r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 584dc97b4a725bab46f43b0c52ea2f21
4c7d5484aca5c64746185fa7a1e6103672fd6beb
726714a5ebdaa8dda3c669eedad6503ffd2a822cfd0bbdf5eb8a1d8ad43ad5bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "726714A5EBDAA8DDA3C669EEDAD6503FFD2A822CFD0BBDF5EB8A1D8AD43AD5BD"
Last-Modified: Wed, 15 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9023
Expires: Fri, 17 Feb 2023 16:25:12 GMT
Date: Fri, 17 Feb 2023 13:54:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e2774fdb28d9f6ef0658eb7286166e3f
9240e40dcd6422d6b92b9f9b54c79e7629f28828
e59f037bbb477951b8d775acb4d62c243d19d6b0022787348bae224092690d53
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E59F037BBB477951B8D775ACB4D62C243D19D6B0022787348BAE224092690D53"
Last-Modified: Thu, 16 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3497
Expires: Fri, 17 Feb 2023 14:53:06 GMT
Date: Fri, 17 Feb 2023 13:54:49 GMT
Connection: keep-alive
www.lmlenzitrasporti.com/page1/rola/posten/
89.46.110.68200 OK 93 kB URL HTTP/1.1 www.lmlenzitrasporti.com/page1/rola/posten/
IP 89.46.110.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (13785)
Hash 11338d9e1a155a5258ba08ef6f996e2e
3087150eca6dd07ab619280639edcdb48bff0806
692b4001e30b1528aab61883c40c79b4cfbc7664dad1d50730317361a2df43c6
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
openphish Posten Norge
fortinet Phishing
GET /page1/rola/posten/ HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 17 Feb 2023 13:54:49 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 01 Mar 2021 06:26:11 GMT
X-ServerName: ipvsproxy233.ad.aruba.it
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 17 Feb 2023 13:37:38 GMT
content-type: application/json
age: 1031
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e4879878d8594ad779e96e43ceadae35
e81c37ddd67123e47ea15707896b807a306d8d7e
c50069d7380586c743cddc2678baab9bb04400c70c28c3102650264ef806319c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C50069D7380586C743CDDC2678BAAB9BB04400C70C28C3102650264EF806319C"
Last-Modified: Wed, 15 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3583
Expires: Fri, 17 Feb 2023 14:54:32 GMT
Date: Fri, 17 Feb 2023 13:54:49 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kkaItQPsGk+iSTRSQPLAA7i3WyvR2cMkmebrrlEPvQOM0EozUimHp/MU+ahKGcMFxXpZ5JCrxcU=
x-amz-request-id: EWN07EPWMNB3JZZ5
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
via: 1.1 google
date: Fri, 17 Feb 2023 13:49:53 GMT
age: 296
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
content-length: 5348
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 17 Feb 2023 13:54:49 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
2.18.173.140200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 2.18.173.140:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TYrAmp44ddThNKrHeBmfOrJOox8ItZdAJeP4Uj7Uut6T7Jvp1PpX/XFzXT0gU1oJH/SwK8Irisw=
x-amz-request-id: 598E0BAF9E725A50
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
unused62: 8096267
cache-control: max-age=59407
date: Fri, 17 Feb 2023 13:54:49 GMT
X-Firefox-Spdy: h2
www.lmlenzitrasporti.com/page1/rola/posten/file/new-style.css
89.46.110.68200 OK 9.4 kB URL HTTP/1.1 www.lmlenzitrasporti.com/page1/rola/posten/file/new-style.css
IP 89.46.110.68:0
File type ASCII text, with very long lines (306), with CRLF line terminators
Hash 92c165e15a2275866ee7cfc278fffde1
98916171f3518b19fcafe4875562e5a353ddd54b
26500fcb123f8d7047a19264d0c82f59049a662c93068c2a91e3428e68382869
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /page1/rola/posten/file/new-style.css HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 17 Feb 2023 13:54:49 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 01 Mar 2021 06:20:12 GMT
X-ServerName: ipvsproxy233.ad.aruba.it
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2479adc544d5ddacfa7ef52d41903025
b682994b05d0c55bcac304b23af0e91972ea107b
1cecaeec65d53f424a9a558110e7fa4dc8fc7fd17d76b5a5d41d48324d510a6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tienda.correos.es/css/common-dynamic.css
94.23.87.92200 OK 717 B URL HTTP/1.1 tienda.correos.es/css/common-dynamic.css
IP 94.23.87.92:0
File type ASCII text, with CRLF line terminators
Hash 45bca144e962bb998d9d807e54e521c3
63beb9c869ed56068010f501fde069d8e02164d7
31dda737e3779db2e9efd81ab860e724f61738acce5b10558cb6c56c76daf544
GET /css/common-dynamic.css HTTP/1.1
Host: tienda.correos.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: server
Date: Fri, 17 Feb 2023 13:54:49 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Backend: 1
Content-Encoding: gzip
X-IPLB-Request-ID: 5B5A2A9A:95B9_5E17575C:01BB_63EF8729_4B8B7:1B82C
X-IPLB-Instance: 35327
Set-Cookie: SERVERID139651=c80001a3|Y++HL|Y++HL; path=/; HttpOnly
Cache-control: private
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2479adc544d5ddacfa7ef52d41903025
b682994b05d0c55bcac304b23af0e91972ea107b
1cecaeec65d53f424a9a558110e7fa4dc8fc7fd17d76b5a5d41d48324d510a6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.mycomandia.com/static/shop/common/fonts/flaticon/flaticon.css?v=2019.12.17
176.31.232.62200 OK 1.2 kB URL HTTP/2 cdn.mycomandia.com/static/shop/common/fonts/flaticon/flaticon.css?v=2019.12.17
IP 176.31.232.62:0
Hash e8b5e4d5eb0df11eb339ba959520b978
24777a5efa576aec4026ff30bcf4fd6ecd81b003
2650ffdcb2bf4147d062825fee353bd86e80c1f1c22c0b29ea856fdd3213e0a3
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /static/shop/common/fonts/flaticon/flaticon.css?v=2019.12.17 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 17 Feb 2023 13:54:49 GMT
content-type: text/css
content-length: 1210
last-modified: Tue, 27 Aug 2019 11:07:48 GMT
etag: "5d650f04-4ba"
server: rebelio-n1
expires: Sat, 17 Feb 2024 13:54:49 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.mycomandia.com/static/shop/common/css/validationEngine.jquery.css?v=2019.12.17
176.31.232.62200 OK 3.3 kB URL HTTP/2 cdn.mycomandia.com/static/shop/common/css/validationEngine.jquery.css?v=2019.12.17
IP 176.31.232.62:0
File type ASCII text, with CRLF line terminators
Hash a8935f51f8ca663bf3a18d4b1da31bf7
6f2e6f9c21ced7020e6d8c73c2e8ad71d797aa9d
cd363d0f8425d6b271c14ee5d6a8d693c3aa1323b64979b69c69d26661927303
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /static/shop/common/css/validationEngine.jquery.css?v=2019.12.17 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 17 Feb 2023 13:54:49 GMT
content-type: text/css
content-length: 3334
last-modified: Thu, 18 Oct 2018 11:43:12 GMT
etag: "5bc871d0-d06"
server: rebelio-n1
expires: Sat, 17 Feb 2024 13:54:49 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tienda.correos.es/css/common-dynamic.css
94.23.87.92200 OK 717 B URL HTTP/1.1 tienda.correos.es/css/common-dynamic.css
IP 94.23.87.92:0
File type ASCII text, with CRLF line terminators
Hash 45bca144e962bb998d9d807e54e521c3
63beb9c869ed56068010f501fde069d8e02164d7
31dda737e3779db2e9efd81ab860e724f61738acce5b10558cb6c56c76daf544
GET /css/common-dynamic.css HTTP/1.1
Host: tienda.correos.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: server
Date: Fri, 17 Feb 2023 13:54:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Backend: 1
Content-Encoding: gzip
X-IPLB-Request-ID: 5B5A2A9A:95B9_5E17575C:01BB_63EF8729_4B8B8:1B82C
X-IPLB-Instance: 35327
Set-Cookie: SERVERID139651=c80001a3|Y++HL|Y++HL; path=/; HttpOnly
Cache-control: private
cdn.mycomandia.com/static/logos/correos-paq-72-mini.png
176.31.232.62200 OK 2.4 kB URL HTTP/2 cdn.mycomandia.com/static/logos/correos-paq-72-mini.png
IP 176.31.232.62:0
File type PNG image data, 175 x 30, 8-bit/color RGBA, interlaced\012- data
Hash ad8f5552abb3d774a9c23cf3b0c9272b
4fc71ddac34c0b7438effc6883956ba2149a6a0c
984461e2d55896f29bb79d75b8ab42c1f8c4111bd2fb0c5f03dbc50d1b24b894
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /static/logos/correos-paq-72-mini.png HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 17 Feb 2023 13:54:50 GMT
content-type: image/png
content-length: 2373
last-modified: Mon, 10 May 2021 14:53:58 GMT
etag: "60994906-945"
server: rebelio-n1
expires: Sat, 17 Feb 2024 13:54:50 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.mycomandia.com/static/logos/correos-paq72.png
176.31.232.62200 OK 2.0 kB URL HTTP/2 cdn.mycomandia.com/static/logos/correos-paq72.png
IP 176.31.232.62:0
File type PNG image data, 128 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 567c7f32c85fe6ca5625f95403eb05e9
ef5da723f8b205d4f75bcb2b63b6e948fa25f330
5d2fb215dbbcbfd1bd663a0cdeaf31c63abde8c6f20aa63551733ebc498bf605
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /static/logos/correos-paq72.png HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 17 Feb 2023 13:54:50 GMT
content-type: image/png
content-length: 1976
last-modified: Mon, 28 Dec 2020 12:06:56 GMT
etag: "5fe9ca60-7b8"
server: rebelio-n1
expires: Sat, 17 Feb 2024 13:54:50 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@posten/hedwig@11/assets/fonts.css
151.101.1.229200 OK 542 B URL HTTP/2 cdn.jsdelivr.net/npm/@posten/hedwig@11/assets/fonts.css
IP 151.101.1.229:0
Hash b24719d55767c669113336d8c684644d
24067e2371e11e36586528918e5c7adb7356edb9
ff84dceacce38a1a37e28e25757da04eec677c08070213f46fa0384c375ca2e7
GET /npm/@posten/hedwig@11/assets/fonts.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 11.9.9
x-jsd-version-type: version
etag: W/"855-mRW2/GJzwxRji+sy+ksrjfYsJnE"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 17 Feb 2023 13:54:50 GMT
age: 1686
x-served-by: cache-fra-eddf8230028-FRA, cache-bma1641-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 542
X-Firefox-Spdy: h2
www.lmlenzitrasporti.com/page1/rola/posten/file/f.txt
89.46.110.68200 OK 11 kB URL HTTP/1.1 www.lmlenzitrasporti.com/page1/rola/posten/file/f.txt
IP 89.46.110.68:0
File type ASCII text, with very long lines (1994), with CRLF line terminators
Hash 9822ac488e975c67f830ee453c852044
64d8f2c1b690f5eedf16494df7013958a29f5bf9
fdd312257d6d26e58643b7bc5cde6555613ffc8f1617fbc65189ab819761a7e4
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
fortinet Phishing
GET /page1/rola/posten/file/f.txt HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 17 Feb 2023 13:54:50 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 01 Mar 2021 06:20:12 GMT
X-ServerName: ipvsproxy233.ad.aruba.it
Content-Encoding: gzip
cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/posten.css
151.101.1.229200 OK 29 kB URL HTTP/2 cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/posten.css
IP 151.101.1.229:0
File type Unicode text, UTF-8 text, with very long lines (54670)
Hash cab4a25d88a7f23bbe46846ffc169ace
d470188177492d7ce663c298301c852a9cfbde59
6971be30d85421291f18493ae6d84494f4fc9cd42d194aefd7197031f730cbe7
GET /npm/@posten/hedwig@11/dist/posten.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 11.9.10
x-jsd-version-type: version
etag: W/"35ae7-VIUJ2giFc9+RlRgcbyfbUh4mbO8"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 17 Feb 2023 13:54:50 GMT
age: 31718
x-served-by: cache-fra-eddf8230074-FRA, cache-bma1641-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29077
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/main.js
151.101.1.229200 OK 55 kB URL HTTP/2 cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/main.js
IP 151.101.1.229:0
File type Unicode text, UTF-8 text, with very long lines (33341), with NEL line terminators
Hash aceb930ded7386fd3874e88db9a79c1d
8ac16d7b8129e0bec4093cfb9d651c034f0745d9
8244dcb68ca3f57c94b683848d4d0f93d0ff560834ee6426f400cadc2477e4e1
GET /npm/@posten/hedwig@11/dist/main.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.9.10
x-jsd-version-type: version
etag: W/"281a4-/N1Jx7Y0IzQHyIjw7iTyyO0L1PY"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 17 Feb 2023 13:54:50 GMT
age: 25949
x-served-by: cache-fra-eddf8230133-FRA, cache-bma1641-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 55053
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/icons.min.js
151.101.1.229200 OK 325 B URL HTTP/2 cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/icons.min.js
IP 151.101.1.229:0
File type ASCII text, with very long lines (484)
Hash 3cf89faabd93e7347ff136ce46273e50
11e620a5bdd6f53f699c1117f6abfd368275df67
162897c7f4536145c8f704320004aa5b68d7d08c9e080065657fd1dcee4979f8
GET /npm/@posten/hedwig@11/dist/icons.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.9.10
x-jsd-version-type: version
etag: W/"1e5-WAbOTOVCBaDeieReJgLvn/XKjp4"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 17 Feb 2023 13:54:50 GMT
age: 2816
x-served-by: cache-fra-eddf8230027-FRA, cache-bma1641-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 325
X-Firefox-Spdy: h2
www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/bundle.js
89.46.110.68404 Not Found 196 B URL HTTP/1.1 www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/bundle.js
IP 89.46.110.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
fortinet Phishing
GET /_/asset/no.posten.website:1594301215/js/bundle.js HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 404 Not Found
Server: aruba-proxy
Date: Fri, 17 Feb 2023 13:54:50 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
www.lmlenzitrasporti.com/page1/rola/posten/file/1.txt
89.46.110.68200 OK 198 B URL HTTP/1.1 www.lmlenzitrasporti.com/page1/rola/posten/file/1.txt
IP 89.46.110.68:0
File type ASCII text, with no line terminators
Hash e8eb78614cd69ba5458449ee67661a79
415d4f5c96e7fd519a5c16343b16507bd0ddd9dc
b3256232be85e192b3f6ad9276d3aa22c01e36fdcdf424cde262134bb60d8e24
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
fortinet Phishing
GET /page1/rola/posten/file/1.txt HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 17 Feb 2023 13:54:50 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 01 Mar 2021 06:20:11 GMT
X-ServerName: ipvsproxy233.ad.aruba.it
Content-Encoding: gzip
www.lmlenzitrasporti.com/page1/rola/posten/file/1(1).txt
89.46.110.68200 OK 534 B URL HTTP/1.1 www.lmlenzitrasporti.com/page1/rola/posten/file/1(1).txt
IP 89.46.110.68:0
File type ASCII text, with very long lines (1529), with no line terminators
Hash 9d1d1c1720dadba3e9790da3b894bd45
ea920623212646bbc98ccd45c53b53c9af91cd32
b6161cf2d336820e05b44792c97b6c8581e5e95d5c1127b1834d75ce1c5657a1
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
fortinet Phishing
GET /page1/rola/posten/file/1(1).txt HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 17 Feb 2023 13:54:50 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 01 Mar 2021 06:20:11 GMT
X-ServerName: ipvsproxy233.ad.aruba.it
Content-Encoding: gzip
www.lmlenzitrasporti.com/page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement
89.46.110.68404 Not Found 196 B URL HTTP/1.1 www.lmlenzitrasporti.com/page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement
IP 89.46.110.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
fortinet Phishing
GET /page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 404 Not Found
Server: aruba-proxy
Date: Fri, 17 Feb 2023 13:54:50 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/css/postenstyle.css
89.46.110.68404 Not Found 196 B URL HTTP/1.1 www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/css/postenstyle.css
IP 89.46.110.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /_/asset/no.posten.website:1594301215/css/postenstyle.css HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 404 Not Found
Server: aruba-proxy
Date: Fri, 17 Feb 2023 13:54:50 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
siteimproveanalytics.com/js/siteanalyze_6015663.js
172.64.197.24200 OK 26 kB URL HTTP/1.1 siteimproveanalytics.com/js/siteanalyze_6015663.js
IP 172.64.197.24:0
File type Unicode text, UTF-8 text, with very long lines (65492), with no line terminators
Hash efed05da78b6a02254508bcda8d175ec
693b43c0ea204919ec9fe5a9b1c19057a894c19b
a4c7ca0fceb7f40af4f6862474c688b81f912b488626e8e461170b63831cb527
GET /js/siteanalyze_6015663.js HTTP/1.1
Host: siteimproveanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 200 OK
Date: Fri, 17 Feb 2023 13:54:50 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 25663
Connection: keep-alive
x-amz-id-2: FUfm5THqacbXr0paDYu667At2Y1QMxM6e8DWzLxHwMxsyyXo0tCmFYQGL/4RyDLdGcwE+jr8gsI=
x-amz-request-id: 1ED0XQ99C6FXBZXF
Cache-Control: max-age=86400, no-transform
Content-Encoding: gzip
Last-Modified: Fri, 17 Feb 2023 09:36:57 GMT
ETag: "efed05da78b6a02254508bcda8d175ec"
CF-Cache-Status: HIT
Age: 957
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EExCBLze%2FzAt3Elo%2FoYaE7iF69U7L7ntCsgrepSebPvvodSC%2BpJnSQ0%2BZqDjooXE%2FqGis3SUiDL7ZlTGWc%2B5%2BEGIUxRY%2Ftt3UBhY0cpXPMsMOIXT7gzwgLNee5fUTLT16iIvfojLQ3sJaBE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79af0467fe4e8924-LHR
alt-svc: h2=":443"; ma=60
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.42200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.42:0
File type ASCII text, with very long lines (22967)
Hash f7bf2121608909b56672e6398ac2335c
864ef3bac46b08ab6609fad23f00d5f09815647d
b9d3a8600d9b6edf9c71b793c42782282ecfb01e2026e0128608b949e91e152c
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Feb 2023 13:16:50 GMT
expires: Fri, 17 Feb 2023 14:16:50 GMT
cache-control: public, max-age=3600
age: 2280
last-modified: Mon, 09 Jan 2023 20:58:00 GMT
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b9763adf5a3803ebbbd946989691ebad
79cc60d6949fa803a03f11396f7edc967e6aa8d4
5870c9bdf050b42605bd48728cb5f36ae4628e89e4727bb553c1218ddbfb6846
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
in.taskanalytics.com/00012/tm.js?r=&1595285185398
108.128.72.146403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595285185398
IP 108.128.72.146:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /00012/tm.js?r=&1595285185398 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Fri, 17 Feb 2023 13:54:50 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1595293061723
108.128.72.146403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595293061723
IP 108.128.72.146:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /00012/tm.js?r=&1595293061723 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Fri, 17 Feb 2023 13:54:50 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1595293061872
108.128.72.146403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595293061872
IP 108.128.72.146:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /00012/tm.js?r=&1595293061872 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Fri, 17 Feb 2023 13:54:50 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1595299259690
108.128.72.146403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595299259690
IP 108.128.72.146:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /00012/tm.js?r=&1595299259690 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Fri, 17 Feb 2023 13:54:50 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1595299259698
108.128.72.146403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595299259698
IP 108.128.72.146:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /00012/tm.js?r=&1595299259698 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Fri, 17 Feb 2023 13:54:50 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1595299259862
108.128.72.146403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595299259862
IP 108.128.72.146:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /00012/tm.js?r=&1595299259862 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Fri, 17 Feb 2023 13:54:50 GMT
Via: 1.1 vegur
www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/chatbot.js
89.46.110.68404 Not Found 196 B URL HTTP/1.1 www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/chatbot.js
IP 89.46.110.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
fortinet Phishing
GET /_/asset/no.posten.website:1594301215/js/chatbot.js HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 404 Not Found
Server: aruba-proxy
Date: Fri, 17 Feb 2023 13:54:50 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
142.250.74.168302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1373afd5f63dc37d3b1e0cd4a9857230
c6f8ae3f09ce337c9e491f0946bdfe8eab86188a
989490b30a61855760b9f74412798e09385461c1f5f07e630d5fa943bc27a47e
GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-M83DX4
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 17 Feb 2023 13:54:50 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d146aa123635470cfd39942f1f25dcba
274574f078e959a423262a1b95344996299ea1cf
9e2c3a542626c68d479648479e09f9570564d4e1f954f63b6ce97ae939729a3d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E2C3A542626C68D479648479E09F9570564D4E1F954F63B6CE97AE939729A3D"
Last-Modified: Wed, 15 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3961
Expires: Fri, 17 Feb 2023 15:00:51 GMT
Date: Fri, 17 Feb 2023 13:54:50 GMT
Connection: keep-alive
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash 80bafb50039175fef776333e16b5294d
5fbeb1106fa363638176894b6e541eaa91196e8d
cf2d467afda5048859dcdf84ca9ebbff35959def6754ae5dcbd6495038f2ec78
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 17 Feb 2023 13:54:50 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "C0867CEF0EE31AA349D2BC43AB5629DB97BAAEB0"
Expires: Sat, 18 Feb 2023 01:00:00 GMT
Last-Modified: Fri, 17 Feb 2023 13:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2620
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79af0468cdb4b527-OSL
cdn.mycomandia.com/static/shop/common/bundle/bootstrap-4.1.0/css/bootstrap.min.css?v=2019.12.17
176.31.232.62200 OK 73 kB URL HTTP/2 cdn.mycomandia.com/static/shop/common/bundle/bootstrap-4.1.0/css/bootstrap.min.css?v=2019.12.17
IP 176.31.232.62:0
Hash 22746f3faf58ccf05d4f77c1acdf6a8a
07786787f1c7e9232cd8bd1404ba979fce7a1728
6c8d1861349e3b33aca54982490872f631b45725a8f94db3efa233b6bbdae0bd
GET /static/shop/common/bundle/bootstrap-4.1.0/css/bootstrap.min.css?v=2019.12.17 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 17 Feb 2023 13:54:49 GMT
content-type: text/css
last-modified: Thu, 18 Oct 2018 11:43:18 GMT
vary: Accept-Encoding
etag: W/"5bc871d6-22485"
server: rebelio-n1
expires: Sat, 17 Feb 2024 13:54:49 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
www.lmlenzitrasporti.com/page1/rola/posten/file/js
89.46.110.68200 OK 86 kB URL HTTP/1.1 www.lmlenzitrasporti.com/page1/rola/posten/file/js
IP 89.46.110.68:0
File type ASCII text, with very long lines (1578), with CRLF line terminators
Hash 3bc2dba628f72e4cb686cabe461d5817
2e462c205994b0b805bdb67c5270493d4767bbfc
a0244e6ec83e84391c2f82f729629fb848a1d480816753b46e0ab1eed258e516
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
fortinet Phishing
GET /page1/rola/posten/file/js HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 17 Feb 2023 13:54:50 GMT
Content-Length: 86235
Connection: keep-alive
Last-Modified: Mon, 01 Mar 2021 06:20:12 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy233.ad.aruba.it
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
142.250.74.168200 OK 74 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (22818)
Hash b8544067969ec30f354f591bcb6da5e5
4e31f80fe3204efd060bf9af36374baf945ce2db
65c2d3a75e7a2b7dcf47be5f5ec83444fae9e9357576454eef053cf8b0c150fc
GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.lmlenzitrasporti.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 17 Feb 2023 13:54:50 GMT
expires: Fri, 17 Feb 2023 13:54:50 GMT
cache-control: private, max-age=900
last-modified: Fri, 17 Feb 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74109
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b9763adf5a3803ebbbd946989691ebad
79cc60d6949fa803a03f11396f7edc967e6aa8d4
5870c9bdf050b42605bd48728cb5f36ae4628e89e4727bb553c1218ddbfb6846
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 51193703c31973e958c4e7845fde953b
05639ee0175bee76db2b8a1995933491420f04bb
50829dec1e1e26f4415931eb8bec0193dd3df3d3639618ffa175f39f9d6cff2f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158242
Date: Fri, 17 Feb 2023 13:54:50 GMT
Etag: "63ef3b2d-1d7"
Expires: Sun, 19 Feb 2023 09:52:12 GMT
Last-Modified: Fri, 17 Feb 2023 08:30:37 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2_4oqBLpBNA8WOJuq8byRel_q0TksYGoXSHB855Tfiiaosq7JkxVOw==
Age: 4895
www.lmlenzitrasporti.com/page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement
89.46.110.68404 Not Found 196 B URL HTTP/1.1 www.lmlenzitrasporti.com/page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement
IP 89.46.110.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
fortinet Phishing
GET /page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 404 Not Found
Server: aruba-proxy
Date: Fri, 17 Feb 2023 13:54:50 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
142.250.74.168302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1373afd5f63dc37d3b1e0cd4a9857230
c6f8ae3f09ce337c9e491f0946bdfe8eab86188a
989490b30a61855760b9f74412798e09385461c1f5f07e630d5fa943bc27a47e
GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-M83DX4
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 17 Feb 2023 13:54:50 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
in.taskanalytics.com/00012/tm.js?r=&1595293061872
108.128.72.146403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595293061872
IP 108.128.72.146:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /00012/tm.js?r=&1595293061872 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Fri, 17 Feb 2023 13:54:50 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1595293061723
108.128.72.146403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595293061723
IP 108.128.72.146:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /00012/tm.js?r=&1595293061723 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Fri, 17 Feb 2023 13:54:50 GMT
Via: 1.1 vegur
push.services.mozilla.com/
52.36.23.49101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.36.23.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NCzaCMtrQFghkdHb5ONVpg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mB6zY6mXXGjgNujimbK7Wr5t8H4=
www.lmlenzitrasporti.com/page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement
89.46.110.68404 Not Found 196 B URL HTTP/1.1 www.lmlenzitrasporti.com/page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement
IP 89.46.110.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
fortinet Phishing
GET /page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 404 Not Found
Server: aruba-proxy
Date: Fri, 17 Feb 2023 13:54:50 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
142.250.74.168302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1373afd5f63dc37d3b1e0cd4a9857230
c6f8ae3f09ce337c9e491f0946bdfe8eab86188a
989490b30a61855760b9f74412798e09385461c1f5f07e630d5fa943bc27a47e
GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-M83DX4
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 17 Feb 2023 13:54:50 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
in.taskanalytics.com/00012/tm.js?r=&1595285185398
108.128.72.146403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595285185398
IP 108.128.72.146:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /00012/tm.js?r=&1595285185398 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Fri, 17 Feb 2023 13:54:50 GMT
Via: 1.1 vegur
www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/css/postenstyle.css
89.46.110.68404 Not Found 196 B URL HTTP/1.1 www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/css/postenstyle.css
IP 89.46.110.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /_/asset/no.posten.website:1594301215/css/postenstyle.css HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 404 Not Found
Server: aruba-proxy
Date: Fri, 17 Feb 2023 13:54:50 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
142.250.74.168302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1373afd5f63dc37d3b1e0cd4a9857230
c6f8ae3f09ce337c9e491f0946bdfe8eab86188a
989490b30a61855760b9f74412798e09385461c1f5f07e630d5fa943bc27a47e
GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-M83DX4
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 17 Feb 2023 13:54:50 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/bundle.js
89.46.110.68404 Not Found 196 B URL HTTP/1.1 www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/bundle.js
IP 89.46.110.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
fortinet Phishing
GET /_/asset/no.posten.website:1594301215/js/bundle.js HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
Cookie: _gcl_au=1.1.492847991.1676642090
HTTP/1.1 404 Not Found
Server: aruba-proxy
Date: Fri, 17 Feb 2023 13:54:50 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 167cff66da2ad389f3881da21eaf9c4a
d41bde1198e497ded95069effafcba927c07be5c
2f7f1a258056ae5b8cbe7caf0c10e693bb4f67906090a298ca4d0a092d173e95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.mycomandia.com/static/shop/common/fonts/flaticon/Flaticon.woff2
176.31.232.62200 OK 2.0 kB URL HTTP/2 cdn.mycomandia.com/static/shop/common/fonts/flaticon/Flaticon.woff2
IP 176.31.232.62:0
File type Web Open Font Format (Version 2), TrueType, length 2024, version 1.0\012- data
Hash c1b7ca92614b5e76d59b8b467f1d8dd9
6ada3f43e5b4ec1a77383f2af00dd2b3c990af5c
a92c73eb3e53032a9846ca27c2c579b424b45a893ac814288954762e878b5e1b
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /static/shop/common/fonts/flaticon/Flaticon.woff2 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.lmlenzitrasporti.com
Connection: keep-alive
Referer: https://cdn.mycomandia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 17 Feb 2023 13:54:50 GMT
content-type: application/octet-stream
content-length: 2024
last-modified: Tue, 27 Aug 2019 11:07:46 GMT
etag: "5d650f02-7e8"
server: rebelio-n1
expires: Sat, 17 Feb 2024 13:54:50 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=9825057889983;gtm=45He32f0;auiddc=492847991.1676642090;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F?
142.250.74.70200 OK 273 B URL HTTP/2 8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=9825057889983;gtm=45He32f0;auiddc=492847991.1676642090;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (590), with no line terminators
Hash 212939c33a336a7f7f321daf9045ad9d
015536e783027c8e2f3eb81c038284f105bd99f1
9cfa3a8ce9c9425a1775a6bde6722c74dc47c4432168223ad14389148ee867fe
GET /activityi;src=8260928;type=global;cat=postengl;ord=9825057889983;gtm=45He32f0;auiddc=492847991.1676642090;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F? HTTP/1.1
Host: 8260928.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 13:54:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 273
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 17-Feb-2023 14:09:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cb1f5e62b141c5096e8c7d26a07dc226
126ad2b6b2b64a77e8a41c7d13aa350301462272
f63f12b64a341369e32d441bd666ff6e3aa49e3d2464dab168d97dc3ac6d2230
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/chatbot.js
89.46.110.68404 Not Found 196 B URL HTTP/1.1 www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/chatbot.js
IP 89.46.110.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
fortinet Phishing
GET /_/asset/no.posten.website:1594301215/js/chatbot.js HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
Cookie: _gcl_au=1.1.492847991.1676642090
HTTP/1.1 404 Not Found
Server: aruba-proxy
Date: Fri, 17 Feb 2023 13:54:51 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash aca8b73a066e2f30e966c25d0ff80224
c465ff174891c76ba6899a50c81fcdf700887de8
f5a07ec450cba204cf6c38a5ac3d16f0a63811f83816aa874d08148fb6c23e29
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=9825057889983;gtm=45He32f0;auiddc=492847991.1676642090;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F
142.250.74.130200 OK 273 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=9825057889983;gtm=45He32f0;auiddc=492847991.1676642090;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (589), with no line terminators
Hash 7e58b5b289589a04cd358fa3f7be3f28
3e2290dfd0c2c4a394cb8ee2d450a8118fcd8287
fe8d334a7bf3e88bd39edb4ed0a368c783ef30c0939dabd43272f96d62dfc620
GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=9825057889983;gtm=45He32f0;auiddc=492847991.1676642090;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8260928.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 13:54:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 273
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F?
142.250.74.70200 OK 379 B URL HTTP/1.1 8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (514), with no line terminators
Hash b0d6eab9eab3a20438b0bd13da342a70
134028116c2bead7b536a69aff5cdffbe7cef66c
a10b560c3b8f69897480622085a0ab5675665bff0b3e3f8ead749b3f2535c7dc
GET /activityi;src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F? HTTP/1.1
Host: 8260928.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 17 Feb 2023 13:54:51 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 379
X-XSS-Protection: 0
8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D?
142.250.74.70200 OK 427 B URL HTTP/1.1 8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (636), with no line terminators
Hash 78b225543f9ea122bf259d94fd379b4b
cbe260dd69e0791c6479bf8c214f28aa09a41286
e2e8bdcba10a07de068f0c41f8f0c7dd6bfed0b8b0f4aaedae5b263cd70e0362
GET /activityi;src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D? HTTP/1.1
Host: 8260928.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 17 Feb 2023 13:54:51 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 427
X-XSS-Protection: 0
8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D?
142.250.74.70200 OK 427 B URL HTTP/1.1 8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (636), with no line terminators
Hash 7894f56de7efa41c42aab98bd8cd19ba
4a3a8110cc5a2e6deccedda3ac6d00bed188ff10
34c3b01b8c469b58e9933b67e4a12c9dd98ec4daefd4324f0aceb92cf8dd6d44
GET /activityi;src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D? HTTP/1.1
Host: 8260928.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 17 Feb 2023 13:54:51 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 427
X-XSS-Protection: 0
in.taskanalytics.com/00012/tm.js?r=&1676642090326
108.128.72.146403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1676642090326
IP 108.128.72.146:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /00012/tm.js?r=&1676642090326 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Fri, 17 Feb 2023 13:54:51 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1676642090331
108.128.72.146403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1676642090331
IP 108.128.72.146:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /00012/tm.js?r=&1676642090331 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Fri, 17 Feb 2023 13:54:51 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1676642090333
108.128.72.146403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1676642090333
IP 108.128.72.146:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /00012/tm.js?r=&1676642090333 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Fri, 17 Feb 2023 13:54:51 GMT
Via: 1.1 vegur
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0fa96c0ed89bf54a1fb36555f527fcde
00366fa4ab2dbf17dbc987fb055cd9f573ccd30a
6f182e3b430c1e94329d84d1ee10dc550fe1b79f251a8467118cf6102e403a9d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
b.scorecardresearch.com/beacon.js
54.230.111.7200 OK 1.9 kB URL HTTP/1.1 b.scorecardresearch.com/beacon.js
IP 54.230.111.7:0
File type ASCII text, with very long lines (3936)
Hash ccbe1595614949962ea0f4c9ec84e783
65525e8918223db782724d28fce74efb513a0fb0
f422f26d9197a10abf1a13a13a87a5fcc4b98ad57aae11fadfddf2df02b591f5
GET /beacon.js HTTP/1.1
Host: b.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Fri, 17 Feb 2023 03:09:49 GMT
Cache-Control: max-age=86400
ETag: W/"eaf85c1c6758e84acfe134efd70e9373"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IavMji_NbBnebH7J6-TP1nAjIl0Y4TDrN9PiW1bvLDMF9WjSFqgvww==
Age: 38703
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/1.1 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 15375
Last-Modified: Thu, 27 Oct 2022 18:55:37 GMT
Cache-Control: no-cache
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
Accept-Ranges: bytes
Date: Fri, 17 Feb 2023 13:54:51 GMT
X-Served-By: cache-iad-kjyo7100147-IAD, cache-bma1643-BMA
X-Cache: HIT, HIT
Vary: Accept-Encoding,Host
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
connect.facebook.net/en_US/fbevents.js
31.13.72.12301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/en_US/fbevents.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Fri, 17 Feb 2023 13:54:51 GMT
Connection: keep-alive
Content-Length: 0
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/1.1 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
HTTP/1.1 304 Not Modified
Connection: keep-alive
Date: Fri, 17 Feb 2023 13:54:51 GMT
Cache-Control: no-cache
ETag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
X-Served-By: cache-bma1643-BMA
X-Cache: HIT
Vary: Accept-Encoding,Host
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
snap.licdn.com/li.lms-analytics/insight.min.js
95.101.11.57200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 95.101.11.57:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=48444
date: Fri, 17 Feb 2023 13:54:51 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
script.hotjar.com/modules.a1fbf755044ca8f629ba.js
54.230.111.44200 OK 89 kB URL HTTP/2 script.hotjar.com/modules.a1fbf755044ca8f629ba.js
IP 54.230.111.44:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash db69fc2480d3485a988c1628d311d0c0
82abdfda4d399e9e8032a71f1f962e91ad80860f
7517e0f2be2260c0cd09514fb51ac73f72751caa5e58e4fa5267732f3862b318
GET /modules.a1fbf755044ca8f629ba.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 88758
date: Thu, 05 Jan 2023 12:22:43 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "db69fc2480d3485a988c1628d311d0c0"
last-modified: Wed, 22 Jul 2020 09:42:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1qkmceZ9N488uRQMg5oBG6Y16VJ2ZboiHFziMV341CJzVhgsJs36Gg==
age: 3720728
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/1.1 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
HTTP/1.1 304 Not Modified
Connection: keep-alive
Date: Fri, 17 Feb 2023 13:54:51 GMT
Cache-Control: no-cache
ETag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
X-Served-By: cache-bma1643-BMA
X-Cache: HIT
Vary: Accept-Encoding,Host
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
www.google-analytics.com/analytics.js
216.239.38.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.38.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 17 Feb 2023 13:45:20 GMT
expires: Fri, 17 Feb 2023 15:45:20 GMT
cache-control: public, max-age=7200
age: 571
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vars.hotjar.com/box-XMRheight:%201px%20!important;%20opacity:%200%20!important;%20pointer-events:%20none%20!important;
108.157.214.129403 Forbidden 243 B URL HTTP/2 vars.hotjar.com/box-XMRheight:%201px%20!important;%20opacity:%200%20!important;%20pointer-events:%20none%20!important;
IP 108.157.214.129:0
Hash 99f9507d367503cef34bfca45c0f21f9
a44c4b0a5af5266fd7d55760666eadd66bb60026
0ada8172f6200fa100fd564581677668ecc37c48334eb87202c63c6220a23b77
GET /box-XMRheight:%201px%20!important;%20opacity:%200%20!important;%20pointer-events:%20none%20!important; HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/xml
content-length: 243
date: Fri, 17 Feb 2023 13:54:51 GMT
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 30a448a0dbd4a52ea118d2e64f0535c8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Qmsq3zEdUuO2ZlCZ-Y2KIbWYTuZxn1CW9f3vdfzAPMS7J3tPttW-fQ==
X-Firefox-Spdy: h2
www.google-analytics.com/plugins/ua/linkid.js
216.239.38.178200 OK 859 B URL HTTP/2 www.google-analytics.com/plugins/ua/linkid.js
IP 216.239.38.178:0
File type ASCII text, with very long lines (1335)
Hash 904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237
GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Feb 2023 13:47:21 GMT
expires: Fri, 17 Feb 2023 14:47:21 GMT
cache-control: public, max-age=3600
age: 450
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-507531.js?sv=7
54.230.111.39200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-507531.js?sv=7
IP 54.230.111.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/hotjar-507531.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Fri, 17 Feb 2023 13:54:02 GMT
cache-control: max-age=60
etag: W/d41d8cd98f00b204e9800998ecf8427e
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aOBvy_yDFp83HKFqX5-ufCXcifugTiJck2hUzcsMMJXKIs9mhfnqEw==
age: 49
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1d265a8dd327a623f78bca3983a79e02
61e62434256bfbb2a88b27f50b059c03580300ca
cada3b43d2add1edbac39f050ec315498f12b2ec3c8ea1061322054ec5c56549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion_async.js
142.250.74.34200 OK 15 kB URL HTTP/2 www.googleadservices.com/pagead/conversion_async.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (1654)
Hash 74ace29e686ae4445710506fba552bd5
f09b4d13010f36b8f3efb0442b3d6e616e26a643
f655be0a03ae5bb0d71fae713a55c95462e40c688c2154221ba8c95d94917ff1
GET /pagead/conversion_async.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 17 Feb 2023 13:54:51 GMT
expires: Fri, 17 Feb 2023 13:54:51 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 10376002428160754156
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15164
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/undefined/?random=1676642090014&cv=11&fst=1676642090014&bg=ffffff&guid=ON&async=1>m=45He32f0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=492847991.1676642090&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
216.58.211.4302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/undefined/?random=1676642090014&cv=11&fst=1676642090014&bg=ffffff&guid=ON&async=1>m=45He32f0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=492847991.1676642090&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 216.58.211.4:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/undefined/?random=1676642090014&cv=11&fst=1676642090014&bg=ffffff&guid=ON&async=1>m=45He32f0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=492847991.1676642090&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 13:54:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/undefined/?random=1676642090014&cv=11&fst=1676642090014&bg=ffffff&guid=ON&async=1>m=45He32f0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=492847991.1676642090&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.lmlenzitrasporti.com/_/image/60b33711-0a7f-40bc-974b-0209e50dae4a:91dbc5bf28c5fb069b0219ca5856e5da19efea66/square-192/posten-logo.png
89.46.110.68404 Not Found 196 B URL HTTP/1.1 www.lmlenzitrasporti.com/_/image/60b33711-0a7f-40bc-974b-0209e50dae4a:91dbc5bf28c5fb069b0219ca5856e5da19efea66/square-192/posten-logo.png
IP 89.46.110.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /_/image/60b33711-0a7f-40bc-974b-0209e50dae4a:91dbc5bf28c5fb069b0219ca5856e5da19efea66/square-192/posten-logo.png HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
Cookie: _gcl_au=1.1.492847991.1676642090
HTTP/1.1 404 Not Found
Server: aruba-proxy
Date: Fri, 17 Feb 2023 13:54:51 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f8e34919a45c91c9c24ade6931afd022
388e683ca7de47486837127ab54d6265867443ea
c2ff7fece933be0048e1d6b1b82afec259124974fa63ab86f789981bfcb1eb78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.lmlenzitrasporti.com/_/image/60b33711-0a7f-40bc-974b-0209e50dae4a:91dbc5bf28c5fb069b0219ca5856e5da19efea66/square-16/posten-logo.png
89.46.110.68404 Not Found 196 B URL HTTP/1.1 www.lmlenzitrasporti.com/_/image/60b33711-0a7f-40bc-974b-0209e50dae4a:91dbc5bf28c5fb069b0219ca5856e5da19efea66/square-16/posten-logo.png
IP 89.46.110.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /_/image/60b33711-0a7f-40bc-974b-0209e50dae4a:91dbc5bf28c5fb069b0219ca5856e5da19efea66/square-16/posten-logo.png HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
Cookie: _gcl_au=1.1.492847991.1676642090
HTTP/1.1 404 Not Found
Server: aruba-proxy
Date: Fri, 17 Feb 2023 13:54:51 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1bf3278c2046b4fdb1f775dca9bc8b16
54fa26cf0329818b9878e437a59ddccc8d72d35f
f794ad5a7249fe547829bc49ec42f96270f9de8ce9b17c1581e06c0ff3e9785d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5948
Cache-Control: max-age=159692
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:51 GMT
Etag: "63ef3cbb-1d7"
Expires: Sun, 19 Feb 2023 10:16:23 GMT
Last-Modified: Fri, 17 Feb 2023 08:37:15 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
www.gstatic.com/images/branding/product/2x/translate_24dp.png
216.58.211.3200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 216.58.211.3:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Feb 2023 10:24:39 GMT
expires: Sat, 17 Feb 2024 10:24:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 12612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f8e34919a45c91c9c24ade6931afd022
388e683ca7de47486837127ab54d6265867443ea
c2ff7fece933be0048e1d6b1b82afec259124974fa63ab86f789981bfcb1eb78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash be5a1814429d0a129322abda3791987f
9e0eeee65e17a9c6df149ed1f01d3d7194833fd8
75afa897dd6f4b97b0697589569c7c4f87e32b79addf981febc78a4ff741210e
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: l4mezuTX2daMM4ARayR4CGp613OdXqjIJDL6Z5PzHcr2oRfyTkARIFdY/iTHYS5K/I0cFpZh/Q66mhpXVOD5GQ==
content-length: 27843
x-fb-trip-id: 1904183273
date: Fri, 17 Feb 2023 13:54:51 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
encrypted-tbn0.gstatic.com/images?q=tbn%3AANd9GcQTrX8MP4pA-vzwCA0DiAM71Fj69Cm9CP7aY7NITLF99rsGcwM9
142.250.74.78200 OK 6.2 kB URL HTTP/2 encrypted-tbn0.gstatic.com/images?q=tbn%3AANd9GcQTrX8MP4pA-vzwCA0DiAM71Fj69Cm9CP7aY7NITLF99rsGcwM9
IP 142.250.74.78:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash 2063951383d22405d0663550e2ed3762
6a256b7cdec8d0e0aaf2c86c17e7cc34693a609e
0fb41ab8877699782e17566fafad17e01b8d04b840db658583cb0d3b9508fff4
GET /images?q=tbn%3AANd9GcQTrX8MP4pA-vzwCA0DiAM71Fj69Cm9CP7aY7NITLF99rsGcwM9 HTTP/1.1
Host: encrypted-tbn0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 6238
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Feb 2023 06:24:19 GMT
expires: Sat, 17 Feb 2024 06:24:19 GMT
cache-control: public, max-age=31536000
age: 27032
last-modified: Thu, 28 Dec 2017 03:23:06 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d56fcc1e441a5a55e8e534be7b4f0e78
534216c89feed8f38c5b289ba5134f2b74b714ce
32b19f3ef1a5d882a0b243a836adc26bf4c854cc40aa2ae9fac271e6f32b5241
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/1x/translate_24dp.png
216.58.211.3200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 216.58.211.3:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Feb 2023 08:21:26 GMT
expires: Sat, 17 Feb 2024 08:21:26 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 20005
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c9e6e005454b8541d1c2b06348e59b91
8f7f5ae9386edf53c6dc1cffed0a1d89ebb413cd
92e1518234ecff2b0656e1714f63ff8501eb727addcdcfc5c293a42eef177765
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1676642090014&cv=11&fst=1676642090014&fmt=3&bg=ffffff&guid=ON&async=1>m=45He32f0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=492847991.1676642090&gcp=1&ct_cookie_present=1
216.58.207.194200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1676642090014&cv=11&fst=1676642090014&fmt=3&bg=ffffff&guid=ON&async=1>m=45He32f0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=492847991.1676642090&gcp=1&ct_cookie_present=1
IP 216.58.207.194:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/undefined/?random=1676642090014&cv=11&fst=1676642090014&fmt=3&bg=ffffff&guid=ON&async=1>m=45He32f0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=492847991.1676642090&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 13:54:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 17-Feb-2023 14:09:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/up/pixie.js
151.101.65.108200 OK 3.3 kB URL HTTP/1.1 acdn.adnxs.com/dmp/up/pixie.js
IP 151.101.65.108:0
File type ASCII text, with very long lines (9139), with no line terminators
Hash 75b9af81e30e45403e6856566e888545
d013e9a47331447f32c2bdf6f35b286e711788f0
dd26e2e55783f6174ceea7c7a3b10e5af1c7fca56fc2543956a38b848f32a151
GET /dmp/up/pixie.js HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3340
Server: nginx/1.18.0 (Ubuntu)
Content-Type: application/javascript
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
ETag: W/"60b79de0-23b3"
Expires: Fri, 27 Jan 2023 02:11:02 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 17 Feb 2023 13:54:51 GMT
Age: 42187
X-Served-By: cache-lga21930-LGA, cache-bma1654-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 101, 6916
X-Timer: S1676642091.490321,VS0,VE0
Vary: Accept-Encoding
adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D
142.250.74.162200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 13:54:51 GMT
expires: Fri, 17 Feb 2023 13:54:51 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F
142.250.74.162200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 13:54:51 GMT
expires: Fri, 17 Feb 2023 13:54:51 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D
142.250.74.162200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 13:54:51 GMT
expires: Fri, 17 Feb 2023 13:54:51 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b617ba367e1ea63751230f57dea54575
e8e5b334030322c32596b4b8ca13688ae94426f5
7a9f17f10e76770dfd7ec9d725225699cf1364ec83f5d0ec077774f388605245
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c9e6e005454b8541d1c2b06348e59b91
8f7f5ae9386edf53c6dc1cffed0a1d89ebb413cd
92e1518234ecff2b0656e1714f63ff8501eb727addcdcfc5c293a42eef177765
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fc63911e4661aa872ac148ba0e622495
8c71e1a1ca7a84edaeda049a242868a603685883
f9801dcdaab6db35dde3127add82844087ebdba6bf3149e4b54946e5e8e234d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=9825057889983;gtm=45He32f0;auiddc=492847991.1676642090;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F
142.250.74.162200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=9825057889983;gtm=45He32f0;auiddc=492847991.1676642090;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=9825057889983;gtm=45He32f0;auiddc=492847991.1676642090;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 13:54:51 GMT
expires: Fri, 17 Feb 2023 13:54:51 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1bf3278c2046b4fdb1f775dca9bc8b16
54fa26cf0329818b9878e437a59ddccc8d72d35f
f794ad5a7249fe547829bc49ec42f96270f9de8ce9b17c1581e06c0ff3e9785d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5948
Cache-Control: max-age=159692
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:51 GMT
Etag: "63ef3cbb-1d7"
Expires: Sun, 19 Feb 2023 10:16:23 GMT
Last-Modified: Fri, 17 Feb 2023 08:37:15 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f8e34919a45c91c9c24ade6931afd022
388e683ca7de47486837127ab54d6265867443ea
c2ff7fece933be0048e1d6b1b82afec259124974fa63ab86f789981bfcb1eb78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 4311193f1701ae091d50ba2eeabf36be
5c857e688f238adde8e19e470568a05f97a3d93e
021728417b1d75143bbf5bc1e926a50c17bd3ecd910c3090cc9efd03e43ee561
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 17 Feb 2023 13:54:51 GMT
Last-Modified: Fri, 17 Feb 2023 12:16:27 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FRX3epRDLJlkld740SSqXKOen5EezeYJFLsduU9kFFmfvDRRYEHAQA==
Age: 5904
www.google.no/pagead/1p-conversion/undefined/?random=1676642090014&cv=11&fst=1676642090014&bg=ffffff&guid=ON&async=1>m=45He32f0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=492847991.1676642090&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.35200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/undefined/?random=1676642090014&cv=11&fst=1676642090014&bg=ffffff&guid=ON&async=1>m=45He32f0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=492847991.1676642090&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.35:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/undefined/?random=1676642090014&cv=11&fst=1676642090014&bg=ffffff&guid=ON&async=1>m=45He32f0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=492847991.1676642090&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.lmlenzitrasporti.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 13:54:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c8e9eeefa5d57aae7902f22001cacc91
30a9795bf30ff5c1056f506d866b00535defaeac
22d15f22115215143d2e173bf51e1b694de15e43d86ae46107fed2af7c15eca7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4e2047d0030ab6ef9ef1aa93bc0e225b
6d370262f2ba2ad80b2bc2ce29ca47a4ad0a7134
77d6af824538cdbd9dcd7e62429c5c5f1fa0970c4a8ddc358d0e95d2049b0140
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Feb 2023 13:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
6015663.global.siteimproveanalytics.io/image.aspx?url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&title=Posten.no&res=1280x1024&accountid=6015663&rt=1151&prev=ef9abbd6-61c1-d113-a291-3023913dccad&luid=eed2a69c-1e45-7e9b-643a-fbd9f014e8bb&rnd=24013
3.122.28.13200 OK 34 B URL HTTP/2 6015663.global.siteimproveanalytics.io/image.aspx?url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&title=Posten.no&res=1280x1024&accountid=6015663&rt=1151&prev=ef9abbd6-61c1-d113-a291-3023913dccad&luid=eed2a69c-1e45-7e9b-643a-fbd9f014e8bb&rnd=24013
IP 3.122.28.13:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash a82ba3a9d42148e9cf209df13d8c3f3d
dba80835d31175bdcf0bcad1abafefb06d86e304
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
Analyzer Verdict Alert urlquery phishing Phishing - Posten Norge
GET /image.aspx?url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&title=Posten.no&res=1280x1024&accountid=6015663&rt=1151&prev=ef9abbd6-61c1-d113-a291-3023913dccad&luid=eed2a69c-1e45-7e9b-643a-fbd9f014e8bb&rnd=24013 HTTP/1.1
Host: 6015663.global.siteimproveanalytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 17 Feb 2023 13:54:51 GMT
content-type: image/gif
content-length: 34
set-cookie: AWSALB=lK5dr9ANBnq6dutxKQY7Bkawz5KVrTX9+MDz/HAfLoDVVhpMmAzP5S30/pgC1zA4O3ebM915NVnoo75PrTBbs40Pmtb1sx3qSpwpNfcFHfl927/5B1NlDKmRhBl8; Expires=Fri, 24 Feb 2023 13:54:51 GMT; Path=/
AWSALBCORS=lK5dr9ANBnq6dutxKQY7Bkawz5KVrTX9+MDz/HAfLoDVVhpMmAzP5S30/pgC1zA4O3ebM915NVnoo75PrTBbs40Pmtb1sx3qSpwpNfcFHfl927/5B1NlDKmRhBl8; Expires=Fri, 24 Feb 2023 13:54:51 GMT; Path=/; SameSite=None; Secure
cache-control: max-age=0
expires: Fri, 17 Feb 2023 13:54:51 UTC
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d5c646f380041ed1ac1a7ab27727520c
ecdaf9bcfa5f857591fccd16f54508f446a3d17d
365c720e726309a6f71f7867158cd3eac4af6da979f482fb267f877f0824b6ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "365C720E726309A6F71F7867158CD3EAC4AF6DA979F482FB267F877F0824B6BA"
Last-Modified: Wed, 15 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6793
Expires: Fri, 17 Feb 2023 15:48:04 GMT
Date: Fri, 17 Feb 2023 13:54:51 GMT
Connection: keep-alive
ib.adnxs.com/pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1676642090774&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1676642090774&et=1676642090774&if=0
37.252.172.123200 OK 42 B URL HTTP/1.1 ib.adnxs.com/pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1676642090774&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1676642090774&et=1676642090774&if=0
IP 37.252.172.123:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1676642090774&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1676642090774&et=1676642090774&if=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 17 Feb 2023 13:54:51 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1676642090774&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1676642090774&et=1676642090775&if=0
37.252.172.123200 OK 42 B URL HTTP/1.1 ib.adnxs.com/pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1676642090774&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1676642090774&et=1676642090775&if=0
IP 37.252.172.123:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1676642090774&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1676642090774&et=1676642090775&if=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 17 Feb 2023 13:54:51 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/pixie?e=PageView&pi=9c3f7c51-769b-4487-8db5-bef9b5c66993&it=1676642090775&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1676642090774&et=1676642090776&if=0
37.252.172.123200 OK 42 B URL HTTP/1.1 ib.adnxs.com/pixie?e=PageView&pi=9c3f7c51-769b-4487-8db5-bef9b5c66993&it=1676642090775&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1676642090774&et=1676642090776&if=0
IP 37.252.172.123:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixie?e=PageView&pi=9c3f7c51-769b-4487-8db5-bef9b5c66993&it=1676642090775&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1676642090774&et=1676642090776&if=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 17 Feb 2023 13:54:51 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1676642090561&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1676642090561&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=&time=1676642090561&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: bcookie="v=2&d232446d-3dcc-473f-8a71-7fb6a79812c0"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 17-Feb-2024 13:54:51 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2434:u=1:x=1:i=1676642091:t=1676728491:v=2:sig=AQEhHfFfyEIzJ6Jmy1R-A7QnKj0cKUWT"; Expires=Sat, 18 Feb 2023 13:54:51 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAX05ahJ3TZTFCbiLoM8iA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 61AE46A0B931410F8CB4E84356AD45D6 Ref B: OSL30EDGE0408 Ref C: 2023-02-17T13:54:51Z
date: Fri, 17 Feb 2023 13:54:51 GMT
content-length: 0
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=843920095719058&ev=PageView&dl=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&rl=&if=false&ts=1676642091015&sw=1280&sh=1024&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676642091013.477667065&it=1676642090689&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=843920095719058&ev=PageView&dl=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&rl=&if=false&ts=1676642091015&sw=1280&sh=1024&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676642091013.477667065&it=1676642090689&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=843920095719058&ev=PageView&dl=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&rl=&if=false&ts=1676642091015&sw=1280&sh=1024&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676642091013.477667065&it=1676642090689&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 17 Feb 2023 13:54:51 GMT
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4203309&@f16&@g1&@h1&@i1&@j1676642090574&@k0&@l1&@mPosten.no&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:49682866&@b3:1676642091&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&@w
149.56.240.131200 OK 50 B URL HTTP/1.1 s4.histats.com/stats/0.php?4203309&@f16&@g1&@h1&@i1&@j1676642090574&@k0&@l1&@mPosten.no&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:49682866&@b3:1676642091&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&@w
IP 149.56.240.131:0
File type ASCII text, with no line terminators
Hash 9cd6ede28cfc6e5ac6d6a8f5da778bf1
00eea7749a59d2d9de93de5277e166649840357e
deb98550d0786ba57242229448ac976dfc908fca9fca55a0a207481d41334da7
GET /stats/0.php?4203309&@f16&@g1&@h1&@i1&@j1676642090574&@k0&@l1&@mPosten.no&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:49682866&@b3:1676642091&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 17 Feb 2023 13:54:51 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 50
Connection: close
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a21c31f8f5210f5b628c9b281f409240
afdfdd353a8da5d06d15c2c62e8a6a14e6c91c76
daf360f8bd98efd15166c73f888aa7f69453c3b5ff1848f819741ffd183a1965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAF360F8BD98EFD15166C73F888AA7F69453C3B5FF1848F819741FFD183A1965"
Last-Modified: Wed, 15 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6836
Expires: Fri, 17 Feb 2023 15:48:47 GMT
Date: Fri, 17 Feb 2023 13:54:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a21c31f8f5210f5b628c9b281f409240
afdfdd353a8da5d06d15c2c62e8a6a14e6c91c76
daf360f8bd98efd15166c73f888aa7f69453c3b5ff1848f819741ffd183a1965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAF360F8BD98EFD15166C73F888AA7F69453C3B5FF1848F819741FFD183A1965"
Last-Modified: Wed, 15 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6836
Expires: Fri, 17 Feb 2023 15:48:47 GMT
Date: Fri, 17 Feb 2023 13:54:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c5a0bab7d34e51ee6476be179b356ba
87917d3cf520d73b7b1029f44505e7700413d51d
136e727a99409218318247b645558fad485ed84bcd90bd43a5895492cb317d89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6879
x-amzn-requestid: 18c46562-f8d9-4f7f-8ea0-1bb46e206f80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ANnahEWgIAMFwYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e885dc-50a7cfe4693b4efb038ce1a7;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 06:23:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qwK1XWOYMXy8qna9sVCV7q__QKMko9KXa8towbYhIj1EolPbqEuIHQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Feb 2023 15:50:12 GMT
age: 79480
etag: "87917d3cf520d73b7b1029f44505e7700413d51d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff85c78-1c5e-4e0e-b056-c59edc64e066.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff85c78-1c5e-4e0e-b056-c59edc64e066.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6a689195f741507797cbfee1088b6096
7114ea3a2073e2a9356a82611300afb43a44af02
8e304f2e413644bd97225abaf443121aea7a8b1ae5237cfffd8acd0bc9ece258
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff85c78-1c5e-4e0e-b056-c59edc64e066.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8683
x-amzn-requestid: 52627a4c-8764-4aa7-9d95-5a364a5c48a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AKaBSGKgoAMFesw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e73d3b-40df63f72db14cab7d4f2e7b;Sampled=0
x-amzn-remapped-date: Sat, 11 Feb 2023 07:01:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: knG5uaFviCGKFtYeHBxEV6VPTGJwElhQuruCBPn0mN-iKtITf06_ag==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Feb 2023 00:15:13 GMT
age: 49179
etag: "7114ea3a2073e2a9356a82611300afb43a44af02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2836952b-4531-4fd4-b65f-4b46b34c589e.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2836952b-4531-4fd4-b65f-4b46b34c589e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2eae6226e2383cf7a14956fb5e00973
207870779f0bc576f842c3444c8a36cfb83827e7
1339bb05cf778cda51646dff372080356ec3d215ebe59fe8a8c3478422fe16ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2836952b-4531-4fd4-b65f-4b46b34c589e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6975
x-amzn-requestid: a51f7d5f-b9f5-45ad-a864-fcf92ee45a09
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AHHalERAoAMFZRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e5ec43-2aa1297878995458524758f3;Sampled=0
x-amzn-remapped-date: Fri, 10 Feb 2023 07:03:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JbtPJs7uVnoMc8WtfcO85KEK8e8c439tQuWcGzILuYVC0-LCOS84DA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Feb 2023 22:18:33 GMT
age: 56179
etag: "207870779f0bc576f842c3444c8a36cfb83827e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4748156e-3671-4964-bccd-dcff5a4dcabd.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4748156e-3671-4964-bccd-dcff5a4dcabd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f696a6d6b899ea990863fd3f6cef50b
15ed196a642a4e767c5527ec92e346109632fbbb
afd3a83fffd1b1d3df4c95632b78508e6509e369fea66b3e78cca1db1dd97d92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4748156e-3671-4964-bccd-dcff5a4dcabd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6486
x-amzn-requestid: 9cd0762a-003f-45fd-ad59-2cb9d1c9a1e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ac4-lESQIAMFlhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eea1f6-22c2261c4bdfab1d44a07164;Sampled=0
x-amzn-remapped-date: Thu, 16 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3a6crVzn1im5K9oMA5RqaEIjX2vluZ5yCcIkAfTUTB0cluzbzJbTGA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Feb 2023 21:53:13 GMT
age: 57699
etag: "15ed196a642a4e767c5527ec92e346109632fbbb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7840d7de-9548-4fc6-97b8-8f5af718cc5a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7840d7de-9548-4fc6-97b8-8f5af718cc5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6ed56061e371e2163c8ff504a3b5bd2a
e337c3263d41c1605b2ea4f78c507a1ee730b0f4
fafce9ccbddf16f92f386fb1bb9d29c078618f85fb7bb23ed4f4687f8aa4242b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7840d7de-9548-4fc6-97b8-8f5af718cc5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12174
x-amzn-requestid: a37ded49-6b05-4236-830f-34c498e7b3fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AP-HEGcHoAMFR-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e976f9-3786bcc94a3da2b20cc92ca3;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 23:32:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BbGasX05lf87Z_FlXXsC_1MblqxA663fIg6WrunSGlDhq-T2cT46Dw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Feb 2023 21:51:33 GMT
age: 57799
etag: "e337c3263d41c1605b2ea4f78c507a1ee730b0f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff32076f9-7699-4060-8c4f-8ca2cdd454e2.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff32076f9-7699-4060-8c4f-8ca2cdd454e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 043c29f528f5414d1e280640e7bd6d79
5006aea566216e56530d02f3133b5eb0d15fd1a5
01c099af56ff9d26301d66f1bca427d41c7096ec687551b656edac95b0520e4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff32076f9-7699-4060-8c4f-8ca2cdd454e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8813
x-amzn-requestid: 510cb459-2870-46eb-9c53-da577d62f83c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AdPCKEggoAMF3vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eec540-23f553c202ad097f53c58dc4;Sampled=0
x-amzn-remapped-date: Fri, 17 Feb 2023 00:07:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: F-Wi5siD9pPdWz8E84A8TeiWrgMnHr-3IiQuPjp2zz6RpCHSxUX09A==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Feb 2023 00:45:51 GMT
age: 47341
etag: "5006aea566216e56530d02f3133b5eb0d15fd1a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=PT+Sans:400,700
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=PT+Sans:400,700
IP 142.250.74.138:0
GET /css?family=PT+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 17 Feb 2023 13:54:49 GMT
date: Fri, 17 Feb 2023 13:54:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.mycomandia.com/static/shop/common/bundle/font-awesome-5/web-fonts-with-css/css/fontawesome-all.min.css?v=2019.12.17
176.31.232.62200 OK 0 B URL HTTP/2 cdn.mycomandia.com/static/shop/common/bundle/font-awesome-5/web-fonts-with-css/css/fontawesome-all.min.css?v=2019.12.17
IP 176.31.232.62:0
GET /static/shop/common/bundle/font-awesome-5/web-fonts-with-css/css/fontawesome-all.min.css?v=2019.12.17 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 17 Feb 2023 13:54:49 GMT
content-type: text/css
last-modified: Thu, 18 Oct 2018 11:43:16 GMT
vary: Accept-Encoding
etag: W/"5bc871d4-8ef7"
server: rebelio-n1
expires: Sat, 17 Feb 2024 13:54:49 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
posten.boost.ai/chatPanel/chatPanel.js
63.32.138.97200 OK 0 B URL HTTP/2 posten.boost.ai/chatPanel/chatPanel.js
IP 63.32.138.97:0
GET /chatPanel/chatPanel.js HTTP/1.1
Host: posten.boost.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 17 Feb 2023 13:54:50 GMT
content-type: application/javascript
server: Apache
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=94608000; includeSubDomains
access-control-max-age: 600
access-control-allow-headers: origin, content-type, accept, x-csrf-token, X-Requested-With, Access-Control-Request-Method, Access-Control-Request-Headers, X-CSRF-TOKEN, X-XSRF-TOKEN, X-XHR-Logon, x-ms-client-application-name, x-ms-client-request-id, x-ms-client-session-id, x-ms-effective-locale
x-robots-tag: noindex
last-modified: Fri, 17 Feb 2023 13:15:53 GMT
etag: "ba81d-5f4e51ce96afd-gzip"
accept-ranges: bytes
cache-control: max-age=600
expires: Fri, 17 Feb 2023 14:04:50 GMT
vary: Accept-Encoding,Origin
content-encoding: gzip
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2