aa973728bc7b6c0383706b89e2f58b5397b
7e4475509ffa1e61d3e2d63e66250b93c34911621491d37d11f1ee68ff97ff59
POST /offers HTTP/1.1
Host: hbe-api.kognitiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 575
Origin: https://booking.greif.it
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://booking.greif.it
vary: Origin, Accept-Encoding
content-encoding: gzip
date: Tue, 06 Dec 2022 00:52:37 GMT
etag: W/"6356-ygoLgQbrjUT5u4MfE8Tz9u82ixE"
set-cookie: MGLH51CKJDVB=VEI1698VEKLN9; path=/; HttpOnly; Secure
X-Firefox-Spdy: h2
quality.seekda.com/events/ibe/pageReady?
135.125.240.141200 OK 0 B URL HTTP/2 quality.seekda.com/events/ibe/pageReady?
IP 135.125.240.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /events/ibe/pageReady? HTTP/1.1
Host: quality.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,content-type
Referer: https://booking.greif.it/
Origin: https://booking.greif.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://booking.greif.it
access-control-allow-methods: POST
access-control-allow-headers: cache-control, content-type
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-length: 0
date: Tue, 06 Dec 2022 00:52:37 GMT
strict-transport-security: max-age=15768000
set-cookie: VCSADDYFIHLUNGF=thei9zuS; path=/; HttpOnly; Secure; SameSite=none
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/pages/_app-064f454970a46d93.js
54.230.245.206200 OK 467 kB URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/pages/_app-064f454970a46d93.js
IP 54.230.245.206:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 467 kB (466689 bytes)
Hash da45c558aefb369f5448e6559b8167ec
fa5d2d16410884a527b803c38e1eca1ac8009413
19936b8bfc5ab81ce9c288e8aff5373dfc5ca3026508a1565ecb67903d37a229
GET /_next/static/chunks/pages/_app-064f454970a46d93.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 15:47:45 GMT
last-modified: Mon, 28 Nov 2022 15:47:13 GMT
etag: W/"6384d801-1b79e9"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zm_9iDgQAXXZFL2msO34WgrnZMeXyVbPKmfx2k2n6RD_-umkrWWjEg==
age: 637490
X-Firefox-Spdy: h2
quality.seekda.com/events/ibe/viewOffers?
135.125.240.141200 OK 0 B URL HTTP/2 quality.seekda.com/events/ibe/viewOffers?
IP 135.125.240.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /events/ibe/viewOffers? HTTP/1.1
Host: quality.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,content-type
Referer: https://booking.greif.it/
Origin: https://booking.greif.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://booking.greif.it
access-control-allow-methods: POST
access-control-allow-headers: cache-control, content-type
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-length: 0
date: Tue, 06 Dec 2022 00:52:37 GMT
strict-transport-security: max-age=15768000
set-cookie: VCSADDYFIHLUNGF=thei9zuS; path=/; HttpOnly; Secure; SameSite=none
X-Firefox-Spdy: h2
quality.seekda.com/events/ibe/searchBoxInit?
135.125.240.141200 OK 0 B URL HTTP/2 quality.seekda.com/events/ibe/searchBoxInit?
IP 135.125.240.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /events/ibe/searchBoxInit? HTTP/1.1
Host: quality.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,content-type
Referer: https://booking.greif.it/
Origin: https://booking.greif.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://booking.greif.it
access-control-allow-methods: POST
access-control-allow-headers: cache-control, content-type
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-length: 0
date: Tue, 06 Dec 2022 00:52:36 GMT
strict-transport-security: max-age=15768000
set-cookie: VCSADDYFIHLUNGF=cheiG8ch; path=/; HttpOnly; Secure; SameSite=none
X-Firefox-Spdy: h2
quality.seekda.com/events/ibe/viewTrustYouBadge?
135.125.240.141200 OK 0 B URL HTTP/2 quality.seekda.com/events/ibe/viewTrustYouBadge?
IP 135.125.240.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /events/ibe/viewTrustYouBadge? HTTP/1.1
Host: quality.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,content-type
Referer: https://booking.greif.it/
Origin: https://booking.greif.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://booking.greif.it
access-control-allow-methods: POST
access-control-allow-headers: cache-control, content-type
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-length: 0
date: Tue, 06 Dec 2022 00:52:37 GMT
strict-transport-security: max-age=15768000
set-cookie: VCSADDYFIHLUNGF=thei9zuS; path=/; HttpOnly; Secure; SameSite=none
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7642
Expires: Tue, 06 Dec 2022 02:59:59 GMT
Date: Tue, 06 Dec 2022 00:52:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2409529ecac5140de749d864da85af0d
99f431b4ca446996dbacb969440e2ecfb11fd9e0
81b379b16874d6644b0cf63e02c5174e44a40ab7cb4f4727bb96ad44bfcaa72f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6422
x-amzn-requestid: 6d0cc220-31bc-4815-ade5-7e3e5403f39f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cniYTGgRoAMF5lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c7dce-64fbea8330a62e4f741c0c4e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 11:00:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N7fC93hYwpQYwGJGvXGHf2Z-H0Ek0MvRQsvT1HJy5Q46BnLNGjidSQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 07:35:32 GMT
age: 62225
etag: "99f431b4ca446996dbacb969440e2ecfb11fd9e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5e953213b7b13b8ee202406147fac52
67a09d8cd23ed444667b225f7fbf4bb17b9f42dd
cf6b2502f0a992148f9401c16a329cae5a6c21fb81f03131f3e69c58bc608110
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15732
x-amzn-requestid: 7467ddb0-b9f9-47e9-ac31-c7599fe45698
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csVIIESBIAMFU6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e689a-79e3f8b66e1cf72f3283ac5b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:54:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3seQ7H4qrlKKpuIWUobiey92ZMkB4jWqd5v6T6379g0V0y6XdVFvWQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 9789
etag: "67a09d8cd23ed444667b225f7fbf4bb17b9f42dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hbe-api.kognitiv.com/channels/ibe/properties/IT_BOZEN_GREIF/offers-overview
135.125.240.149200 OK 9.4 kB URL HTTP/2 hbe-api.kognitiv.com/channels/ibe/properties/IT_BOZEN_GREIF/offers-overview
IP 135.125.240.149:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e11524d75503e35c404d6c9a12ac540
5626b75f5c2523f1a0fc301839a06a4e2407f106
d5eb74d026014c0a68893bde1107a9a111b1f0af835e28bb740308017ef80b7f
OPTIONS /channels/ibe/properties/IT_BOZEN_GREIF/offers-overview HTTP/1.1
Host: hbe-api.kognitiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://booking.greif.it/
Origin: https://booking.greif.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
status: 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://booking.greif.it
vary: Origin
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
date: Tue, 06 Dec 2022 00:52:37 GMT
set-cookie: MGLH51CKJDVB=VEI1698VEKLN9; path=/; HttpOnly; Secure
cache-control: private
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/webpack-af0fc1fb1b57cb39.js
54.230.245.206200 OK 9.5 kB URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/webpack-af0fc1fb1b57cb39.js
IP 54.230.245.206:0
Hash 65b95831bad8718d0aea10e92181cb97
0be3a8b5690a2a89e458959a2761c69bef530e91
90efbd84ef4899819195e3145544fedb83fa553dfe0bfd2a9cb27b6922b57a9c
GET /_next/static/chunks/webpack-af0fc1fb1b57cb39.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Tue, 03 May 2022 12:34:30 GMT
etag: W/"62712156-7ce"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iTykV6MmiE8OG0-fNoNideziAeKxWZ0Yu74_UZmBOo2vKlnvjO5aZA==
age: 1768712
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53afd826523f4c18bf968764818d7ca7
9a26884875abb0652c568c50438b65f801779f9a
4f9dfeda67a040fef9c6987a7c334a91c993c84f694fa91771fcf7fd1d2e4937
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12293
x-amzn-requestid: 49891ceb-3f74-4e83-8064-f54fc8b30961
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyGHPOIAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-651e4e0c55257bcc553cd176;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4f0QQ4-21m-DiP4oUtIG75_vremc835laqhfDerlqCuW-WyKClvc9Q==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:20 GMT
age: 10697
etag: "9a26884875abb0652c568c50438b65f801779f9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
res.cloudinary.com/seekda/image/upload/w_768,h_432,c_fill,f_auto,fl_lossy,q_auto/production/IT_BOZEN_GREIF/Comfort_Double_Room_Hotel_Greif_Bolzano_Bozen_AltoAdige_Suedtirol_Italy.jpg
151.101.129.137200 OK 13 kB URL HTTP/2 res.cloudinary.com/seekda/image/upload/w_768,h_432,c_fill,f_auto,fl_lossy,q_auto/production/IT_BOZEN_GREIF/Comfort_Double_Room_Hotel_Greif_Bolzano_Bozen_AltoAdige_Suedtirol_Italy.jpg
IP 151.101.129.137:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 768x432, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c47442f89796f76c6c245da33142e12c
015fcda2bf17bcf494a74a3b55d07952cbc5465c
9c968c0ea049fc537bc71d3dd8ff12f3e09833bbc0305343cf359cce9de0a32d
GET /seekda/image/upload/w_768,h_432,c_fill,f_auto,fl_lossy,q_auto/production/IT_BOZEN_GREIF/Comfort_Double_Room_Hotel_Greif_Bolzano_Bozen_AltoAdige_Suedtirol_Italy.jpg HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="Comfort_Double_Room_Hotel_Greif_Bolzano_Bozen_AltoAdige_Suedtirol_Italy.webp"
content-type: image/webp
etag: "c47442f89796f76c6c245da33142e12c"
last-modified: Thu, 10 Sep 2020 15:47:26 GMT
date: Tue, 06 Dec 2022 00:52:37 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=153;cpu=0;start=2022-12-06T00:52:37.719Z;desc=miss,rtt;dur=9,cloudinary;dur=59;start=2022-12-06T00:52:37.765Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 13312
X-Firefox-Spdy: h2
res.cloudinary.com/seekda/image/upload/w_768,h_432,c_fill,f_auto,fl_lossy,q_auto/production/IT_BOZEN_GREIF/Superior_Double_Room_Hotel_Greif_Bolzano_Bozen_AltoAdige_Suedtirol_Italy_2.jpg
151.101.129.137200 OK 26 kB URL HTTP/2 res.cloudinary.com/seekda/image/upload/w_768,h_432,c_fill,f_auto,fl_lossy,q_auto/production/IT_BOZEN_GREIF/Superior_Double_Room_Hotel_Greif_Bolzano_Bozen_AltoAdige_Suedtirol_Italy_2.jpg
IP 151.101.129.137:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 768x432, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e40c5b4523e4febd19e0b5e216b8c1be
c2a1d2550d5dd4c1c3a8014a205340f1ce3b9db4
175d8af5aa83f34331629f57d61e6c2f5da65d90a0903b46300304a00333d93a
GET /seekda/image/upload/w_768,h_432,c_fill,f_auto,fl_lossy,q_auto/production/IT_BOZEN_GREIF/Superior_Double_Room_Hotel_Greif_Bolzano_Bozen_AltoAdige_Suedtirol_Italy_2.jpg HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="Superior_Double_Room_Hotel_Greif_Bolzano_Bozen_AltoAdige_Suedtirol_Italy_2.webp"
content-type: image/webp
etag: "e40c5b4523e4febd19e0b5e216b8c1be"
last-modified: Sat, 05 Jun 2021 08:25:51 GMT
date: Tue, 06 Dec 2022 00:52:37 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=148;cpu=0;start=2022-12-06T00:52:37.728Z;desc=miss,rtt;dur=9,cloudinary;dur=55;start=2022-12-06T00:52:37.774Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 25796
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8450e32d-c4fa-4c40-82bc-1c36f479692e.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8450e32d-c4fa-4c40-82bc-1c36f479692e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd0fdca9dfb3e18fcbb5c89e12922da7
d8acf7053a01df2c503c734d52070ff4802d5a01
61e6235613c8ecda0321ecbe0870419bfa65cf3e44e3b85acd257f78725a6843
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8450e32d-c4fa-4c40-82bc-1c36f479692e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8978
x-amzn-requestid: 59cc852a-eb8c-45ab-a370-a176bffea0ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cqSrJGoaoAMF_jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d97e0-3760c58b6d2b7a6561541201;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 07:04:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7JodQ_7rkuySzNZtj0cThOwMxYT0BLrVbtivk6G_aWwEzbPk_5QcWA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 07:12:14 GMT
age: 63623
etag: "d8acf7053a01df2c503c734d52070ff4802d5a01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 295dda262db853462ad981446bf1072a
1ee82052a82f0136013a09558fe41661223c7db3
706f5dfa12ede7846186a4a825d13ba266644894d9bf1b9c8751a1435875c9ef
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 06 Dec 2022 00:52:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 05 Dec 2022 19:45:32 GMT
Expires: Tue, 06 Dec 2022 19:45:32 GMT
ETag: "1ee82052a82f0136013a09558fe41661223c7db3"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/main-1f7489bfb2b58832.js
54.230.245.206200 OK 45 kB URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/main-1f7489bfb2b58832.js
IP 54.230.245.206:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e71af822dd463fd63067f9f87d5076de
261fca6cd87c0ed9732a2688bb1847cf8fc81a2b
cf4c7a2e5795a43818dc1f403c1a976b893563b10c2c902b3b10b59e19c4930f
GET /_next/static/chunks/main-1f7489bfb2b58832.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Tue, 27 Sep 2022 13:45:30 GMT
etag: W/"6332fe7a-23bda"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gbkQtMLl5bkCcVExU_2WqXpHCHMcPoyVJ-T_S-liKmfwdNmaXbCouA==
age: 1768712
X-Firefox-Spdy: h2
booking.greif.it/static/trust-you-bubbles.svg
135.125.240.140200 OK 368 B URL HTTP/2 booking.greif.it/static/trust-you-bubbles.svg
IP 135.125.240.140:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash b790689f40532c460fdf8ae0fd23ae53
8ebf475e7ee62602d34c656f6297201cc39fbc5c
fa446de041d2ad8712d9517fd0042b15e74886046b591a999d70e9815133cc0b
Analyzer Verdict Alert fortinet Phishing
GET /static/trust-you-bubbles.svg HTTP/1.1
Host: booking.greif.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/?activeBookingEngine=KBE&propertyCode=IT_BOZEN_GREIF&skd-checkin=2022-12-06&skd-checkout=2022-12-07&skd-property-code=IT_BOZEN_GREIF
Cookie: BF_QUERYPARAMS={%22skd-checkin%22:%222022-12-06%22%2C%22skd-checkout%22:%222022-12-07%22%2C%22skd-property-code%22:%22IT_BOZEN_GREIF%22}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:52:38 GMT
content-type: image/svg+xml
content-length: 368
last-modified: Tue, 03 May 2022 12:24:30 GMT
etag: "62711efe-170"
access-control-allow-origin: *
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
beacon.sojern.com/pixel/p/242425?f_v=v6_js&p_v=1&id=242425&cid=&f_v=v6_js&p_v=1&version=2&ws=1280x939&hd1=2022-12-06&hd2=2022-12-07&hc1=Bolzano&hs1=IT&hn1=Italy&hpr=Hotel%20Grief&hr=1&t=2&hcu=EUR&vid=hot&et=hc&domain=https%3A%2F%2Fbooking.greif.it%2F%3FactiveBookingEngine%3DKBE%26propertyCode%3DIT_BOZEN_GREIF%26skd-checkin%3D2022-12-06%26skd-checkout%3D2022-12-07%26skd-property-code%3DIT_BOZEN_GREIF&s=ccid_auto&ccid=hw2t6-mwfjb-7g2sm-0bmau-ndk4l
107.178.244.119200 OK 1.6 kB URL HTTP/2 beacon.sojern.com/pixel/p/242425?f_v=v6_js&p_v=1&id=242425&cid=&f_v=v6_js&p_v=1&version=2&ws=1280x939&hd1=2022-12-06&hd2=2022-12-07&hc1=Bolzano&hs1=IT&hn1=Italy&hpr=Hotel%20Grief&hr=1&t=2&hcu=EUR&vid=hot&et=hc&domain=https%3A%2F%2Fbooking.greif.it%2F%3FactiveBookingEngine%3DKBE%26propertyCode%3DIT_BOZEN_GREIF%26skd-checkin%3D2022-12-06%26skd-checkout%3D2022-12-07%26skd-property-code%3DIT_BOZEN_GREIF&s=ccid_auto&ccid=hw2t6-mwfjb-7g2sm-0bmau-ndk4l
IP 107.178.244.119:0
File type ASCII text, with very long lines (535)
Hash fee861348a355c612e99512e1668a9b5
fd87cb8c8e2e694f8df8493f50ce4293f1057a46
84f1318ff751ed5c79619401b73127e818472dfc8a4299f8b847f014d2fc120a
GET /pixel/p/242425?f_v=v6_js&p_v=1&id=242425&cid=&f_v=v6_js&p_v=1&version=2&ws=1280x939&hd1=2022-12-06&hd2=2022-12-07&hc1=Bolzano&hs1=IT&hn1=Italy&hpr=Hotel%20Grief&hr=1&t=2&hcu=EUR&vid=hot&et=hc&domain=https%3A%2F%2Fbooking.greif.it%2F%3FactiveBookingEngine%3DKBE%26propertyCode%3DIT_BOZEN_GREIF%26skd-checkin%3D2022-12-06%26skd-checkout%3D2022-12-07%26skd-property-code%3DIT_BOZEN_GREIF&s=ccid_auto&ccid=hw2t6-mwfjb-7g2sm-0bmau-ndk4l HTTP/1.1
Host: beacon.sojern.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
set-cookie: cid=47a3bc19-9ba5-349c-b09e-f472b1884cdf#1670889600000; Path=/; Domain=sojern.com; Max-Age=31536000; Secure; SameSite=None
dc-adv=%5B%7B%22dc%22%3A%22Bolzano%22%2C%22dr%22%3A%221%22%2C%22dt%22%3A%222022-12-06%22%2C%22et%22%3A%22hc%22%2C%22nt%22%3A%222%22%2C%22pn%22%3A%22Hotel+Grief%22%2C%22rt%22%3A%222022-12-07%22%7D%5D; Path=/; Domain=sojern.com; Max-Age=31536000; Secure; SameSite=None
vary: Accept-Encoding
date: Tue, 06 Dec 2022 00:52:38 GMT
content-length: 1641
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3753
Cache-Control: max-age=138531
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:38 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 15:21:29 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Z68x1/7K8KdGs+JSgIcxbf3i6sa3//A1fcThpianYIwgb5ebybGyLPYarpK8cNLePGIZsISJeceXDbnszhei6g==
content-length: 27340
x-fb-trip-id: 1679558926
date: Tue, 06 Dec 2022 00:52:38 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b4c9bc834e851e84ac0f779a505ac0c6
f9746f1a2d68290ba8ba920ec78ecf1602f11eac
a3d9e104fbe02e14a43829a34689265973087658cbb9e7430ab03ed257b6e83f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
13.107.21.200200 OK 12 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=0DAF8DCDD40567F634F09FBFD5526637; domain=.bing.com; expires=Sun, 31-Dec-2023 00:52:38 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A3EF350924434C61A486AD77FB44E948 Ref B: OSL30EDGE0311 Ref C: 2022-12-06T00:52:38Z
date: Tue, 06 Dec 2022 00:52:37 GMT
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 7acb86d963c08c691edc30744be648af
d2d8b763b4036d65307734326842c4525b669c0e
8335a709980e10a78417c43375de9f2eea916c8b16687f79cfb28267beee6323
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 00:52:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 09 Dec 2022 21:51:50 GMT
ETag: "d2d8b763b4036d65307734326842c4525b669c0e"
Last-Modified: Mon, 05 Dec 2022 21:51:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2373
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77510a3c0ce70afe-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3753
Cache-Control: max-age=138531
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:38 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 15:21:29 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ad.doubleclick.net/ddm/activity/src=9762535;type=searc0;cat=hotel0;qty=1;cost=0;u1=;u4=2022-12-06;u5=2022-12-07;u10=Bolzano;u11=Italy;u12=1;u13=IT;u16=;u19=;u20=Hotel%2BGrief;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID
216.58.207.230302 Found 0 B URL HTTP/2 ad.doubleclick.net/ddm/activity/src=9762535;type=searc0;cat=hotel0;qty=1;cost=0;u1=;u4=2022-12-06;u5=2022-12-07;u10=Bolzano;u11=Italy;u12=1;u13=IT;u16=;u19=;u20=Hotel%2BGrief;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID
IP 216.58.207.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/activity/src=9762535;type=searc0;cat=hotel0;qty=1;cost=0;u1=;u4=2022-12-06;u5=2022-12-07;u10=Bolzano;u11=Italy;u12=1;u13=IT;u16=;u19=;u20=Hotel%2BGrief;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:52:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=9762535;type=searc0;cat=hotel0;qty=1;cost=0;u1=;u4=2022-12-06;u5=2022-12-07;u10=Bolzano;u11=Italy;u12=1;u13=IT;u16=;u19=;u20=Hotel%2BGrief;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID;~oref=https://static.sojern.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 01:07:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_hm=R6O8GZulNJywnvRysYhM3w&google_nid=sojern_adh
142.250.74.162302 Found 305 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_hm=R6O8GZulNJywnvRysYhM3w&google_nid=sojern_adh
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 8c00f2ed33a8564f178764a9db99fe2f
af383e63c6c74b16a075bcaa24753a4592363105
51d6e0c8415f054b082587487542c87a35ab67fe48de677df8c42c070f67d123
GET /pixel?google_hm=R6O8GZulNJywnvRysYhM3w&google_nid=sojern_adh HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_hm=R6O8GZulNJywnvRysYhM3w&google_nid=sojern_adh&google_tc=
date: Tue, 06 Dec 2022 00:52:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 305
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 01:07:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hbe-api.kognitiv.com/unavailable-days
135.125.240.149200 OK 154 B URL HTTP/2 hbe-api.kognitiv.com/unavailable-days
IP 135.125.240.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b20c989b832382394206ab7923b0d8e3
df927406a8d2c0ec23b9ac3314f4cd7a6d6ab01c
eba83218a09d42c9e84b9990fed9ffe6ba7757b216c17982d7e8e3e342f88ea8
POST /unavailable-days HTTP/1.1
Host: hbe-api.kognitiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 68
Origin: https://booking.greif.it
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://booking.greif.it
vary: Accept-Encoding, Origin, Accept-Encoding
date: Tue, 06 Dec 2022 00:52:37 GMT
etag: W/"123-lMQek3q5yqzkwm4KwvUz1KBSHq0"
content-encoding: gzip
set-cookie: MGLH51CKJDVB=HBE7KSGFADL4; path=/; HttpOnly; Secure
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=23524469&t=1
37.252.171.149307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=23524469&t=1
IP 37.252.171.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=23524469&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 06 Dec 2022 00:52:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23524469%26t%3D1
AN-X-Request-Uuid: dad98692-420d-4dfa-a74d-4b864d4e1844
Set-Cookie: uuid2=8047987184141245930; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 06-Mar-2023 00:52:38 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
cm.g.doubleclick.net/pixel?google_cm=true&google_hm=R6O8GZulNJywnvRysYhM3w&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0OOuRMV3zxDzHqH-OjDW21EPTiyVDxvAXty0RQ1UFHkQE3wO4h0B9WIptLOkqWYI&sjrn_ula=878065717
142.250.74.162302 Found 461 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_cm=true&google_hm=R6O8GZulNJywnvRysYhM3w&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0OOuRMV3zxDzHqH-OjDW21EPTiyVDxvAXty0RQ1UFHkQE3wO4h0B9WIptLOkqWYI&sjrn_ula=878065717
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash a8fb144bb534dfea9075b5eb8f9475ed
a8b89bc6ec41987d60018ccf6c95093922025c9e
be459f677704aaf6d9fe875595d677b370e612c37ab13ce53ed74606afa1ed1b
GET /pixel?google_cm=true&google_hm=R6O8GZulNJywnvRysYhM3w&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0OOuRMV3zxDzHqH-OjDW21EPTiyVDxvAXty0RQ1UFHkQE3wO4h0B9WIptLOkqWYI&sjrn_ula=878065717 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=R6O8GZulNJywnvRysYhM3w&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0OOuRMV3zxDzHqH-OjDW21EPTiyVDxvAXty0RQ1UFHkQE3wO4h0B9WIptLOkqWYI&sjrn_ula=878065717&google_tc=
date: Tue, 06 Dec 2022 00:52:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 461
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 01:07:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=0OOuRMV3zxDzHqH-OjDW21EPTiyVDxvAXty0RQ1UFHkQE3wO4h0B9WIptLOkqWYI
37.252.172.123307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=0OOuRMV3zxDzHqH-OjDW21EPTiyVDxvAXty0RQ1UFHkQE3wO4h0B9WIptLOkqWYI
IP 37.252.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=0OOuRMV3zxDzHqH-OjDW21EPTiyVDxvAXty0RQ1UFHkQE3wO4h0B9WIptLOkqWYI HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 06 Dec 2022 00:52:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D0OOuRMV3zxDzHqH-OjDW21EPTiyVDxvAXty0RQ1UFHkQE3wO4h0B9WIptLOkqWYI
AN-X-Request-Uuid: 46376234-095d-46d4-b831-473ab767d449
Set-Cookie: uuid2=5680572471612374553; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 06-Mar-2023 00:52:38 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
googleads.g.doubleclick.net/pagead/viewthroughconversion/692741676/?random=1670287955570&cv=11&fst=1670287955570&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot&ref=https%3A%2F%2Fbooking.greif.it%2F&tiba=Standard%20Pixel&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.66200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/692741676/?random=1670287955570&cv=11&fst=1670287955570&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot&ref=https%3A%2F%2Fbooking.greif.it%2F&tiba=Standard%20Pixel&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (3155), with no line terminators
Hash 1a1ed06fb004bed8394ac19f6af4b93d
7a3cbe584d2447d0d9ee561f42c45321667c9c5e
d79f93c7c3cc090a751871cc53a6b6d7101659945e6582bd01e5d39a58805ba3
GET /pagead/viewthroughconversion/692741676/?random=1670287955570&cv=11&fst=1670287955570&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot&ref=https%3A%2F%2Fbooking.greif.it%2F&tiba=Standard%20Pixel&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:52:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1201
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 01:07:38 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=0OOuRMV3zxDzHqH-OjDW21EPTiyVDxvAXty0RQ1UFHkQE3wO4h0B9WIptLOkqWYI&ttd_tpi=1
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=0OOuRMV3zxDzHqH-OjDW21EPTiyVDxvAXty0RQ1UFHkQE3wO4h0B9WIptLOkqWYI&ttd_tpi=1
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=0OOuRMV3zxDzHqH-OjDW21EPTiyVDxvAXty0RQ1UFHkQE3wO4h0B9WIptLOkqWYI&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:52:38 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fpx%3Fid%3D1365701%26t%3D1
37.252.171.149200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fpx%3Fid%3D1365701%26t%3D1
IP 37.252.171.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fpx%3Fid%3D1365701%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.sojern.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 06 Dec 2022 00:52:38 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 67b11912-f5f9-4811-a095-9ad3dee3887c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23524469%26t%3D1
37.252.171.149200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23524469%26t%3D1
IP 37.252.171.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fseg%3Fadd%3D23524469%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.sojern.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 06 Dec 2022 00:52:38 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: e310f7a3-e377-4fcb-bede-367467745ed1
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVMoLlqP!]tbP6j2F-XstGt!@Dkd$ru^7; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 06-Mar-2023 00:52:38 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
cm.g.doubleclick.net/pixel?google_hm=R6O8GZulNJywnvRysYhM3w&google_nid=sojern_adh&google_tc=
142.250.74.162302 Found 247 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_hm=R6O8GZulNJywnvRysYhM3w&google_nid=sojern_adh&google_tc=
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 6663c4e96572aa227be6da6b6c13cc8f
f502f1eb980f339b01f00bea96d61c1ed1fddf25
2047fa6b2f448fe92c1ba8527f3e3a549ab8ae35f7a7bd9ce380aba58134d759
GET /pixel?google_hm=R6O8GZulNJywnvRysYhM3w&google_nid=sojern_adh&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.sojern.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://pixel.sojern.com/idsync/adh?google_error=3
date: Tue, 06 Dec 2022 00:52:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 247
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=17164773&Ver=2&mid=4beb80a5-3325-4a75-8744-6e183ede718b&msclkid=N&ec=remarketing&ea=search&sw=1280&sh=1024&sc=24&evt=custom&ifm=1&rn=734456
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=17164773&Ver=2&mid=4beb80a5-3325-4a75-8744-6e183ede718b&msclkid=N&ec=remarketing&ea=search&sw=1280&sh=1024&sc=24&evt=custom&ifm=1&rn=734456
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=17164773&Ver=2&mid=4beb80a5-3325-4a75-8744-6e183ede718b&msclkid=N&ec=remarketing&ea=search&sw=1280&sh=1024&sc=24&evt=custom&ifm=1&rn=734456 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3E20F977552169462CFEEB0554766886; domain=.bing.com; expires=Sun, 31-Dec-2023 00:52:38 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E581F14EA8E14291A29943EE77E2C6A8 Ref B: OSL30EDGE0311 Ref C: 2022-12-06T00:52:38Z
date: Tue, 06 Dec 2022 00:52:37 GMT
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/692741676/?random=1670287955586&cv=11&fst=1670287955586&fmt=3&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&label=kjq6CIDK9rQBEKzMqcoC&hn=www.google.com&frm=2&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot&ref=https%3A%2F%2Fbooking.greif.it%2F&tiba=Standard%20Pixel>m_ee=1&data=event%3Dconversion&gcp=1&ct_cookie_present=1
142.250.74.66200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/692741676/?random=1670287955586&cv=11&fst=1670287955586&fmt=3&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&label=kjq6CIDK9rQBEKzMqcoC&hn=www.google.com&frm=2&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot&ref=https%3A%2F%2Fbooking.greif.it%2F&tiba=Standard%20Pixel>m_ee=1&data=event%3Dconversion&gcp=1&ct_cookie_present=1
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/692741676/?random=1670287955586&cv=11&fst=1670287955586&fmt=3&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&label=kjq6CIDK9rQBEKzMqcoC&hn=www.google.com&frm=2&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot&ref=https%3A%2F%2Fbooking.greif.it%2F&tiba=Standard%20Pixel>m_ee=1&data=event%3Dconversion&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:52:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 01:07:38 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b4c9bc834e851e84ac0f779a505ac0c6
f9746f1a2d68290ba8ba920ec78ecf1602f11eac
a3d9e104fbe02e14a43829a34689265973087658cbb9e7430ab03ed257b6e83f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/action/0?ti=17164773&Ver=2&mid=4beb80a5-3325-4a75-8744-6e183ede718b&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Standard%20Pixel&p=https%3A%2F%2Fbooking.greif.it%2F&r=<=222&evt=pageLoad&ifm=1&sv=1&rn=318378
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=17164773&Ver=2&mid=4beb80a5-3325-4a75-8744-6e183ede718b&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Standard%20Pixel&p=https%3A%2F%2Fbooking.greif.it%2F&r=<=222&evt=pageLoad&ifm=1&sv=1&rn=318378
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=17164773&Ver=2&mid=4beb80a5-3325-4a75-8744-6e183ede718b&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Standard%20Pixel&p=https%3A%2F%2Fbooking.greif.it%2F&r=<=222&evt=pageLoad&ifm=1&sv=1&rn=318378 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1742B8502D31676136B9AA222C6666E1; domain=.bing.com; expires=Sun, 31-Dec-2023 00:52:38 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 975C8F475B9E4A179C1F3646BC73F3F3 Ref B: OSL30EDGE0311 Ref C: 2022-12-06T00:52:38Z
date: Tue, 06 Dec 2022 00:52:37 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-conversion/692741676/?random=1670287955586&cv=11&fst=1670287955586&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&label=kjq6CIDK9rQBEKzMqcoC&hn=www.google.com&frm=2&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot&ref=https%3A%2F%2Fbooking.greif.it%2F&tiba=Standard%20Pixel>m_ee=1&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.132302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/692741676/?random=1670287955586&cv=11&fst=1670287955586&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&label=kjq6CIDK9rQBEKzMqcoC&hn=www.google.com&frm=2&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot&ref=https%3A%2F%2Fbooking.greif.it%2F&tiba=Standard%20Pixel>m_ee=1&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.132:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/692741676/?random=1670287955586&cv=11&fst=1670287955586&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&label=kjq6CIDK9rQBEKzMqcoC&hn=www.google.com&frm=2&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot&ref=https%3A%2F%2Fbooking.greif.it%2F&tiba=Standard%20Pixel>m_ee=1&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:52:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/692741676/?random=1670287955586&cv=11&fst=1670287955586&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&label=kjq6CIDK9rQBEKzMqcoC&hn=www.google.com&frm=2&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot&ref=https%3A%2F%2Fbooking.greif.it%2F&tiba=Standard%20Pixel>m_ee=1&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_cm=true&google_hm=R6O8GZulNJywnvRysYhM3w&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0OOuRMV3zxDzHqH-OjDW21EPTiyVDxvAXty0RQ1UFHkQE3wO4h0B9WIptLOkqWYI&sjrn_ula=878065717&google_tc=
142.250.74.162302 Found 370 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_cm=true&google_hm=R6O8GZulNJywnvRysYhM3w&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0OOuRMV3zxDzHqH-OjDW21EPTiyVDxvAXty0RQ1UFHkQE3wO4h0B9WIptLOkqWYI&sjrn_ula=878065717&google_tc=
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 92ba641618507138acecf232b31a441f
21e9884b78a5d978655be139ece7996d1369919f
f66d6ce5b416db7ee0269159d6d3cfab9ea67a1206c88fed1a6b8fd2cb43c32f
GET /pixel?google_cm=true&google_hm=R6O8GZulNJywnvRysYhM3w&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0OOuRMV3zxDzHqH-OjDW21EPTiyVDxvAXty0RQ1UFHkQE3wO4h0B9WIptLOkqWYI&sjrn_ula=878065717&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.sojern.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=0OOuRMV3zxDzHqH-OjDW21EPTiyVDxvAXty0RQ1UFHkQE3wO4h0B9WIptLOkqWYI&sjrn_ula=878065717&google_error=3
date: Tue, 06 Dec 2022 00:52:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 370
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D0OOuRMV3zxDzHqH-OjDW21EPTiyVDxvAXty0RQ1UFHkQE3wO4h0B9WIptLOkqWYI
37.252.172.123302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D0OOuRMV3zxDzHqH-OjDW21EPTiyVDxvAXty0RQ1UFHkQE3wO4h0B9WIptLOkqWYI
IP 37.252.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D0OOuRMV3zxDzHqH-OjDW21EPTiyVDxvAXty0RQ1UFHkQE3wO4h0B9WIptLOkqWYI HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.sojern.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Tue, 06 Dec 2022 00:52:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://pixel.sojern.com/idsync/apn?id=0&sjrn_id=0OOuRMV3zxDzHqH-OjDW21EPTiyVDxvAXty0RQ1UFHkQE3wO4h0B9WIptLOkqWYI
AN-X-Request-Uuid: a85a40b0-1208-4925-8509-5b356b02a6ec
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/692741676/?random=1670287955570&cv=11&fst=1670284800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=2&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot&ref=https%3A%2F%2Fbooking.greif.it%2F&tiba=Standard%20Pixel&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2733352763&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/692741676/?random=1670287955570&cv=11&fst=1670284800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=2&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot&ref=https%3A%2F%2Fbooking.greif.it%2F&tiba=Standard%20Pixel&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2733352763&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/692741676/?random=1670287955570&cv=11&fst=1670284800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=2&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot&ref=https%3A%2F%2Fbooking.greif.it%2F&tiba=Standard%20Pixel&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2733352763&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:52:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/17164773.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/17164773.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/17164773.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=298EE28418D9634600F4F0F6198E6271; domain=.bing.com; expires=Sun, 31-Dec-2023 00:52:38 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4D638A9BD5914CF2B9D50A993738F625 Ref B: OSL30EDGE0311 Ref C: 2022-12-06T00:52:38Z
date: Tue, 06 Dec 2022 00:52:38 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/p/src=9762535;type=searc0;cat=hotel0;qty=1;cost=0;u1=;u4=2022-12-06;u5=2022-12-07;u10=Bolzano;u11=Italy;u12=1;u13=IT;u16=;u19=;u20=Hotel%2BGrief;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID;~oref=https://static.sojern.com/
142.250.74.162302 Found 0 B URL HTTP/2 adservice.google.com/ddm/fls/p/src=9762535;type=searc0;cat=hotel0;qty=1;cost=0;u1=;u4=2022-12-06;u5=2022-12-07;u10=Bolzano;u11=Italy;u12=1;u13=IT;u16=;u19=;u20=Hotel%2BGrief;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID;~oref=https://static.sojern.com/
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/p/src=9762535;type=searc0;cat=hotel0;qty=1;cost=0;u1=;u4=2022-12-06;u5=2022-12-07;u10=Bolzano;u11=Italy;u12=1;u13=IT;u16=;u19=;u20=Hotel%2BGrief;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID;~oref=https://static.sojern.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.sojern.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:52:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.no/ddm/fls/p/src=9762535;type=searc0;cat=hotel0;qty=1;cost=0;u1=;u4=2022-12-06;u5=2022-12-07;u10=Bolzano;u11=Italy;u12=1;u13=IT;u16=;u19=;u20=Hotel%2BGrief;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID;~oref=https://static.sojern.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/692741676/?random=1670287955570&cv=11&fst=1670284800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=2&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot&ref=https%3A%2F%2Fbooking.greif.it%2F&tiba=Standard%20Pixel&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2733352763&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/692741676/?random=1670287955570&cv=11&fst=1670284800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=2&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot&ref=https%3A%2F%2Fbooking.greif.it%2F&tiba=Standard%20Pixel&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2733352763&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/692741676/?random=1670287955570&cv=11&fst=1670284800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=2&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot&ref=https%3A%2F%2Fbooking.greif.it%2F&tiba=Standard%20Pixel&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2733352763&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:52:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/692741676/?random=1670287955586&cv=11&fst=1670287955586&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&label=kjq6CIDK9rQBEKzMqcoC&hn=www.google.com&frm=2&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot&ref=https%3A%2F%2Fbooking.greif.it%2F&tiba=Standard%20Pixel>m_ee=1&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.163200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/692741676/?random=1670287955586&cv=11&fst=1670287955586&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&label=kjq6CIDK9rQBEKzMqcoC&hn=www.google.com&frm=2&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot&ref=https%3A%2F%2Fbooking.greif.it%2F&tiba=Standard%20Pixel>m_ee=1&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.163:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/692741676/?random=1670287955586&cv=11&fst=1670287955586&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&label=kjq6CIDK9rQBEKzMqcoC&hn=www.google.com&frm=2&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot&ref=https%3A%2F%2Fbooking.greif.it%2F&tiba=Standard%20Pixel>m_ee=1&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.sojern.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:52:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:52:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/p/src=9762535;type=searc0;cat=hotel0;qty=1;cost=0;u1=;u4=2022-12-06;u5=2022-12-07;u10=Bolzano;u11=Italy;u12=1;u13=IT;u16=;u19=;u20=Hotel%2BGrief;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID;~oref=https://static.sojern.com/
142.250.74.162200 OK 42 B URL HTTP/2 adservice.google.no/ddm/fls/p/src=9762535;type=searc0;cat=hotel0;qty=1;cost=0;u1=;u4=2022-12-06;u5=2022-12-07;u10=Bolzano;u11=Italy;u12=1;u13=IT;u16=;u19=;u20=Hotel%2BGrief;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID;~oref=https://static.sojern.com/
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/fls/p/src=9762535;type=searc0;cat=hotel0;qty=1;cost=0;u1=;u4=2022-12-06;u5=2022-12-07;u10=Bolzano;u11=Italy;u12=1;u13=IT;u16=;u19=;u20=Hotel%2BGrief;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID;~oref=https://static.sojern.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.sojern.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:52:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apm-server.seekda.com/intake/v2/rum/events
135.125.240.139200 OK 0 B URL HTTP/2 apm-server.seekda.com/intake/v2/rum/events
IP 135.125.240.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /intake/v2/rum/events HTTP/1.1
Host: apm-server.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://booking.greif.it/
Origin: https://booking.greif.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Content-Type, Content-Encoding, Accept
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://booking.greif.it
access-control-expose-headers: Etag
access-control-max-age: 3600
content-length: 0
vary: Origin
x-content-type-options: nosniff
date: Tue, 06 Dec 2022 00:52:38 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=464797164147756&ev=PageView&dl=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot%26et%3Dvpr%26cid%3D&rl=https%3A%2F%2Fbooking.greif.it%2F&if=true&ts=1670287955938&sw=1280&sh=1024&v=2.9.89&r=stable&a=trplsojern&ec=0&o=30&it=1670287955601&coo=false&tm=1&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=464797164147756&ev=PageView&dl=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot%26et%3Dvpr%26cid%3D&rl=https%3A%2F%2Fbooking.greif.it%2F&if=true&ts=1670287955938&sw=1280&sh=1024&v=2.9.89&r=stable&a=trplsojern&ec=0&o=30&it=1670287955601&coo=false&tm=1&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=464797164147756&ev=PageView&dl=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot%26et%3Dvpr%26cid%3D&rl=https%3A%2F%2Fbooking.greif.it%2F&if=true&ts=1670287955938&sw=1280&sh=1024&v=2.9.89&r=stable&a=trplsojern&ec=0&o=30&it=1670287955601&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 06 Dec 2022 00:52:38 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=464797164147756&ev=Search&dl=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot%26et%3Dvpr%26cid%3D&rl=https%3A%2F%2Fbooking.greif.it%2F&if=true&ts=1670287955947&cd[content_type]=hotel&cd[checkin_date]=2022-12-06&cd[checkout_date]=2022-12-07&cd[city]=Bolzano&cd[region]=IT&cd[country]=Italy&cd[custom_param13]=Hotel%252BGrief&cd[custom_param7]=1&sw=1280&sh=1024&v=2.9.89&r=stable&a=trplsojern&ec=1&o=30&it=1670287955601&coo=false&tm=1&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=464797164147756&ev=Search&dl=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot%26et%3Dvpr%26cid%3D&rl=https%3A%2F%2Fbooking.greif.it%2F&if=true&ts=1670287955947&cd[content_type]=hotel&cd[checkin_date]=2022-12-06&cd[checkout_date]=2022-12-07&cd[city]=Bolzano&cd[region]=IT&cd[country]=Italy&cd[custom_param13]=Hotel%252BGrief&cd[custom_param7]=1&sw=1280&sh=1024&v=2.9.89&r=stable&a=trplsojern&ec=1&o=30&it=1670287955601&coo=false&tm=1&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=464797164147756&ev=Search&dl=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D242425%26f_v%3Dv6_js%26p_v%3D1%26version%3D2%26auto_url%3Dhttps%253A%252F%252Fbooking.greif.it%252F%253FactiveBookingEngine%253DKBE%2526propertyCode%253DIT_BOZEN_GREIF%2526skd-checkin%253D2022-12-06%2526skd-checkout%253D2022-12-07%2526skd-property-code%253DIT_BOZEN_GREIF%26auto_ccid%3Dhw2t6-mwfjb-7g2sm-0bmau-ndk4l%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1280x939%26hd1%3D2022-12-06%26hd2%3D2022-12-07%26hc1%3DBolzano%26hs1%3DIT%26hn1%3DItaly%26hpr%3DHotel%2520Grief%26hr%3D1%26hpid%3Dundefined%26t%3D2%26hcu%3DEUR%26vid%3Dhot%26et%3Dvpr%26cid%3D&rl=https%3A%2F%2Fbooking.greif.it%2F&if=true&ts=1670287955947&cd[content_type]=hotel&cd[checkin_date]=2022-12-06&cd[checkout_date]=2022-12-07&cd[city]=Bolzano&cd[region]=IT&cd[country]=Italy&cd[custom_param13]=Hotel%252BGrief&cd[custom_param7]=1&sw=1280&sh=1024&v=2.9.89&r=stable&a=trplsojern&ec=1&o=30&it=1670287955601&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 06 Dec 2022 00:52:38 GMT
X-Firefox-Spdy: h2
apm-server.seekda.com/intake/v2/rum/events
135.125.240.139202 Accepted 0 B URL HTTP/2 apm-server.seekda.com/intake/v2/rum/events
IP 135.125.240.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /intake/v2/rum/events HTTP/1.1
Host: apm-server.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-ndjson
Content-Length: 41655
Origin: https://booking.greif.it
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
access-control-allow-origin: https://booking.greif.it
x-content-type-options: nosniff
date: Tue, 06 Dec 2022 00:52:38 GMT
content-length: 0
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
quality.seekda.com/events/ibe/pageLeave?
135.125.240.141200 OK 0 B URL HTTP/2 quality.seekda.com/events/ibe/pageLeave?
IP 135.125.240.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /events/ibe/pageLeave? HTTP/1.1
Host: quality.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,content-type
Referer: https://booking.greif.it/
Origin: https://booking.greif.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://booking.greif.it
access-control-allow-methods: POST
access-control-allow-headers: cache-control, content-type
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-length: 0
date: Tue, 06 Dec 2022 00:52:43 GMT
strict-transport-security: max-age=15768000
set-cookie: VCSADDYFIHLUNGF=thei9zuS; path=/; HttpOnly; Secure; SameSite=none
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/333-f51e7b20f7750937.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/333-f51e7b20f7750937.js
IP 54.230.245.206:0
GET /_next/static/chunks/333-f51e7b20f7750937.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 15:47:45 GMT
last-modified: Mon, 28 Nov 2022 15:47:03 GMT
etag: W/"6384d7f7-324cb"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KzTM0_ndphGxKpyaQ8xgcHT511_B2S-IIWTR-Qp5Iiz2z0DOB0aFsg==
age: 637490
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-rum.umd.min.js?checksum=e93c8d4d150530d83ee4ee385157b262
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-rum.umd.min.js?checksum=e93c8d4d150530d83ee4ee385157b262
IP 54.230.245.206:0
GET /static/scripts/elastic-apm-rum.umd.min.js?checksum=e93c8d4d150530d83ee4ee385157b262 HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 05 Dec 2022 04:30:49 GMT
last-modified: Wed, 11 May 2022 16:35:20 GMT
etag: W/"627be5c8-f0b3"
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=15768000
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zmd2C4M4_yFD-QMMD6eDopbE4vr5Iu68vcdDnaAmJmsLN24z432HiQ==
age: 73306
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/55ba302e-56c033a647309a77.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/55ba302e-56c033a647309a77.js
IP 54.230.245.206:0
GET /_next/static/chunks/55ba302e-56c033a647309a77.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Mon, 14 Nov 2022 12:48:16 GMT
etag: W/"63723910-100e3"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p2AziydPgLDfFpBcZ17rNWRgObSqdiesrjgi2YvpwZ1CAcNGak0kvw==
age: 1768712
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/648-b7d007e5ee685d28.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/648-b7d007e5ee685d28.js
IP 54.230.245.206:0
GET /_next/static/chunks/648-b7d007e5ee685d28.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 15:47:45 GMT
last-modified: Mon, 28 Nov 2022 15:47:03 GMT
etag: W/"6384d7f7-3b3e0"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VDa3MyTEzfGlv9ls4-YbkFLDh1O-mWd1BMu0u-lHm3uEOd2c29tVLw==
age: 637490
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/914-7d07b1ef6b622c87.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/914-7d07b1ef6b622c87.js
IP 54.230.245.206:0
GET /_next/static/chunks/914-7d07b1ef6b622c87.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Thu, 27 Oct 2022 11:02:24 GMT
etag: W/"635a6540-107e2"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T-2nJNtUU3Z3QUbMiY26uLYAb-b_HJxyV4jG1-POPCU3YEy8t3-Xbg==
age: 1768712
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/38-7f41f4a9e2fe47a2.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/38-7f41f4a9e2fe47a2.js
IP 54.230.245.206:0
GET /_next/static/chunks/38-7f41f4a9e2fe47a2.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Tue, 27 Sep 2022 13:45:54 GMT
etag: W/"6332fe92-2832"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1HUbjMAclqyn978LyooaiEo0IL9Qo8fCO1YFcjXkv8znZbCZEsrUog==
age: 1768712
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/804-13fd754e32aa16c3.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/804-13fd754e32aa16c3.js
IP 54.230.245.206:0
GET /_next/static/chunks/804-13fd754e32aa16c3.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Wed, 07 Sep 2022 13:23:58 GMT
etag: W/"63189b6e-7319"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1alOSWI5e1vFkiE4rw19aCPpdtUT1WGxxTFwVdA3WWzL6Ed9A4Uj5A==
age: 1768712
X-Firefox-Spdy: h2
ibe.seekda.com/dsr/IT_BOZEN_GREIF/attribution?callback=skdtracking167028795436677&cookie-enabled=true
135.125.240.149200 OK 0 B URL HTTP/2 ibe.seekda.com/dsr/IT_BOZEN_GREIF/attribution?callback=skdtracking167028795436677&cookie-enabled=true
IP 135.125.240.149:0
GET /dsr/IT_BOZEN_GREIF/attribution?callback=skdtracking167028795436677&cookie-enabled=true HTTP/1.1
Host: ibe.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache-Coyote/1.1
content-type: application/javascript;charset=ISO-8859-1
content-encoding: gzip
vary: Accept-Encoding
date: Tue, 06 Dec 2022 00:52:36 GMT
set-cookie: ULTZCTLUCKO67=qwiuxs88; path=/; HttpOnly; Secure
cache-control: private
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/7e0f675c-7628088f2378fdb4.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/7e0f675c-7628088f2378fdb4.js
IP 54.230.245.206:0
GET /_next/static/chunks/7e0f675c-7628088f2378fdb4.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Tue, 27 Sep 2022 13:45:30 GMT
etag: W/"6332fe7a-cabd"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jERbF6nff_4CvbFf_iVawjsy7tzzHGk_PBWH4ENQQwWotb1kOULx8Q==
age: 1768712
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/364-89bf8dd5b58b10a4.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/364-89bf8dd5b58b10a4.js
IP 54.230.245.206:0
GET /_next/static/chunks/364-89bf8dd5b58b10a4.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 15:47:45 GMT
last-modified: Mon, 28 Nov 2022 15:47:03 GMT
etag: W/"6384d7f7-2236"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 20MSxPOcD3MoQM8_9u26GU3u9pp0KWn2kn1ClUeCYyDCi_zIHfWbkQ==
age: 637490
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/234-5f3fb97a1b4a275f.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/234-5f3fb97a1b4a275f.js
IP 54.230.245.206:0
GET /_next/static/chunks/234-5f3fb97a1b4a275f.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 14:08:22 GMT
last-modified: Tue, 15 Nov 2022 14:07:29 GMT
etag: W/"63739d21-70cc"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tI5l78yGxQRvv3OA3z0fgDyTz5TnNl4OhezasXBdO-vVXh8D7ph3FA==
age: 1766653
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/css/e45bafd752dbfc1b.css
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/css/e45bafd752dbfc1b.css
IP 54.230.245.206:0
GET /_next/static/css/e45bafd752dbfc1b.css HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
date: Mon, 28 Nov 2022 15:47:45 GMT
last-modified: Mon, 28 Nov 2022 15:47:13 GMT
etag: W/"6384d801-50631"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nf3a4CkJll9uMFTjzFKpO2IJWA95q_u7a06IxVbSg2YcOpIF-_Kmbg==
age: 637490
X-Firefox-Spdy: h2
quality.seekda.com/events/ibe/pageLoaded?
135.125.240.141200 OK 0 B URL HTTP/2 quality.seekda.com/events/ibe/pageLoaded?
IP 135.125.240.141:0
POST /events/ibe/pageLoaded? HTTP/1.1
Host: quality.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Cache-Control: no-cache
Content-Length: 871
Origin: https://booking.greif.it
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://booking.greif.it
access-control-allow-credentials: true
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-type: application/json
date: Tue, 06 Dec 2022 00:52:37 GMT
strict-transport-security: max-age=15768000
set-cookie: VCSADDYFIHLUNGF=thei9zuS; path=/; HttpOnly; Secure; SameSite=none
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/ehIawmgvLPiidfXQEXmP0/_ssgManifest.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/ehIawmgvLPiidfXQEXmP0/_ssgManifest.js
IP 54.230.245.206:0
GET /_next/static/ehIawmgvLPiidfXQEXmP0/_ssgManifest.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 16:02:09 GMT
last-modified: Mon, 28 Nov 2022 16:01:42 GMT
etag: W/"6384db66-4d"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yvmaqSjoUG_KVTd_cn82zPuEY2CtTbz2v3rAUJIMsmPOfD7nRpzkfQ==
age: 636626
X-Firefox-Spdy: h2
connect.facebook.net/signals/config/464797164147756?v=2.9.89&r=stable
157.240.200.14200 OK 0 B URL HTTP/2 connect.facebook.net/signals/config/464797164147756?v=2.9.89&r=stable
IP 157.240.200.14:0
GET /signals/config/464797164147756?v=2.9.89&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: n6wsXN3NDP/jBQPacfqEglgzmzoeYmpGiR8I9zirPae+HSWK3Wf0YvrBDHcXyYTfZTJZ67caIEAkgjDNfNG+Bg==
priority: u=3,i
x-fb-trip-id: 1679558926
date: Tue, 06 Dec 2022 00:52:38 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
quality.seekda.com/events/ibe/searchBoxInit?
135.125.240.141200 OK 0 B URL HTTP/2 quality.seekda.com/events/ibe/searchBoxInit?
IP 135.125.240.141:0
POST /events/ibe/searchBoxInit? HTTP/1.1
Host: quality.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Cache-Control: no-cache
Content-Length: 854
Origin: https://booking.greif.it
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://booking.greif.it
access-control-allow-credentials: true
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-type: application/json
date: Tue, 06 Dec 2022 00:52:37 GMT
strict-transport-security: max-age=15768000
set-cookie: VCSADDYFIHLUNGF=thei9zuS; path=/; HttpOnly; Secure; SameSite=none
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/928-20b3fd6334a5c778.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/928-20b3fd6334a5c778.js
IP 54.230.245.206:0
GET /_next/static/chunks/928-20b3fd6334a5c778.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 15:47:45 GMT
last-modified: Mon, 28 Nov 2022 15:47:13 GMT
etag: W/"6384d801-12605"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bbWU9WZt3wfv3qFqBk81PLhOSLGo_TNZYvOEkBn60NywN3a40h5bLw==
age: 637490
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/ehIawmgvLPiidfXQEXmP0/_middlewareManifest.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/ehIawmgvLPiidfXQEXmP0/_middlewareManifest.js
IP 54.230.245.206:0
GET /_next/static/ehIawmgvLPiidfXQEXmP0/_middlewareManifest.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 16:02:09 GMT
last-modified: Mon, 28 Nov 2022 16:01:42 GMT
etag: W/"6384db66-5c"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9WKuYQI1kxhywB4b1YER9Ac7q8q7aa1178_Q3Is0IUOmxNeZ3WsJyg==
age: 636626
X-Firefox-Spdy: h2
cloud.seekda.com/w/w-tracking-api/group:BookingFlow/69549e60-3d6e-0136-cbf5-0050568253f2.js
135.125.240.147200 OK 0 B URL HTTP/2 cloud.seekda.com/w/w-tracking-api/group:BookingFlow/69549e60-3d6e-0136-cbf5-0050568253f2.js
IP 135.125.240.147:0
GET /w/w-tracking-api/group:BookingFlow/69549e60-3d6e-0136-cbf5-0050568253f2.js HTTP/1.1
Host: cloud.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
status: 200 OK
x-rack-cache: miss
cache-control: max-age=0, private, must-revalidate
date: Tue, 06 Dec 2022 00:52:35 GMT
x-ua-compatible: IE=Edge,chrome=1
etag: W/"22db3319eb65f407f66a7f4279770598"
x-runtime: 0.004378
x-request-id: 079dea4b93f608e706aa834dde2c9d56
x-powered-by: Phusion Passenger(R) 6.0.14
server: nginx/1.20.2 + Phusion Passenger(R) 6.0.14
content-encoding: gzip
strict-transport-security: max-age=15768000
set-cookie: SDLKJWIUDKIJS=5e0f52cccc22fb0; path=/; HttpOnly; Secure; SameSite=none
X-Firefox-Spdy: h2
booking.greif.it/
135.125.240.140200 OK 0 B IP 135.125.240.140:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: booking.greif.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:52:35 GMT
content-type: text/html; charset=utf-8
status: 200 OK
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
vary: Accept-Encoding
content-encoding: gzip
etag: "3ae67-TGe+34hFP5Zzgv6eqZkd3g867Io"
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' *.kognitiv.com
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/d099b070-221cabf5ffd73869.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/d099b070-221cabf5ffd73869.js
IP 54.230.245.206:0
GET /_next/static/chunks/d099b070-221cabf5ffd73869.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Wed, 27 Jul 2022 15:16:14 GMT
etag: W/"62e156be-11876"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qt4RZIVN_2ki2YjHxv-tmTBftIQmqqGV9ZGOAngWLDnYm-GXYj80rQ==
age: 1768712
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/0b7b90cd-2a28d1759dacf41f.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/0b7b90cd-2a28d1759dacf41f.js
IP 54.230.245.206:0
GET /_next/static/chunks/0b7b90cd-2a28d1759dacf41f.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Tue, 03 May 2022 12:24:17 GMT
etag: W/"62711ef1-22c77"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ucRHajosbjY9IEC6gH8gMJhZdPfm8NkZdyIx72JjfKmYscOxVjEVNg==
age: 1768712
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/433-a2824426e6ccb54e.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/433-a2824426e6ccb54e.js
IP 54.230.245.206:0
GET /_next/static/chunks/433-a2824426e6ccb54e.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Mon, 14 Nov 2022 12:48:39 GMT
etag: W/"63723927-42f15"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qJK5I0KFYhUYvTemWZKlR7QT7sDsBjvRfn5DbV5zftIQTX0euS8n0g==
age: 1768712
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/818-2d46f7d1223300d3.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/818-2d46f7d1223300d3.js
IP 54.230.245.206:0
GET /_next/static/chunks/818-2d46f7d1223300d3.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 15:47:45 GMT
last-modified: Mon, 28 Nov 2022 15:47:13 GMT
etag: W/"6384d801-5d13a"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DRHnBgYbX8HfGEAN8tUsUZ8dg6QYw3K0rgOIpsbNt8KymjmfqC9PgA==
age: 637490
X-Firefox-Spdy: h2
quality.seekda.com/events/ibe/viewOffers?
135.125.240.141200 OK 0 B URL HTTP/2 quality.seekda.com/events/ibe/viewOffers?
IP 135.125.240.141:0
POST /events/ibe/viewOffers? HTTP/1.1
Host: quality.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Cache-Control: no-cache
Content-Length: 1449
Origin: https://booking.greif.it
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://booking.greif.it
access-control-allow-credentials: true
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-type: application/json
date: Tue, 06 Dec 2022 00:52:36 GMT
strict-transport-security: max-age=15768000
set-cookie: VCSADDYFIHLUNGF=cheiG8ch; path=/; HttpOnly; Secure; SameSite=none
X-Firefox-Spdy: h2
booking.greif.it/static/bookingFlowCustomTracking.js
135.125.240.140200 OK 0 B URL HTTP/2 booking.greif.it/static/bookingFlowCustomTracking.js
IP 135.125.240.140:0
Analyzer Verdict Alert fortinet Phishing
GET /static/bookingFlowCustomTracking.js HTTP/1.1
Host: booking.greif.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:52:35 GMT
content-type: application/javascript
last-modified: Tue, 03 May 2022 12:24:30 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"62711efe-11c"
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
quality.seekda.com/events/ibe/pageReady?
135.125.240.141200 OK 0 B URL HTTP/2 quality.seekda.com/events/ibe/pageReady?
IP 135.125.240.141:0
POST /events/ibe/pageReady? HTTP/1.1
Host: quality.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Cache-Control: no-cache
Content-Length: 830
Origin: https://booking.greif.it
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://booking.greif.it
access-control-allow-credentials: true
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-type: application/json
date: Tue, 06 Dec 2022 00:52:36 GMT
strict-transport-security: max-age=15768000
set-cookie: VCSADDYFIHLUNGF=cheiG8ch; path=/; HttpOnly; Secure; SameSite=none
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/659-a75792a0129c3b75.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/659-a75792a0129c3b75.js
IP 54.230.245.206:0
GET /_next/static/chunks/659-a75792a0129c3b75.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Mon, 14 Nov 2022 12:48:39 GMT
etag: W/"63723927-42543"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oamBe29oIkayFXRLvDb69fPc7jdG99AUSUjk4URMz3EdAoiMlprcgA==
age: 1768712
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/979-fc9d9c0ee5b8eeaa.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/979-fc9d9c0ee5b8eeaa.js
IP 54.230.245.206:0
GET /_next/static/chunks/979-fc9d9c0ee5b8eeaa.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Wed, 07 Sep 2022 13:23:35 GMT
etag: W/"63189b57-7ff8"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t0wMbWOOzwfi4wS7ExrjLjn8OJ5f0lmo9FlhEQ-2z4fxejYQuyd-_A==
age: 1768712
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/static/semantic.min.css?checksum=c693bf067390b2ec6106c2aec0a1c2b1
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/static/semantic.min.css?checksum=c693bf067390b2ec6106c2aec0a1c2b1
IP 54.230.245.206:0
GET /static/semantic.min.css?checksum=c693bf067390b2ec6106c2aec0a1c2b1 HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
date: Mon, 05 Dec 2022 02:36:41 GMT
last-modified: Wed, 27 Jul 2022 15:16:14 GMT
etag: W/"62e156be-996ea"
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=15768000
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9kiBdVgPH3vJX7kcpKesUWdF6mEBkB8beW8GUAqq4VUrZdMGhfogCA==
age: 80154
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/302-7b32094aede33cd2.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/302-7b32094aede33cd2.js
IP 54.230.245.206:0
GET /_next/static/chunks/302-7b32094aede33cd2.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Mon, 14 Nov 2022 12:48:16 GMT
etag: W/"63723910-52fd"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wTSNGKUY4LLYYvUyZjSll-vsp2Kvr8lkv6lsle6Mmi0qKqG8LYCwCA==
age: 1768712
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/ehIawmgvLPiidfXQEXmP0/_buildManifest.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/ehIawmgvLPiidfXQEXmP0/_buildManifest.js
IP 54.230.245.206:0
GET /_next/static/ehIawmgvLPiidfXQEXmP0/_buildManifest.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 16:02:09 GMT
last-modified: Mon, 28 Nov 2022 16:01:50 GMT
etag: W/"6384db6e-e22"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CKD3EzcX0sYonODgLrqpAl2HbMGN_9OHD1pUwnfR45F68GPJmweOFg==
age: 636626
X-Firefox-Spdy: h2
switch.seekda.com/switch/api/hotel/IT_BOZEN_GREIF/tracking.js
135.125.240.145200 OK 0 B URL HTTP/2 switch.seekda.com/switch/api/hotel/IT_BOZEN_GREIF/tracking.js
IP 135.125.240.145:0
GET /switch/api/hotel/IT_BOZEN_GREIF/tracking.js HTTP/1.1
Host: switch.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-robots-tag: noindex
vary: accept-encoding
content-encoding: gzip
content-type: application/javascript;charset=ISO-8859-1
date: Tue, 06 Dec 2022 00:52:35 GMT
set-cookie: KLJIQWJ38ASK=5e9bffb7d7f27e0; path=/; HttpOnly; Secure; SameSite=none
cache-control: private
X-Firefox-Spdy: h2
quality.seekda.com/events/ibe/viewTrustYouBadge?
135.125.240.141200 OK 0 B URL HTTP/2 quality.seekda.com/events/ibe/viewTrustYouBadge?
IP 135.125.240.141:0
POST /events/ibe/viewTrustYouBadge? HTTP/1.1
Host: quality.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Cache-Control: no-cache
Content-Length: 917
Origin: https://booking.greif.it
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://booking.greif.it
access-control-allow-credentials: true
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-type: application/json
date: Tue, 06 Dec 2022 00:52:36 GMT
strict-transport-security: max-age=15768000
set-cookie: VCSADDYFIHLUNGF=cheiG8ch; path=/; HttpOnly; Secure; SameSite=none
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/99d407f1-740efc49d6ddee4e.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/99d407f1-740efc49d6ddee4e.js
IP 54.230.245.206:0
GET /_next/static/chunks/99d407f1-740efc49d6ddee4e.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 15:47:45 GMT
last-modified: Mon, 28 Nov 2022 15:47:03 GMT
etag: W/"6384d7f7-5dc71"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zqoe6Z50NyQKUZqg0GIjmOttN12Y4YNZT3yNc7_q4dnI09PnU1lfAA==
age: 637490
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/c0a33b72-efbe3e99c4b6522e.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/c0a33b72-efbe3e99c4b6522e.js
IP 54.230.245.206:0
GET /_next/static/chunks/c0a33b72-efbe3e99c4b6522e.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Tue, 03 May 2022 12:24:17 GMT
etag: W/"62711ef1-4c0a4"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: i0DzzJQM6lonyAQr0RCik7RSGDw637U5dorW7lu6N3hB_-k4Q59ZpQ==
age: 1768712
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/373-95390337f262d59f.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/373-95390337f262d59f.js
IP 54.230.245.206:0
GET /_next/static/chunks/373-95390337f262d59f.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Mon, 14 Nov 2022 12:48:16 GMT
etag: W/"63723910-c616"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: s3EaT3SXGJkv6leakYWR8PLophf2vRc8Dii1pqflUvcC78v05h9akw==
age: 1768712
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/framework-4774102d6f75bb1e.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/framework-4774102d6f75bb1e.js
IP 54.230.245.206:0
GET /_next/static/chunks/framework-4774102d6f75bb1e.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Tue, 03 May 2022 12:24:17 GMT
etag: W/"62711ef1-2640a"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YSNUTjCMTnR3Q7QxRivdbQBuazPtyLlPT3wzU-OiZ-ROFPlDoHVcfg==
age: 1768712
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/695-5ea418b3362d2010.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/695-5ea418b3362d2010.js
IP 54.230.245.206:0
GET /_next/static/chunks/695-5ea418b3362d2010.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Wed, 07 Sep 2022 13:23:58 GMT
etag: W/"63189b6e-fd62"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dyMp9pYIHvjnOFbQh4ORaR3PEqQ9HN13aR83ZIwtIHdTM2AGccL4bA==
age: 1768712
X-Firefox-Spdy: h2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/pages/index-4f91dc75cd41d669.js
54.230.245.206200 OK 0 B URL HTTP/2 d2jtzd336hs8un.cloudfront.net/_next/static/chunks/pages/index-4f91dc75cd41d669.js
IP 54.230.245.206:0
GET /_next/static/chunks/pages/index-4f91dc75cd41d669.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 16:02:09 GMT
last-modified: Mon, 28 Nov 2022 16:01:42 GMT
etag: W/"6384db66-1326b"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yXAs1_9RlGiQreOhNu_LoqsTZGPDZtgKtgqAhP7k0n8tLdc0fD76Ig==
age: 636626
X-Firefox-Spdy: h2
hbe-api.kognitiv.com/banners
135.125.240.149200 OK 0 B URL HTTP/2 hbe-api.kognitiv.com/banners
IP 135.125.240.149:0
POST /banners HTTP/1.1
Host: hbe-api.kognitiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 192
Origin: https://booking.greif.it
Connection: keep-alive
Referer: https://booking.greif.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://booking.greif.it
vary: Accept-Encoding, Origin, Accept-Encoding
date: Tue, 06 Dec 2022 00:52:37 GMT
etag: W/"1fe-6LRZN90oS0mnZaYZnTrKa02e2+g"
content-encoding: gzip
set-cookie: MGLH51CKJDVB=VEI1698VEKLN9; path=/; HttpOnly; Secure
X-Firefox-Spdy: h2