r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8959
Expires: Tue, 13 Sep 2022 06:11:32 GMT
Date: Tue, 13 Sep 2022 03:42:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 03:08:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xi1P-Fqg2jSE9sgfz-5Gmlu0T9fEnoaCBN9J19QHDMa1Bg2ehG6xAA==
Age: 2014
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mOHWjo1dNDre1HbPmyOoTvzeT4klSdmCS1jn2iunASt2ZZbsg7QSKQ==
age: 73502
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 03:42:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 13 Sep 2022 03:03:22 GMT
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 03:59:26 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pPL_HRvSFovM-g3kYV6Wm7Lg7TxKY8JangChkLRhZfg17qazSo7otQ==
Age: 2332
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5972
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:42:14 GMT
Last-Modified: Tue, 13 Sep 2022 02:02:42 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.228.200101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.228.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Os5QInLqUouaorhQxusAmw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eYT6hVgi4W2atA6rW+iCWDdLMO0=
fonts.googleapis.com/css?family=Gilda%2BDisplay%7CRoboto%3A300%2C400%2C700&ver=1.0.0
142.250.74.10200 OK 644 B URL HTTP/1.1 fonts.googleapis.com/css?family=Gilda%2BDisplay%7CRoboto%3A300%2C400%2C700&ver=1.0.0
IP 142.250.74.10:0
Hash c37220772084d5de0fc7e880519f74c5
f7b165990f075bc6703a8844ef9827bd75eed087
98c106f2ec5866f93b1b4359063ed89572a650e2e4026e88f99e391d465468fa
GET /css?family=Gilda%2BDisplay%7CRoboto%3A300%2C400%2C700&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 13 Sep 2022 03:42:15 GMT
Date: Tue, 13 Sep 2022 03:42:15 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Gilda+Display&ver=4.9.21
142.250.74.10200 OK 348 B URL HTTP/1.1 fonts.googleapis.com/css?family=Gilda+Display&ver=4.9.21
IP 142.250.74.10:0
Hash 804cbbcb6e3a4c8fcca3970249e3bf64
5fd636f5520d543c8629a898abc23f5bbf205ecb
2710deb218bae945f07bf03d2a3cc40e5fb6331ab27f43797306de7f0b403b7c
GET /css?family=Gilda+Display&ver=4.9.21 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 13 Sep 2022 03:42:15 GMT
Date: Tue, 13 Sep 2022 03:42:15 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700&ver=4.9.21
142.250.74.10200 OK 644 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700&ver=4.9.21
IP 142.250.74.10:0
Hash c37220772084d5de0fc7e880519f74c5
f7b165990f075bc6703a8844ef9827bd75eed087
98c106f2ec5866f93b1b4359063ed89572a650e2e4026e88f99e391d465468fa
GET /css?family=Roboto%3A300%2C400%2C700&ver=4.9.21 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 13 Sep 2022 03:42:15 GMT
Date: Tue, 13 Sep 2022 03:42:15 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
81.88.48.78200 OK 58 kB URL HTTP/1.1 hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2685), with CRLF, LF line terminators
Hash 73d37849902dad2148a5951e35cdabe0
642c41632f5a040f3a3c5699bc73cc48d3ca8a2c
c4406c7715984080e91eedcfae8c32a82ca747f608748465b0421e17c51e49f9
Analyzer Verdict Alert fortinet Phishing
GET /2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/ HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:13 GMT
Server: Apache
Link: <http://hotelthequeen.it/wp-json/>; rel="https://api.w.org/", <http://hotelthequeen.it/?p=26564>; rel=shortlink
Content-Type: text/html; charset=UTF-8
Content-Language: it
Connection: close
Transfer-Encoding: chunked
hotelthequeen.it/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.5
81.88.48.78200 OK 1.7 kB URL HTTP/1.1 hotelthequeen.it/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.5
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
Hash 5ad1cfa3f5175f627385651790ed0bbd
7a06ac744a748ce4c315c798614d6d0068596cc4
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.5 HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Wed, 20 Nov 2019 10:58:47 GMT
Accept-Ranges: bytes
Content-Length: 1685
Connection: close
Content-Type: text/css
Content-Language: it
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7faa6a78f896de4528c8cc9ed35bfa11
199ad87495595163d7d16b1eddb9506c8ddb4918
7effc4afbb7417799d0ecbb32fce2a94cba732e488fd4ce81ba5a77f4d7c13ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:42:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hotelthequeen.it/wp-content/plugins/nd-booking/assets/css/style.css?ver=4.9.21
81.88.48.78200 OK 25 kB URL HTTP/1.1 hotelthequeen.it/wp-content/plugins/nd-booking/assets/css/style.css?ver=4.9.21
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
Hash c9f21abe183fead10275a9043c47dd9a
9c73a38c6bdf7a062975b09fd460dfe7820ef6fa
b4e42855d7b4af4da50f00358831cdbabbe9016d20f165a4b43e2e7465e6fa04
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nd-booking/assets/css/style.css?ver=4.9.21 HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Wed, 20 Nov 2019 10:58:31 GMT
Accept-Ranges: bytes
Content-Length: 24816
Connection: close
Content-Type: text/css
Content-Language: it
hotelthequeen.it/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.6.3.1
81.88.48.78200 OK 30 kB URL HTTP/1.1 hotelthequeen.it/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.6.3.1
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (29701), with CRLF line terminators
Hash c4ce361995ff4e22f22c79d0ead65f35
2d07f0f1b10bef9b90540bb14181c019b0a32c2e
b0b1b6ccfa5a09e69e2e1e89777043a637e23f5b9aecc0a3a86e04495804b239
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.6.3.1 HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Thu, 21 Dec 2017 16:55:55 GMT
Accept-Ranges: bytes
Content-Length: 30072
Connection: close
Content-Type: text/css
Content-Language: it
www.google.com/recaptcha/api.js?render=6LeQ9vwZAAAAACt2UMQFu4LLDhRE-WEBMVyKJr8B&ver=3.0
142.250.74.164200 OK 588 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LeQ9vwZAAAAACt2UMQFu4LLDhRE-WEBMVyKJr8B&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 90674d0f01c18b21fc29613b19264722
c19eaf16c910f4e6b74895db28bd993de7d4c416
f00764c15a2b784429cf8ec1bd3fcbe1a728e40a34d561de55615d1c4ce8c741
GET /recaptcha/api.js?render=6LeQ9vwZAAAAACt2UMQFu4LLDhRE-WEBMVyKJr8B&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hotelthequeen.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 13 Sep 2022 03:42:15 GMT
date: Tue, 13 Sep 2022 03:42:15 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 588
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hotelthequeen.it/wp-content/plugins/nd-shortcodes/css/style.css?ver=4.9.21
81.88.48.78200 OK 42 kB URL HTTP/1.1 hotelthequeen.it/wp-content/plugins/nd-shortcodes/css/style.css?ver=4.9.21
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (309)
Hash 882f7da09276ad38383b6227f3c83959
e3d7281ae5a5c3e6e971c1fd9d620be954ab2ee6
01064ec8246c1e05a8b12a9177f43ec66037d1a70eb18e91ace6a04a1afd42d5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nd-shortcodes/css/style.css?ver=4.9.21 HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Thu, 21 Dec 2017 16:55:01 GMT
Accept-Ranges: bytes
Content-Length: 41812
Connection: close
Content-Type: text/css
Content-Language: it
hotelthequeen.it/wp-content/themes/hotelbooking/style.css?ver=4.9.21
81.88.48.78200 OK 45 kB URL HTTP/1.1 hotelthequeen.it/wp-content/themes/hotelbooking/style.css?ver=4.9.21
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (301)
Hash 1e8c8cc233b904a28e3b48b9d8c74df8
cfa36b3be72cf94da89f42d92dfc64d355547348
c1f07fbf0c12465c0c957ee2b26dace1d016373a5437f4d11c79a8158aff4acf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hotelbooking/style.css?ver=4.9.21 HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Thu, 21 Dec 2017 16:30:27 GMT
Accept-Ranges: bytes
Content-Length: 44666
Connection: close
Content-Type: text/css
Content-Language: it
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:42:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hotelthequeen.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
81.88.48.78200 OK 10 kB URL HTTP/1.1 hotelthequeen.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (9959)
Hash 7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Thu, 21 Dec 2017 12:23:02 GMT
Accept-Ranges: bytes
Content-Length: 10056
Connection: close
Content-Type: application/javascript
Content-Language: it
hotelthequeen.it/wp-includes/js/wp-emoji-release.min.js?ver=4.9.21
81.88.48.78200 OK 12 kB URL HTTP/1.1 hotelthequeen.it/wp-includes/js/wp-emoji-release.min.js?ver=4.9.21
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (9063)
Hash fe0575b66568074463f12485d90f6d4c
aeedd9ab3b7874e63f647042963cb1301a38b391
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.21 HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 04:14:42 GMT
Accept-Ranges: bytes
Content-Length: 11943
Connection: close
Content-Type: application/javascript
Content-Language: it
hotelthequeen.it/wp-includes/js/jquery/jquery.js?ver=1.12.4
81.88.48.78200 OK 97 kB URL HTTP/1.1 hotelthequeen.it/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (31997)
Hash dc5ba5044fccc0297be7b262ce669a7c
f137ff98ae379e35b0702967d3b6866a0a40e3be
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Wed, 20 Nov 2019 10:08:11 GMT
Accept-Ranges: bytes
Content-Length: 96874
Connection: close
Content-Type: application/javascript
Content-Language: it
hotelthequeen.it/wp-includes/js/comment-reply.min.js?ver=4.9.21
81.88.48.78200 OK 1.1 kB URL HTTP/1.1 hotelthequeen.it/wp-includes/js/comment-reply.min.js?ver=4.9.21
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (1076), with no line terminators
Hash 9ef21a469fc37e845d6303fcfea70897
a86ec94ec7bee9227bcdf8d6374cabe82ae43e49
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/comment-reply.min.js?ver=4.9.21 HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 04:14:41 GMT
Accept-Ranges: bytes
Content-Length: 1076
Connection: close
Content-Type: application/javascript
Content-Language: it
hotelthequeen.it/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.5
81.88.48.78200 OK 14 kB URL HTTP/1.1 hotelthequeen.it/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.5
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
Hash 1534f06aa2b1b721a45372f8238e2461
86f7e7b926e1a88209d171b56dadbccc2c96f578
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.5 HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Wed, 20 Nov 2019 10:58:47 GMT
Accept-Ranges: bytes
Content-Length: 14440
Connection: close
Content-Type: application/javascript
Content-Language: it
hotelthequeen.it/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.6.3.1
81.88.48.78200 OK 65 kB URL HTTP/1.1 hotelthequeen.it/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.6.3.1
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (64455), with CRLF line terminators
Hash ea632fb18aac2217265de8d583284476
ea93c8af55049ccc41a02878b9c40303b317423f
5c66c3c106dc8c518f76ddf6921166fbbbd755b7c5586adc4f9171db0a7eb3df
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.6.3.1 HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Thu, 21 Dec 2017 16:55:55 GMT
Accept-Ranges: bytes
Content-Length: 64792
Connection: close
Content-Type: application/javascript
Content-Language: it
hotelthequeen.it/wp-includes/js/wp-embed.min.js?ver=4.9.21
81.88.48.78200 OK 1.4 kB URL HTTP/1.1 hotelthequeen.it/wp-includes/js/wp-embed.min.js?ver=4.9.21
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (1391), with no line terminators
Hash 570ae0f3c201604926ea599d3d1f6c04
2c29243a73660964d4712b969d2a15e27777bc14
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
GET /wp-includes/js/wp-embed.min.js?ver=4.9.21 HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 04:14:42 GMT
Accept-Ranges: bytes
Content-Length: 1391
Connection: close
Content-Type: application/javascript
Content-Language: it
hotelthequeen.it/wp-content/themes/hotelbooking/js/nicdark_navigation.js?ver=4.9.21
81.88.48.78200 OK 431 B URL HTTP/1.1 hotelthequeen.it/wp-content/themes/hotelbooking/js/nicdark_navigation.js?ver=4.9.21
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
Hash 9962e87d921f70cd8af893e738cbbe0f
ff957d68caea199192d3339c4aaa587201a184ff
fe81f92af2dbe3fdd89e2cc5658108d69a7d12fbbfec12e617f735c3de606601
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hotelbooking/js/nicdark_navigation.js?ver=4.9.21 HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Thu, 21 Dec 2017 16:30:24 GMT
Accept-Ranges: bytes
Content-Length: 431
Connection: close
Content-Type: application/javascript
Content-Language: it
hotelthequeen.it/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.6.3.1
81.88.48.78200 OK 111 kB URL HTTP/1.1 hotelthequeen.it/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.6.3.1
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (27287), with CRLF line terminators
Size 111 kB (110563 bytes)
Hash a748a9e56b2c639013c770506f1fd529
537edd9b364ac005df2d1c57be873945b2fecdf6
6eabb193731278713f4208ea84b8c7334c3dfc98f01cb074778280e1df536e62
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.6.3.1 HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Thu, 21 Dec 2017 16:55:55 GMT
Accept-Ranges: bytes
Content-Length: 110563
Connection: close
Content-Type: application/javascript
Content-Language: it
www.nero.com/img/N8SS-232x178-enu.png
104.18.9.4301 Moved Permanently 0 B URL HTTP/1.1 www.nero.com/img/N8SS-232x178-enu.png
IP 104.18.9.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: www.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
CF-Cache-Status: MISS
Expires: Tue, 13 Sep 2022 07:42:15 GMT
Cache-Control: public, max-age=14400
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749ddf33f897b529-OSL
www.hotelthequeen.it/wp-content/uploads/2017/09/icon-3.png
81.88.48.78200 OK 3.4 kB URL HTTP/1.1 www.hotelthequeen.it/wp-content/uploads/2017/09/icon-3.png
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
File type PNG image data, 110 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 701c80e830443bf93d2a47b101efd107
855d2ec2b45efc3806e2dc9866243e50dabd6e4e
f399c4b2ad9d16512494a69235ef052f53bffbc693e9064efce09161a6aa4018
GET /wp-content/uploads/2017/09/icon-3.png HTTP/1.1
Host: www.hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Fri, 22 Dec 2017 15:37:21 GMT
Accept-Ranges: bytes
Content-Length: 3429
Connection: close
Content-Type: image/png
Content-Language: it
fonts.gstatic.com/s/gildadisplay/v13/t5tmIRoYMoaYG0WEOh7HwMeR3T7Prw.woff2
142.250.74.163200 OK 11 kB URL HTTP/1.1 fonts.gstatic.com/s/gildadisplay/v13/t5tmIRoYMoaYG0WEOh7HwMeR3T7Prw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 11140, version 1.0\012- data
Hash 3503694f86f9ccdc14f6d2a3eedb6dde
7c701512c71cb068daa744a6076bfa7ed836c219
dae6d65a690769479a27b458a336a22572a371c90b34f00aea1e2503fbe63c45
GET /s/gildadisplay/v13/t5tmIRoYMoaYG0WEOh7HwMeR3T7Prw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hotelthequeen.it
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 11140
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 08 Sep 2022 01:53:37 GMT
Expires: Fri, 08 Sep 2023 01:53:37 GMT
Cache-Control: public, max-age=31536000
Age: 438518
Last-Modified: Thu, 21 Apr 2022 17:14:25 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hotelthequeen.it
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15740
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Sep 2022 22:09:09 GMT
Expires: Thu, 07 Sep 2023 22:09:09 GMT
Cache-Control: public, max-age=31536000
Age: 451986
Last-Modified: Wed, 11 May 2022 19:24:56 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hotelthequeen.it
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Sep 2022 20:15:31 GMT
Expires: Thu, 07 Sep 2023 20:15:31 GMT
Cache-Control: public, max-age=31536000
Age: 458804
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
hotelthequeen.it/wp-content/uploads/2017/09/hotel-logo.png
81.88.48.78200 OK 12 kB URL HTTP/1.1 hotelthequeen.it/wp-content/uploads/2017/09/hotel-logo.png
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
File type PNG image data, 383 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 8b75fe554b15bf1fc1fd5b5a2b1068de
e0a44a16b16646cf3d13ecd28db1b495c78bb72c
d26f3a8720be8ad607fba40f0596bdf805d551d1055d7a754e677ef9004ec0ee
GET /wp-content/uploads/2017/09/hotel-logo.png HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Fri, 22 Dec 2017 11:56:23 GMT
Accept-Ranges: bytes
Content-Length: 11593
Connection: close
Content-Type: image/png
Content-Language: it
hotelthequeen.it/wp-content/uploads/2017/08/partners.png
81.88.48.78200 OK 8.2 kB URL HTTP/1.1 hotelthequeen.it/wp-content/uploads/2017/08/partners.png
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
File type PNG image data, 600 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 8a87667679bce29bdc550b2bd50f0cb2
03fc3bb5567c1760c619bee71c6276a504cda308
d13d2eaef6610a218afffcbc43effdecfff2d20d483726caf83370d5fcd1e37c
GET /wp-content/uploads/2017/08/partners.png HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Fri, 22 Dec 2017 19:14:18 GMT
Accept-Ranges: bytes
Content-Length: 8163
Connection: close
Content-Type: image/png
Content-Language: it
www.hotelthequeen.it/wp-content/uploads/2017/09/icon-2.png
81.88.48.78200 OK 4.5 kB URL HTTP/1.1 www.hotelthequeen.it/wp-content/uploads/2017/09/icon-2.png
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
File type PNG image data, 100 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 0888249214f193a88597f38e887a5d4c
1a3bc7b9569d6c44c846eef5802b8b83884d77c3
c7d2cebc6bfda34bc5ec0a98f6d9d36eb6469cbba41d2c21dda62f89c1fc5836
GET /wp-content/uploads/2017/09/icon-2.png HTTP/1.1
Host: www.hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Fri, 22 Dec 2017 15:41:47 GMT
Accept-Ranges: bytes
Content-Length: 4486
Connection: close
Content-Type: image/png
Content-Language: it
hotelthequeen.it/wp-content/plugins/nd-shortcodes/addons/customizer/header/header-2/img/icon-close-white.svg
81.88.48.78200 OK 1.3 kB URL HTTP/1.1 hotelthequeen.it/wp-content/plugins/nd-shortcodes/addons/customizer/header/header-2/img/icon-close-white.svg
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (406)
Hash ead518e9aea11525aeafd91c71cb909f
414eaa7e0beec25ae3719a5b4ee17f266dabad5e
791ad507c4e8155b7f226e00444be1dddb2de7829a16130b3542b99dd252539d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nd-shortcodes/addons/customizer/header/header-2/img/icon-close-white.svg HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Thu, 21 Dec 2017 16:55:00 GMT
Accept-Ranges: bytes
Content-Length: 1325
Connection: close
Content-Type: image/svg+xml
Content-Language: it
hotelthequeen.it/wp-content/plugins/nd-shortcodes/addons/customizer/header/img/icon-menu.svg
81.88.48.78200 OK 2.5 kB URL HTTP/1.1 hotelthequeen.it/wp-content/plugins/nd-shortcodes/addons/customizer/header/img/icon-menu.svg
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash 1cb93f3a203b74cad5ee4e81c51dafd1
9601628c7e8bfd1a85c306a837fcf158e4079c8f
a96125847ebc1b0e686e133c1407f4779d91d751158c77f3854e7fa7ff8488f3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nd-shortcodes/addons/customizer/header/img/icon-menu.svg HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Last-Modified: Thu, 21 Dec 2017 16:55:00 GMT
Accept-Ranges: bytes
Content-Length: 2499
Connection: close
Content-Type: image/svg+xml
Content-Language: it
s.w.org/images/core/emoji/11/svg/2714.svg
192.0.77.48200 OK 361 B URL HTTP/2 s.w.org/images/core/emoji/11/svg/2714.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (361), with no line terminators
Hash 6169d7aaaa9ad19a6c4fa97571e6d820
6aa3a1c92f9005a8bec0dbc9d45b08f7941c175a
b44d972368ad73f992d7573c043409735debeda63bc994ab6818023bc4ac6212
GET /images/core/emoji/11/svg/2714.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hotelthequeen.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 03:42:15 GMT
content-type: image/svg+xml
content-length: 361
last-modified: Fri, 08 Jun 2018 13:09:43 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:42:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js
142.250.74.163200 OK 157 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (539)
Size 157 kB (157166 bytes)
Hash 026df0dfed2314af108e700900288961
51c2a55bca7d65c549ef138d1294cac2aa98dd96
24eefc59f5d298ce40bdd33c8157ad14631984159fca8e5980037366c44c2b34
GET /recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hotelthequeen.it
Connection: keep-alive
Referer: http://hotelthequeen.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157166
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:23:20 GMT
expires: Wed, 06 Sep 2023 17:23:20 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
content-type: text/javascript
age: 555535
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:42:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hotelthequeen.it/favicon.ico
81.88.48.78200 OK 0 B URL HTTP/1.1 hotelthequeen.it/favicon.ico
IP 81.88.48.78:0
ASN #39729 Register S.p.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: hotelthequeen.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotelthequeen.it/2022/06/13/nero-8-3-2-1-micro-express-and-burning-rom-free-download-hot/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:15 GMT
Server: Apache
Content-Length: 0
Content-Type: image/vnd.microsoft.icon
Content-Language: it
Connection: close
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash e6eb707148d1311ace36a0c0626d0f88
015cc230213a8fb445fdaf3753875262a4a8029a
5c1cc71f59979be8cd7750d3ef9c9bc73f4692a8072f587dc31d8e97583fa958
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:42:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 17 Sep 2022 02:36:08 GMT
ETag: "015cc230213a8fb445fdaf3753875262a4a8029a"
Last-Modified: Tue, 13 Sep 2022 02:36:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749ddf353976b50c-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7179
Expires: Tue, 13 Sep 2022 05:41:55 GMT
Date: Tue, 13 Sep 2022 03:42:16 GMT
Connection: keep-alive
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:16 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7179
Expires: Tue, 13 Sep 2022 05:41:55 GMT
Date: Tue, 13 Sep 2022 03:42:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9ab2ec10c79b91d15edb1d1e3dc763c
744fee4a0baa22ba3aa352d60620a916972b47dd
f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lZ3FmD1gM8YBgZNt97kuYSol1kj0GQqRjyLT_7715VtH9GR1WpMDxA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:20 GMT
age: 21596
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F909eacf9-8e5f-4cbb-aa74-803702af05cc.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F909eacf9-8e5f-4cbb-aa74-803702af05cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 72d299fa183dd450fc6a065c6705d8f8
b92938c3202d126a14c2b5188a10bff2a6e5cdbb
33e34e0f624b1a8e1a502ce9087b507f631a3debe0c7c5e62ba528114b1e0cd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F909eacf9-8e5f-4cbb-aa74-803702af05cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7170
x-amzn-requestid: 00af58fc-9faf-4c4e-8650-f9f7013a0708
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbw2HqjoAMFjVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa66b-42d241ad62d240b10368efb1;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:43 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kAm2lSbfhZhc3XsnfvKU_d28fL7ypPC7ISNjubXKtO-ap17kCF4b_g==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:55:47 GMT
age: 20789
etag: "b92938c3202d126a14c2b5188a10bff2a6e5cdbb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 47e1f64348aa12d707bf070f39877c7e
7a1f13d32de956fd50fccba0f813fb71bda79f63
9b3cee8039a2adb1291006a9ad55cd5032a2a6c10de3c5f57222692b02c0faac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7965
x-amzn-requestid: c0ddd7c6-9709-4251-8e7b-4a551f9a7d2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBro8EjxIAMFi0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f305-26023e0714937dca063dcbfa;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:09 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: jj0LCxD4MdspTSEvLVsUaEbdNjjae7G-gogDBKtx1IE9VZauS4BblQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 23:11:59 GMT
age: 16217
etag: "7a1f13d32de956fd50fccba0f813fb71bda79f63"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda5e1411-5276-4254-9490-1dc24d94cd9a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda5e1411-5276-4254-9490-1dc24d94cd9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 46c11754fe0f66d111da0b85ff502bbe
3c2c129525a73a55868ef73a3c4d177a06aa4f2b
e68f7a549886f1c3ded28bc64e2fcc179a0a46ff66703e8af840618a67f543a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda5e1411-5276-4254-9490-1dc24d94cd9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11011
x-amzn-requestid: eceb4fab-9ffa-46cf-839f-164a95d667e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBDBRGHIoAMFpyw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316b207-554ff6d524ded7b75eb1a17a;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 02:35:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bxMT53jzfdVFbbAsN2Lfi9b1bxz8KgNFRpH7Q5hYcOZ6tbIThTywIg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 04:22:02 GMT
age: 84014
etag: "3c2c129525a73a55868ef73a3c4d177a06aa4f2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fa8c6-1f06-4fa4-88d0-333a32c1a7a8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fa8c6-1f06-4fa4-88d0-333a32c1a7a8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 019416755742a78ddf35671ba5eaccc7
ec2e96359ef3a236514cab21af80ea5b9420e9c3
a6b0e0ec56c2ce2f94dae8032e0deb297236c35f7a8928a14a254e3fdb2a255a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fa8c6-1f06-4fa4-88d0-333a32c1a7a8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10245
x-amzn-requestid: 25331636-a1cd-4ceb-84cc-fd85cfd8a861
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG23AGLIoAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631904f9-6fbb23ec3dc9d55e344bc6d7;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 20:54:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UkNBQ0iwXl3OWeO5PDgT_DgkaU5q6jqSorpyircPEtEW2f--bWHqlg==
via: 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:17:40 GMT
age: 19476
etag: "ec2e96359ef3a236514cab21af80ea5b9420e9c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c824a7db30839607b01c7a164f6f6ec
bbab791971056750a46dd6ed9c5d7c8e12ab457e
872262a28a383a9eafd1f453014a3edfde4872160b772874271be6358a47449f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9606
x-amzn-requestid: bf72ce8c-1272-42df-8958-d392210106c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIR7NFh2oAMFXIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631996ad-4646091a428db21e2dce1a61;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:15:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4skZVE5BinFMAJV196j5-qtDez6m26DtU8NZvU6K2VuhFnC7E1zXWw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:56:19 GMT
age: 20757
etag: "bbab791971056750a46dd6ed9c5d7c8e12ab457e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:16 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:16 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:16 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:16 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 12:31:58 GMT
expires: Sun, 10 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 227418
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 00:48:31 GMT
expires: Sat, 09 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 356025
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:16 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:16 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:16 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:16 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:16 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:16 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:16 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:16 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:16 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:16 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:16 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:16 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:16 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:16 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
web2.nero.com/img/N8SS-232x178-enu.png
193.24.239.210301 Moved Permanently 0 B URL HTTP/1.1 web2.nero.com/img/N8SS-232x178-enu.png
IP 193.24.239.210:0
ASN #31276 Insoft EDV-Systeme und Handelsgesellschaft mbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/N8SS-232x178-enu.png HTTP/1.1
Host: web2.nero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotelthequeen.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 03:42:17 GMT
Server: Apache/2.4.38 (Debian)
Location: https://web2.nero.com/img/N8SS-232x178-enu.png
Content-Length: 0
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8