Overview

URLftp.info-nexi-key.myddns.com/
IP 45.125.66.70 (Lithuania)
ASN#133398 Tele Asia Limited
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-09-02 04:48:39 UTC
StatusLoading report..
IDS alerts0
Blocklist alert0
urlquery alerts
2
DynDNS domain detected
Tags None

Domain Summary (30)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-01 23:50:12 UTC 143.204.55.36
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-01 04:48:38 UTC 34.117.237.239
ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-01 21:59:24 UTC 93.184.220.29
assets.adobedtm.com (2) 512 2014-01-28 04:51:35 UTC 2022-09-01 04:51:22 UTC 23.38.200.237
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-01 20:33:55 UTC 216.239.38.178
ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.110
img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-01 15:19:00 UTC 34.120.237.76
www.nexi.it (30) 495401 2017-11-13 14:01:19 UTC 2022-09-01 16:48:51 UTC 185.198.118.126
dpm.demdex.net (3) 204 2017-01-30 04:59:39 UTC 2022-09-02 04:09:29 UTC 54.154.199.204
privati.nexi.it (2) 0 2017-11-13 13:25:59 UTC 2022-09-01 11:36:43 UTC 185.198.117.136 Domain (nexi.it) ranked at: 234503
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-01 04:51:03 UTC 143.204.55.49
script.hotjar.com (1) 887 2020-11-05 16:23:46 UTC 2022-09-02 01:43:24 UTC 143.204.55.46
www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-09-01 06:02:45 UTC 142.250.74.3
ftp.info-nexi-key.myddns.com (1) 0 2022-08-30 10:18:42 UTC 2022-09-01 22:12:50 UTC 45.125.66.70 Domain (myddns.com) ranked at: 396550
r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-01 04:47:54 UTC 23.36.76.226
nexipayments.demdex.net (1) 853055 2021-09-01 12:05:55 UTC 2022-09-02 02:22:36 UTC 54.154.32.144
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-02 00:29:13 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
vars.hotjar.com (1) 1014 2020-11-05 10:13:14 UTC 2022-09-02 01:09:03 UTC 143.204.55.20
static.hotjar.com (1) 641 2014-11-01 05:14:27 UTC 2022-09-01 04:52:38 UTC 54.230.111.66
nexipayments.sc.omtrdc.net (1) 0 2021-09-01 12:05:55 UTC 2022-09-01 05:18:54 UTC 15.236.176.210 Domain (omtrdc.net) ranked at: 485
stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-01 04:48:37 UTC 64.233.163.155
www.cloudflare.com (1) 6775 2019-03-21 22:03:36 UTC 2022-09-01 07:36:56 UTC 104.16.123.96
ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-09-01 05:09:52 UTC 104.18.20.226
ocsp.pki.goog (11) 175 2017-06-14 07:23:31 UTC 2022-09-01 04:47:53 UTC 142.250.74.3
www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-01 04:53:56 UTC 142.250.74.72
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-09-01 05:02:14 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
www.google.com (1) 7 2017-01-29 11:48:58 UTC 2022-09-02 00:00:00 UTC 142.250.74.164
cm.everesttech.net (1) 996 2017-01-30 04:59:57 UTC 2022-09-01 05:07:12 UTC 52.215.243.107
fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-01 04:49:08 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
nexipayments.tt.omtrdc.net (1) 838171 2021-09-01 09:43:51 UTC 2022-09-01 05:18:55 UTC 34.248.44.21

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 45.125.66.70
Date UQ / IDS / BL URL IP
2022-09-02 20:06:42 +0000 39 - 0 - 56 nexipaymobilekey.dns04.com/ 45.125.66.70
2022-09-02 18:54:27 +0000 39 - 0 - 61 info-pay-nexi-key.port25.biz/ 45.125.66.70
2022-09-02 08:44:55 +0000 2 - 0 - 1 ftp.info-pay-nexi-key.port25.biz/ 45.125.66.70
2022-09-02 08:36:31 +0000 2 - 0 - 0 app-utente.ddns.ms/ 45.125.66.70
2022-09-02 04:48:39 +0000 2 - 0 - 0 ftp.info-nexi-key.myddns.com/ 45.125.66.70


Last 5 reports on ASN: Tele Asia Limited
Date UQ / IDS / BL URL IP
2023-01-28 08:26:34 +0000 0 - 2 - 3 enhanced-google.com/lod/xlsrd.cpl 103.253.43.209
2023-01-28 08:26:31 +0000 0 - 1 - 3 enhanced-google.com/lod/Y6F8h5 103.253.43.209
2023-01-28 08:26:28 +0000 0 - 1 - 3 enhanced-google.com/lod/WindowsInstallationAs (...) 103.253.43.209
2023-01-28 08:26:27 +0000 0 - 1 - 3 enhanced-google.com/lod/lastsst.exe 103.253.43.209
2023-01-28 08:26:27 +0000 0 - 1 - 3 enhanced-google.com/lod/enti.cpl 103.253.43.209


Last 5 reports on domain: myddns.com
Date UQ / IDS / BL URL IP
2023-01-14 05:33:00 +0000 0 - 4 - 0 usbank-access.myddns.com/ 178.128.219.210
2022-11-24 19:27:29 +0000 12 - 0 - 0 auth00secure001124.myddns.com/account/index 198.204.229.178
2022-11-09 22:53:58 +0000 13 - 0 - 0 www.auth-secure087.myddns.com/ 198.204.229.178
2022-11-02 07:40:01 +0000 13 - 0 - 0 vpnamn.myddns.com/helpdesk/Login/LogOn 116.193.175.49
2022-10-05 19:25:09 +0000 3 - 0 - 0 autho01.myddns.com/login.php?online_id=7f7bad (...) 13.92.135.141


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-09-13 20:19:01 +0000 2 - 0 - 2 login-utente.gettrials.com/ 45.125.66.85
2022-09-02 08:44:55 +0000 2 - 0 - 1 ftp.info-pay-nexi-key.port25.biz/ 45.125.66.70
2022-09-02 08:36:31 +0000 2 - 0 - 0 app-utente.ddns.ms/ 45.125.66.70
2022-09-02 04:47:18 +0000 2 - 0 - 0 app-utente.ddns.ms/ 45.125.66.70
2022-09-02 02:22:46 +0000 2 - 0 - 1 my-nexi-pay.mypop3.org/ 45.125.66.70

JavaScript

Executed Scripts (24)

Executed Evals (91)
#1 JavaScript::Eval (size: 112) - SHA256: e59b7d949be06356ede4016cb8e9c3ac86f9c24a882ea9221b2e1b7f01161dd3
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(22)(google_tag_manager["GTM-MVCHKSD"].macro(23))
})();
#2 JavaScript::Eval (size: 5508) - SHA256: 7037619e1686629abd988876f473219e50aa24cc261105be9bb5f41ac6ca5447
(function() {
    var a = "3ds.abanca.com 3ds.alfabank.by 3ds.altynbank.kz 3ds.bankrbk.kz 3ds.borica.bg 3ds.bov.com 3ds.cafis-paynet.jp 3ds.cardservices.center 3ds.cathaybk.com.tw 3ds.consorsfinanz.de 3ds.egcp.com 3ds.kombank.com 3ds.kredobank.com.ua 3ds.open.ru 3ds.oschadbank.ua 3ds.payment.ru 3ds.priorbank.by 3ds.qnb.com 3ds.rpc-raiffeisen.com 3ds.sdm.ru 3ds.sia.eu 3ds.vinea.es 3ds.zenit.ru 3ds2.checkout.com 3ds2.open.ru 3ds2.ukrsibbank.com 3ds2-idcheck.acdcproc.com 3ds2-visasecure.acdcproc.com 3ds-a.live.ext.prod.enfuce.com 3ds-b.live.ext.prod.enfuce.com 3dsec.cardcenter.ch 3dsec.postfinance.ch 3dsecure.bcc.kz 3dsecure.bnpparibas.pl 3dsecure.cartasi.it 3dsecure.cartasi.it 3dsecure.cgbchina.com.cn 3dsecure.csas.cz 3dsecure.fr.ing.com 3dsecure.ing.ro 3dsecure.mbank.cz 3dsecure.mbank.pl 3dsecure.mbank.sk 3dsecure.pl.ing.com 3dsecure.psa.at 3dsecure.qiib.com.qa 3dsecure.raiffeisen.al 3dsecure.raiffeisenbank.rs 3dsecure.s-id-check-sparkassen.de 3dsecure.slsp.sk 3dsecure.tatrabanka.sk 3dsecure.unibank.az 3dsecure.yoomoney.ru 3dsecure.zen.com 3dsecure-1.wirecard.com 3dsecure2.credit-agricole.pl 3dsecure2.csas.cz 3dsecure2.halykbank.kz 3dsecure2.optimabank.kg 3dsecure2.vietcombank.com.vn 3dsecure-2.wirecard.com 3dsecure-korporacje.mbank.pl 3dsecure-vrp.de 3ds-hanseaticbank.de 3ds-n1.nbg.gr 3ds-n2.nbg.gr 3ds-n3.nbg.gr 3dsp2v.vtb.ru 3ds-pay.sberbank.kz 3dspayment.easybank.at 3dspayment.paylife.at 3dss.hpb.hr 3ds-secure.cardcomplete.com 3dssg.ocbc.com 78zd31yuezqzy5wkjtunafdwmtjee7.3dspx.bankcheckcode.com 79qjdkcsa7suimmizvre3tmjgwpqun.3dspx.bankcheckcode.com acs.3dsecure.az acs.ababank.com acs.airplus.com acs.alfabank.kiev.ua acs.alfabank.ru acs.bccard.com acs.bspb.ru acs.capitalone.com acs.cardpay.com acs.centrinvest.ru acs.creditdnepr.com acs.cupdata.com acs.eximb.com acs.fio.cz acs.fssnet.co.in acs.fuib.com acs.hanacard.co.kr acs.kapital24.uz acs.luminorgroup.com acs.mashreq.com acs.mercurypaymentservices.it acs.netsgroup.com acs.paymaya.com acs.redbanc.cl acs.rsb.ru acs.shinhancard.com acs.sia.eu acs.sibs.pt acs.spdb.com.cn acs.swisscard.ch acs.tbcbank.ge acs.touch.tech acs.upc.ua acs.wooricard.com acs1.3ds.modirum.com acs1.3dsecure.no acs1.edb.com acs1.sbrf.ru acs1.viseca.ch acs1-3dsecure.cic.fr acs1-3dsecure.cm-cic.com acs1-3dsecure.creditmutuel.fr acs1-3dsecure.targobank.de acs2.agillitas.com.br acs2.arca.am acs2.bgpb.by acs2.bspb.ru acs2.creditcard.ecitic.com acs2.edb.com acs2.gpesecure.com acs2.libertybank.ge acs2.nbu.uz acs2.nedsecure.co.za acs2.quipu.de acs2.rba.hr acs2.sbrf.ru acs2.six-payment-services.com acs2.uralsib.ru acs2-3dsecure.cic.fr acs2-3dsecure.cm-cic.com acs2-3dsecure.creditmutuel.fr acs2-3dsecure.targobank.de acs2c.ukrcard.com.ua acs2-concord.procard.ua acs2mc.multicarta.ru acs2v.multicarta.ru acs3.sbrf.ru acs3d.fisc.com.tw acs4.3dsecure.no acs4.privatbank.ua acs4.sbrf.ru acs6.unicredit.ru acsds.eubank.kz acs-jcn.dnp-cdms.jp acsm2.centrum24.pl acspa.petafuel.net acssv.ckb.me acssv.dskbank.bg acssv.otpbank.al acssv.otpbank.hu acs-trides2.asseco-see.hr acsus1.netsgroup.com acsv2.cardstandard.ru acsweb.novabanka.com authentication-acs.marqeta.com belgium-3ds-bxl.wlp-acs.com belgium-3ds-vdm.wlp-acs.com bfcoi-3ds-bxl.wlp-acs.com bfcoi-3ds-vdm.wlp-acs.com bnpp-3ds.wlp-acs.com bnpp-3ds-bxl.wlp-acs.com bnpp-3ds-vdm.wlp-acs.com boursorama-3ds-bxl.wlp-acs.com boursorama-3ds-vdm.wlp-acs.com bps.3dsecure.itcard.pl bred-3ds-bxl.wlp-acs.com bred-3ds-vdm.wlp-acs.com cacs-v2.icard.com cbc-bxl.wlp-acs.com cdn-3ds-bxl.wlp-acs.com cdn-3ds-vdm.wlp-acs.com coapacs2c.pingan.com.cn credit-mutuel-3ds.wlp-acs.com credit-mutuel-3ds-bxl.wlp-acs.com credit-mutuel-3ds-vdm.wlp-acs.com crqsbiacs.sbi danskebank-3ds-bxl.wlp-acs.com danskebank-3ds-vdm.wlp-acs.com emv3ds.npc.by emv3ds.npc.by emv3ds-acs.nccc.com.tw emv3ds-acs.taipeifubon.com.tw emv3dsauth1.secureacs.com emv3dsweb.santander.com.br emvacs.2c2p.com emvacs.bkm.com.tr emvacs.qiwi.com eu.3ds.acssecure.com fscd3dsprod.bci.cl gbemv3dsecure.garanti.com.tr german-3ds-bxl.wlp-acs.com german-3ds-vdm.wlp-acs.com gnb.3dsecure.itcard.pl hsbc-3ds-bxl.wlp-acs.com hsbc-3ds-vdm.wlp-acs.com ipcacs.bps-sberbank.by labanquepostale-3ds-bxl.wlp-acs.com labanquepostale-3ds-vdm.wlp-acs.com luxembourg-3ds-bxl.wlp-acs.com luxembourg-3ds-vdm.wlp-acs.com lv-worldline-3ds-bxl.wlp-acs.com lv-worldline-3ds-vdm.wlp-acs.com mafrenchbank-3ds-bxl.wlp-acs.com mafrenchbank-3ds-vdm.wlp-acs.com mail.acscloud.it mastercard2.acs.cmbchina.com metlacspa-my.sharepoint.com natixispaymentsolutions-3ds-bxl.wlp-acs.com natixispaymentsolutions-3ds-vdm.wlp-acs.com op-bxl.wlp-acs.com optpf-3ds-vdm.wlp-acs.com op-vdm.wlp-acs.com pca3ds.gbp.ma postbank-3ds-bxl.wlp-acs.com postbank-3ds-vdm.wlp-acs.com primeacs.nouvobanq.com roemv3dsecure.garantibank.ro rsa3dsauth.co.uk rsa3dsauth.com secure.3ds.bonuscard.ch secure.3ds.cornercard.ch secure.3ds.cornercard.eu secure-acs2ui-b1-indblr-blrtdc.wibmo.com secure-acs2ui-b1-indmum-mumrdc.wibmo.com sg-3ds-bxl.wlp-acs.com sg-3ds-vdm.wlp-acs.com ssl-prd-u7f-fo-acs-pa-casa.wlp-acs.com ssl-prd-u7f-fo-acs-pa-casa-bxl.wlp-acs.com ssl-prd-u7f-fo-acs-pa-casa-vdm.wlp-acs.com tas-conductor-acs2.com test3dsecure.cartasi.it testacs.cardnet-tds.com uobs3dsg2.uobgroup.com uobt3dsg2.uobgroup.com vacsverify.unionpay.com visa2.acs.cmbchina.com masterpass.com secure7.arcot.com".split(" "),
        b = /https?:\/\/([^/:]+)/.exec(google_tag_manager["GTM-MVCHKSD"].macro(78));
    if (b)
        for (var c = a.length; c--;)
            if ((new RegExp("^" + a[c] + "$")).test(b[1])) return null;
    return google_tag_manager["GTM-MVCHKSD"].macro(79)
})();
#3 JavaScript::Eval (size: 324) - SHA256: fc434a0b4ae86579baf22874f2c5d2ad654441b3717f5a41bab3a6df143b30fd
(function() {
    if (google_tag_manager["GTM-MVCHKSD"].macro(89)) return google_tag_manager["GTM-MVCHKSD"].macro(90);
    if (google_tag_manager["GTM-MVCHKSD"].macro(93) && "not accepted" != google_tag_manager["GTM-MVCHKSD"].macro(96)) try {
        return JSON.parse(google_tag_manager["GTM-MVCHKSD"].macro(99))
    } catch (a) {
        console.error(a)
    }
    return {}
})();
#4 JavaScript::Eval (size: 87) - SHA256: 7abf6006fbe4358d3359c96016ed904db849967db19b7ca63f905d7865d1a5bd
(function() {
    return "1" === google_tag_manager["GTM-MVCHKSD"].macro(195)("das_nb") ? 1 : 0
})();
#5 JavaScript::Eval (size: 177) - SHA256: 4b2f8a7795b25de72aaffbbb69707d1728afc32eb380babb5f9d0dc219d5defd
(function() {
    var a = google_tag_manager["GTM-MVCHKSD"].macro(13);
    return a.adform && a.doubleclick && a.facebook && a.amazon && a.twitter && a.googleadservice && a.bingads && a.zemanta ? !0 : !1
})();
#6 JavaScript::Eval (size: 177) - SHA256: 0aab0f7fc764bcdfde9211ed281a466cafd3ad6c106bbc12e9c7b1514fad46cc
(function() {
    var a = google_tag_manager["GTM-MVCHKSD"].macro(37);
    return a.adform && a.doubleclick && a.facebook && a.amazon && a.twitter && a.googleadservice && a.bingads && a.zemanta ? !0 : !1
})();
#7 JavaScript::Eval (size: 21510) - SHA256: b4cf40fac29028d098de6f3742ebff7301b07e709abc3aae0896532561b87bd9
(function() {
    var i1 = function(n, t, a, O, A, H) {
            if (!t.K) {
                t.h++;
                try {
                    for (O = (H = (a = 0, void 0), t.j); --n;) try {
                        if (A = void 0, t.g) H = l(t.g, t);
                        else {
                            if ((a = k(t, 179), a) >= O) break;
                            H = (A = w((S(336, t, a), t)), k(t, A))
                        }
                        Q(false, (H && H.call ? H(t, n) : C([L, 21, A], 0, t), t), n, false)
                    } catch (G) {
                        k(t, 153) ? C(G, 22, t) : S(153, t, G)
                    }
                    if (!n) {
                        if (t.gr) {
                            t.h--, i1(795457819800, t);
                            return
                        }
                        C([L, 33], 0, t)
                    }
                } catch (G) {
                    try {
                        C(G, 22, t)
                    } catch (c) {
                        F(t, c)
                    }
                }
                t.h--
            }
        },
        S = function(n, t, a) {
            if (179 == n || 336 == n) t.R[n] ? t.R[n].concat(a) : t.R[n] = tB(a, t);
            else {
                if (t.T && 107 != n) return;
                268 == n || 359 == n || 90 == n || 257 == n || 494 == n ? t.R[n] || (t.R[n] = nj(t, 70, n, a)) : t.R[n] = nj(t, 105, n, a)
            }
            107 == n && (t.Z = N(32, false, t), t.X = void 0)
        },
        aD = function(n, t) {
            if (n = (t = null, I).trustedTypes, !n || !n.createPolicy) return t;
            try {
                t = n.createPolicy("bg", {
                    createHTML: HM,
                    createScript: HM,
                    createScriptURL: HM
                })
            } catch (a) {
                I.console && I.console.error(a.message)
            }
            return t
        },
        F = function(n, t) {
            n.K = ((n.K ? n.K + "~" : "E:") + t.message + ":" + t.stack).slice(0, 2048)
        },
        GD = function(n, t, a, O, A) {
            for (O = a[A = 0, 3] | 0, a = a[2] | 0; 15 > A; A++) n = n >>> 8 | n << 24, O = O >>> 8 | O << 24, n += t | 0, n ^= a + 2278, t = t << 3 | t >>> 29, O += a | 0, t ^= n, O ^= A + 2278, a = a << 3 | a >>> 29, a ^= O;
            return [t >>> 24 & 255, t >>> 16 & 255, t >>> 8 & 255, t >>> 0 & 255, n >>> 24 & 255, n >>> 16 & 255, n >>> 8 & 255, n >>> 0 & 255]
        },
        E, jm = function(n, t, a, O) {
            z(u(k((O = (a = w(n), w)(n), n), a), t), O, n)
        },
        y = function(n, t, a) {
            a = this;
            try {
                Oc(n, this, t)
            } catch (O) {
                F(this, O), n(function(A) {
                    A(a.K)
                })
            }
        },
        cM = function(n, t) {
            return (t = P(n), t & 128) && (t = t & 127 | P(n) << 7), t
        },
        m = function(n, t, a, O, A, H) {
            if (t.u.length) {
                (t.B = !(t.B && 0(), 0), t).rr = n;
                try {
                    O = t.l(), t.P = O, t.Y = 0, t.C = O, A = Kj(n, t), H = t.l() - t.P, t.o += H, H < (a ? 0 : 10) || 0 >= t.i-- || (H = Math.floor(H), t.N.push(254 >= H ? H : 254))
                } finally {
                    t.B = false
                }
                return A
            }
        },
        Oc = function(n, t, a, O, A) {
            for (t.xP = ((t.I8 = (t.lb = t[q], AB), t.ys = l1, t).pW = kD({get: function() {
                        return this.concat()
                    }
                }, t.J), h[t.J](t.pW, {
                    value: {
                        value: {}
                    }
                })), A = 0, O = []; 128 > A; A++) O[A] = String.fromCharCode(A);
            m(true, t, (g(t, (g(t, (S(406, t, (S((S(87, t, (S(90, t, (S(121, t, (t.qr = (S(188, t, ((S(114, t, ((S(59, t, (S(370, t, (S(56, t, (S(152, (S(0, (S(239, (S(238, (t.OP = (S(359, (S(194, t, (S(234, (S(17, (S(78, (S(270, t, (S(494, t, (S(108, (S(171, (S(427, t, (S(214, t, (S(284, (S(219, (S(((S(380, t, (S(11, t, (S((S(216, t, ((S(223, (S(341, t, ((S(146, t, (S(336, (S(179, (t.L = (t.j6 = (t.A = 1, ((t.rr = false, t).O = [], A = (((t.K = void 0, t).o = 0, t).i = ((t.wr = 0, t).R = [], t.h = (t.G = (t.Y = void 0, (t.U = 0, t.T = false, t.ub = function(H) {
                this.G = H
            }, t.u = (t.C = (t.B = false, 0), []), t.D = 8001, t.N = [], t).H = (t.j = 0, null), t), t.e6 = (t.P = 0, []), t.X = void 0, 0), 25), t.g = void 0, (t.I = void 0, t).Z = void 0, (t.W = void 0, window.performance) || {}), A.timeOrigin || (A.timing || {}).navigationStart) || 0), []), t), 0), t), 0), {})), t).S6 = 0, function(H, G, c, K) {
                !Q(false, H, G, true) && (G = b1(H), c = G.fW, K = G.V, H.G == H || K == H.ub && c == H) && (S(G.Gd, H, K.apply(c, G.s)), H.C = H.l())
            })), t), function(H, G, c, K, d, b) {
                if (!Q(true, H, G, true)) {
                    if ((H = (d = (K = (c = w((K = (d = w(H), w(H)), G = w(H), H)), G = k(H, G), k(H, K)), k(H, d)), k(H, c)), "object") == oD(d)) {
                        for (b in c = [], d) c.push(b);
                        d = c
                    }
                    for (c = (b = (G = 0 < G ? G : 1, 0), d.length); b < c; b += G) K(d.slice(b, (b | 0) + (G | 0)), H)
                }
            }), S)(403, t, function(H, G, c, K) {
                S((c = k(H, (K = k((G = (K = w((c = w(H), H)), w)(H), H), K), c)), G), H, c in K | 0)
            }), function(H, G, c, K, d) {
                (d = w((G = (c = w(H), w(H)), H)), H.G == H) && (K = k(H, c), G = k(H, G), d = k(H, d), K[G] = d, 107 == c && (H.X = void 0, 2 == G && (H.Z = N(32, false, H), H.X = void 0)))
            })), 12), t, function(H) {
                Sm(H, 4)
            }), function(H, G) {
                pj((G = k(H, w(H)), H.G), G)
            })), S(257, t, []), function(H, G, c) {
                Q(false, H, G, true) || (G = w(H), c = w(H), S(c, H, function(K) {
                    return eval(K)
                }(dz(k(H.G, G)))))
            })), S)(248, t, t), 153), t, 332), t), function(H, G, c, K, d, b) {
                Q(false, H, G, true) || (K = b1(H.G), G = K.Gd, c = K.fW, d = K.V, K = K.s, b = K.length, c = 0 == b ? new c[d] : 1 == b ? new c[d](K[0]) : 2 == b ? new c[d](K[0], K[1]) : 3 == b ? new c[d](K[0], K[1], K[2]) : 4 == b ? new c[d](K[0], K[1], K[2], K[3]) : 2(), S(G, H, c))
            }), t), function(H, G, c) {
                G = (G = (c = (G = w(H), w(H)), k(H, G)), oD)(G), S(c, H, G)
            }), function(H) {
                jm(H, 1)
            })), function(H, G, c, K) {
                (c = k(H, (K = k(H, (G = (c = (K = w(H), w(H)), w(H)), K)), c)), S)(G, H, K[c])
            })), t), function(H, G, c, K, d, b, p, x, V, Z, D, U) {
                function W(Y, e) {
                    for (; d < Y;) D |= P(H) << d, d += 8;
                    return D >>= (e = D & (1 << Y) - (d -= Y, 1), Y), e
                }
                for (G = (c = (b = (K = ((d = D = (Z = w(H), 0), W)(3) | 0) + 1, W(5)), V = 0), []); c < b; c++) U = W(1), G.push(U), V += U ? 0 : 1;
                for (x = (V = ((V | 0) - 1).toString(2).length, c = 0, []); c < b; c++) G[c] || (x[c] = W(V));
                for (V = 0; V < b; V++) G[V] && (x[V] = w(H));
                for (p = []; K--;) p.push(k(H, w(H)));
                S(Z, H, function(Y, e, v, T, r) {
                    for (T = (v = (e = [], 0), []); v < b; v++) {
                        if (!(r = x[v], G[v])) {
                            for (; r >= T.length;) T.push(w(Y));
                            r = T[r]
                        }
                        e.push(r)
                    }(Y.g = tB(p.slice(), Y), Y).I = tB(e, Y)
                })
            }), t), function(H, G, c, K, d) {
                0 !== (K = k(H, (G = (c = k(H, (d = k((c = w((K = (d = (G = w(H), w(H)), w)(H), H)), H), d), c)), k(H.G, G)), K)), G) && (K = V0(K, 1, c, H, G, d), G.addEventListener(d, K, R), S(423, H, [G, d, K]))
            }), [0, 0, 0])), function() {})), t), function(H) {
                xD(4, H)
            }), t), function(H, G) {
                (G = w(H), H = k(H.G, G), H)[0].removeEventListener(H[1], H[2], R)
            }), t), function(H, G, c) {
                S((c = (G = w(H), w)(H), c), H, "" + k(H, G))
            }), I)), t), f(4)), 0), t), function(H, G, c, K) {
                S((K = (G = w((c = w(H), H)), w(H)), K), H, k(H, c) || k(H, G))
            }), t), function(H, G, c, K) {
                (G = (K = (c = w(H), P(H)), w(H)), S)(G, H, k(H, c) >>> K)
            }), t), function(H, G, c, K, d) {
                for (d = (c = cM((G = w(H), H)), []), K = 0; K < c; K++) d.push(P(H));
                S(G, H, d)
            }), t), function(H, G, c, K) {
                G = (K = k(H, (c = (K = w(H), G = w(H), w(H)), K)), k)(H, G), S(c, H, +(K == G))
            }), 0)), function(H, G, c) {
                (G = k(H, (c = 0 != k(H, (G = w((c = w(H), H)), c)), G)), c) && S(179, H, G)
            })), function(H, G, c, K, d) {
                S((d = k(H, (c = k(H, (G = (d = w((G = (c = (K = w(H), w(H)), w(H)), H)), k(H, G)), c)), d)), K), H, V0(c, d, G, H))
            })), S)(442, t, function(H, G, c, K) {
                K = (G = k(H, (K = w(H), c = w(H), c)), k)(H, K), S(c, H, G + K)
            }), function(H) {
                xD(3, H)
            })), S)(423, t, 0), function(H, G, c, K) {
                if (G = H.e6.pop()) {
                    for (K = P(H); 0 < K; K--) c = w(H), G[c] = H.R[c];
                    (G[257] = H.R[257], G[121] = H.R[121], H).R = G
                } else S(179, H, H.j)
            })), 0), 2048)), [])), function(H) {
                jm(H, 4)
            })), 268), t, [160, 0, 0]), function(H, G, c, K, d, b, p) {
                for (K = (p = (d = k(H, (G = (b = (c = w(H), cM)(H), ""), 222)), d.length), 0); b--;) K = ((K | 0) + (cM(H) | 0)) % p, G += O[d[K]];
                S(c, H, G)
            })), [wz])), g(t, [B, a]), [Cj, n])), true))
        },
        I = this || self,
        Lj = function(n, t, a, O, A) {
            for (t = (A = (n = n.replace(/\r\n/g, "\n"), []), O = 0); O < n.length; O++) a = n.charCodeAt(O), 128 > a ? A[t++] = a : (2048 > a ? A[t++] = a >> 6 | 192 : (55296 == (a & 64512) && O + 1 < n.length && 56320 == (n.charCodeAt(O + 1) & 64512) ? (a = 65536 + ((a & 1023) << 10) + (n.charCodeAt(++O) & 1023), A[t++] = a >> 18 | 240, A[t++] = a >> 12 & 63 | 128) : A[t++] = a >> 12 | 224, A[t++] = a >> 6 & 63 | 128), A[t++] = a & 63 | 128);
            return A
        },
        Q0 = function(n, t, a) {
            return n.v(function(O) {
                a = O
            }, false, t), a
        },
        xD = function(n, t, a, O, A) {
            z(((a = k(t, (a = w((A = n & 3, n &= 4, t)), O = w(t), a)), n && (a = Lj("" + a)), A) && z(u(a.length, 2), O, t), a), O, t)
        },
        Uc = function(n, t) {
            (t.push(n[0] << 24 | n[1] << 16 | n[2] << 8 | n[3]), t.push(n[4] << 24 | n[5] << 16 | n[6] << 8 | n[7]), t).push(n[8] << 24 | n[9] << 16 | n[10] << 8 | n[11])
        },
        tB = function(n, t, a) {
            return ((a = h[t.J](t.xP), a)[t.J] = function() {
                return n
            }, a).concat = function(O) {
                n = O
            }, a
        },
        pj = function(n, t) {
            S(179, n, ((n.e6.push(n.R.slice()), n).R[179] = void 0, t))
        },
        C = function(n, t, a, O, A, H) {
            if (!a.T) {
                if (3 < (n = k(((A = k(a, (H = void 0, n && n[0] === L && (t = n[1], H = n[2], n = void 0), 257)), 0) == A.length && (O = k(a, 336) >> 3, A.push(t, O >> 8 & 255, O & 255), void 0 != H && A.push(H & 255)), t = "", n && (n.message && (t += n.message), n.stack && (t += ":" + n.stack)), a), 121), n)) {
                    t = Lj((t = t.slice(0, (n | 0) - 3), n -= (t.length | 0) + 3, t)), H = a.G, a.G = a;
                    try {
                        z(u(t.length, 2).concat(t), 359, a, 9)
                    } finally {
                        a.G = H
                    }
                }
                S(121, a, n)
            }
        },
        J = I.requestIdleCallback ? function(n) {
            requestIdleCallback(function() {
                n()
            }, {
                timeout: 4
            })
        } : I.setImmediate ? function(n) {
            setImmediate(n)
        } : function(n) {
            setTimeout(n, 0)
        },
        b1 = function(n, t, a, O, A, H) {
            for (A = ((O = w((t = n[YD] || {}, n)), t).Gd = w(n), t.s = [], n.G == n) ? (P(n) | 0) - 1 : 1, a = w(n), H = 0; H < A; H++) t.s.push(w(n));
            for (t.V = k(n, O); A--;) t.s[A] = k(n, t.s[A]);
            return t.fW = k(n, a), t
        },
        z = function(n, t, a, O, A, H) {
            if (a.G == a)
                for (H = k(a, t), 359 == t ? (t = function(G, c, K, d, b) {
                        if (H.m8 != (c = ((d = H.length, d) | 0) - 4 >> 3, c)) {
                            b = [0, (K = (c << (H.m8 = c, 3)) - 4, 0), A[1], A[2]];
                            try {
                                H.Jn = GD(F6((K | 0) + 4, H), F6(K, H), b)
                            } catch (p) {
                                throw p;
                            }
                        }
                        H.push(H.Jn[d & 7] ^ G)
                    }, A = k(a, 494)) : t = function(G) {
                        H.push(G)
                    }, O && t(O & 255), a = 0, O = n.length; a < O; a++) t(n[a])
        },
        f = function(n, t) {
            for (t = []; n--;) t.push(255 * Math.random() | 0);
            return t
        },
        X, l = function(n, t) {
            return n = n.create().shift(), t.g.create().length || t.I.create().length || (t.I = void 0, t.g = void 0), n
        },
        Nt = function(n, t, a, O) {
            try {
                O = n[((t | 0) + 2) % 3], n[t] = (n[t] | 0) - (n[((t | 0) + 1) % 3] | 0) - (O | 0) ^ (1 == t ? O << a : O >>> a)
            } catch (A) {
                throw A;
            }
        },
        Dk = function(n, t, a, O) {
            function A() {}
            return {
                invoke: (a = ID(n, (O = void 0, function(H) {
                    A && (t && J(t), O = H, A(), A = void 0)
                }), !!t)[0], function(H, G, c, K) {
                    function d() {
                        O(function(b) {
                            J(function() {
                                H(b)
                            })
                        }, c)
                    }
                    if (!G) return G = a(c), H && H(G), G;
                    O ? d() : (K = A, A = function() {
                        (K(), J)(d)
                    })
                })
            }
        },
        ID = function(n, t, a, O) {
            return (O = X[n.substring(0, 3) + "_"]) ? O(n.substring(3), t, a) : Ec(n, t)
        },
        k = function(n, t) {
            if (n = n.R[t], void 0 === n) throw [L, 30, t];
            if (n.value) return n.create();
            return n.create(3 * t * t + -61 * t + -57), n.prototype
        },
        oD = function(n, t, a) {
            if ("object" == (t = typeof n, t))
                if (n) {
                    if (n instanceof Array) return "array";
                    if (n instanceof Object) return t;
                    if ("[object Window]" == (a = Object.prototype.toString.call(n), a)) return "object";
                    if ("[object Array]" == a || "number" == typeof n.length && "undefined" != typeof n.splice && "undefined" != typeof n.propertyIsEnumerable && !n.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == a || "undefined" != typeof n.call && "undefined" != typeof n.propertyIsEnumerable && !n.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == t && "undefined" == typeof n.call) return "object";
            return t
        },
        Kj = function(n, t, a, O) {
            for (; t.u.length;) {
                a = (t.H = null, t.u.pop());
                try {
                    O = zD(t, a)
                } catch (A) {
                    F(t, A)
                }
                if (n && t.H) {
                    n = t.H, n(function() {
                        m(true, t, true)
                    });
                    break
                }
            }
            return O
        },
        HM = function(n) {
            return n
        },
        P = function(n) {
            return n.g ? l(n.I, n) : N(8, true, n)
        },
        u = function(n, t, a, O) {
            for (a = (O = (t | 0) - 1, []); 0 <= O; O--) a[(t | 0) - 1 - (O | 0)] = n >> 8 * O & 255;
            return a
        },
        kD = function(n, t) {
            return h[t](h.prototype, {
                stack: n,
                floor: n,
                splice: n,
                propertyIsEnumerable: n,
                length: n,
                call: n,
                console: n,
                parent: n,
                pop: n,
                replace: n,
                document: n,
                prototype: n
            })
        },
        Q = function(n, t, a, O, A, H, G, c, K) {
            if (((t.G = ((H = (c = (n = 4 == (A = (O || t.Y++, K = n ? 255 : O ? 5 : 2, 0 < t.U && t.B && t.rr && 1 >= t.h && !t.g && !t.H && (!O || 1 < t.D - a) && 0 == document.hidden), t.Y)) || A ? t.l() : t.C, G = c - t.C, G >> 14), t).Z && (t.Z ^= H * (G << 2)), H || t.G), t).A += H, n) || A) t.C = c, t.Y = 0;
            if (!A || c - t.P < t.U - K) return false;
            return !(t.H = ((S(179, t, (A = k((t.D = a, t), O ? 336 : 179), t.j)), t.u).push([u1, A, O ? a + 1 : a]), J), 0)
        },
        F6 = function(n, t) {
            return t[n] << 24 | t[(n | 0) + 1] << 16 | t[(n | 0) + 2] << 8 | t[(n | 0) + 3]
        },
        nj = function(n, t, a, O, A, H, G, c) {
            return (c = h[n.J]((O = [-90, -(G = (H = $D, t) & 7, 61), 76, 46, 17, -76, O, 21, 12, -59], n.pW)), c[n.J] = function(K) {
                G += 6 + 7 * t, A = K, G &= 7
            }, c).concat = function(K) {
                return (K = (K = +((K = a % 16 + 1, H()) | 0) * K + 3 * a * a * K + O[G + 27 & 7] * a * K + 40 * A * A + G - -2280 * A - -2440 * a * A - K * A - 120 * a * a * A, A = void 0, O)[K], O)[(G + 69 & 7) + (t & 2)] = K, O[G + (t & 2)] = -61, K
            }, c
        },
        g = function(n, t) {
            n.u.splice(0, 0, t)
        },
        V0 = function(n, t, a, O, A, H) {
            function G() {
                if (O.G == O) {
                    if (O.R) {
                        var c = [Zk, n, a, void 0, A, H, arguments];
                        if (2 == t) var K = m(false, (g(O, c), O), false);
                        else if (1 == t) {
                            var d = !O.u.length;
                            g(O, c), d && m(false, O, false)
                        } else K = zD(O, c);
                        return K
                    }
                    A && H && A.removeEventListener(H, G, R)
                }
            }
            return G
        },
        w = function(n, t) {
            if (n.g) return l(n.I, n);
            return (t = N(8, true, n), t) & 128 && (t ^= 128, n = N(2, true, n), t = (t << 2) + (n | 0)), t
        },
        Ec = function(n, t) {
            return [(t(function(a) {
                a(n)
            }), function() {
                return n
            })]
        },
        WM = function(n, t, a) {
            if (3 == n.length) {
                for (a = 0; 3 > a; a++) t[a] += n[a];
                for (a = (n = 0, [13, 8, 13, 12, 16, 5, 3, 10, 15]); 9 > n; n++) t[3](t, n % 3, a[n])
            }
        },
        R = {
            passive: true,
            capture: true
        },
        zD = function(n, t, a, O, A) {
            if ((O = t[0], O) == M) n.i = 25, n.S(t);
            else if (O == q) {
                a = t[1];
                try {
                    A = n.K || n.S(t)
                } catch (H) {
                    F(n, H), A = n.K
                }
                a(A)
            } else if (O == u1) n.S(t);
            else if (O == B) n.S(t);
            else if (O == Cj) {
                try {
                    for (A = 0; A < n.L.length; A++) try {
                        a = n.L[A], a[0][a[1]](a[2])
                    } catch (H) {}
                } catch (H) {}(0, t[1])(function(H, G) {
                    n.v(H, true, G)
                }, (n.L = [], function(H) {
                    (g(n, (H = !n.u.length, [em])), H) && m(true, n, false)
                }))
            } else {
                if (O == Zk) return A = t[2], S(507, n, t[6]), S(146, n, A), n.S(t);
                O == em ? (n.O = [], n.R = null, n.N = []) : O == wz && "loading" === I.document.readyState && (n.H = function(H, G) {
                    function c() {
                        G || (G = true, H())
                    }(G = false, I).document.addEventListener("DOMContentLoaded", c, R), I.addEventListener("load", c, R)
                })
            }
        },
        N = function(n, t, a, O, A, H, G, c, K, d, b, p, x, V) {
            if ((b = k(a, 179), b) >= a.j) throw [L, 31];
            for (x = (K = (V = b, d = 0, a.lb).length, n); 0 < x;) A = V >> 3, c = V % 8, H = 8 - (c | 0), O = a.O[A], H = H < x ? H : x, t && (p = a, p.X != V >> 6 && (p.X = V >> 6, G = k(p, 107), p.W = GD(p.X, p.Z, [0, 0, G[1], G[2]])), O ^= a.W[A & K]), d |= (O >> 8 - (c | 0) - (H | 0) & (1 << H) - 1) << (x | 0) - (H | 0), x -= H, V += H;
            return S(179, a, (t = d, (b | 0) + (n | 0))), t
        },
        y0 = function(n, t, a, O) {
            return k(a, (S(179, a, (i1(t, ((O = k(a, 179), a).O && O < a.j ? (S(179, a, a.j), pj(a, n)) : S(179, a, n), a)), O)), 146))
        },
        Sm = function(n, t, a, O) {
            for (O = w(n), a = 0; 0 < t; t--) a = a << 8 | P(n);
            S(O, n, a)
        },
        YD = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        q = [],
        em = [],
        B = [],
        u1 = (y.prototype.EP = (y.prototype.gr = false, void 0), []),
        Cj = [],
        L = {},
        wz = [],
        M = (y.prototype.Pd = void 0, []),
        Zk = (y.prototype.F = "toString", []),
        h = (Uc, f, Nt, WM, L).constructor,
        $D = (E = (y.prototype.J = "create", y.prototype), E.v = function(n, t, a, O, A) {
            if ((a = "array" === oD(a) ? a : [a], this).K) n(this.K);
            else try {
                O = !this.u.length, A = [], g(this, [M, A, a]), g(this, [q, n, A]), t && !O || m(t, this, true)
            } catch (H) {
                F(this, H), n(this.K)
            }
        }, E.l = (window.performance || {}).now ? function() {
            return this.j6 + window.performance.now()
        } : function() {
            return +new Date
        }, E.sP = function() {
            return Math.floor(this.l())
        }, void 0),
        AB = (((y.prototype.S = (E.Xh = function(n, t, a) {
            return n ^ ((t ^= t << 13, t ^= t >> 17, t = (t ^ t << 5) & a) || (t = 1), t)
        }, E.nW = function(n, t, a, O, A, H) {
            for (O = H = 0, a = []; H < n.length; H++)
                for (O += t, A = A << t | n[H]; 7 < O;) O -= 8, a.push(A >> O & 255);
            return a
        }, E.a8 = function(n, t, a, O, A) {
            for (A = O = 0; O < n.length; O++) A += n.charCodeAt(O), A += A << 10, A ^= A >> 6;
            return O = new Number((n = (A += A << 3, A ^= A >> 11, A) + (A << 15) >>> 0, n & (1 << t) - 1)), O[0] = (n >>> t) % a, O
        }, E.bb = function() {
            return Math.floor(this.o + (this.l() - this.P))
        }, function(n, t) {
            return $D = (n = {}, t = {}, function() {
                    return t == n ? -57 : -37
                }),
                function(a, O, A, H, G, c, K, d, b, p, x, V, Z, D, U) {
                    D = t, t = n;
                    try {
                        if (U = a[0], U == B) {
                            O = a[1];
                            try {
                                for (K = p = (V = (x = atob(O), []), 0); p < x.length; p++) G = x.charCodeAt(p), 255 < G && (V[K++] = G & 255, G >>= 8), V[K++] = G;
                                S((this.j = (this.O = V, this).O.length << 3, 107), this, [0, 0, 0])
                            } catch (W) {
                                C(W, 17, this);
                                return
                            }
                            i1(8001, this)
                        } else if (U == M) a[1].push(k(this, 268).length, k(this, 90).length, k(this, 121), k(this, 359).length), S(146, this, a[2]), this.R[476] && y0(k(this, 476), 8001, this);
                        else {
                            if (U == q) {
                                this.G = (d = (Z = u(((V = a[2], k(this, 268)).length | 0) + 2, 2), this).G, this);
                                try {
                                    H = k(this, 257), 0 < H.length && z(u(H.length, 2).concat(H), 268, this, 10), z(u(this.A, 1), 268, this, 109), z(u(this[q].length, 1), 268, this), x = 0, x -= (k(this, 268).length | 0) + 5, x += k(this, 56) & 2047, c = k(this, 359), 4 < c.length && (x -= (c.length | 0) + 3), 0 < x && z(u(x, 2).concat(f(x)), 268, this, 15), 4 < c.length && z(u(c.length, 2).concat(c), 268, this, 156)
                                } finally {
                                    this.G = d
                                }
                                if (A = ((((K = f(2).concat(k(this, 268)), K)[1] = K[0] ^ 6, K)[3] = K[1] ^ Z[0], K)[4] = K[1] ^ Z[1], this).KW(K)) A = "!" + A;
                                else
                                    for (A = "", x = 0; x < K.length; x++) b = K[x][this.F](16), 1 == b.length && (b = "0" + b), A += b;
                                return k(this, (k(this, (k((p = A, this), 268).length = V.shift(), 90)).length = V.shift(), S(121, this, V.shift()), 359)).length = V.shift(), p
                            }
                            if (U == u1) y0(a[1], a[2], this);
                            else if (U == Zk) return y0(a[1], 8001, this)
                        }
                    } finally {
                        t = D
                    }
                }
        }()), y).prototype.ZE = 0, y).prototype.hn = 0, /./),
        l1, PM = B.pop.bind((y.prototype.KW = (y.prototype[Cj] = [0, 0, 1, 1, 0, 1, 1], function(n, t, a, O) {
            if (a = window.btoa) {
                for (O = (t = 0, ""); t < n.length; t += 8192) O += String.fromCharCode.apply(null, n.slice(t, t + 8192));
                n = a(O).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else n = void 0;
            return n
        }), y.prototype[M])),
        dz = ((l1 = (AB[y.prototype.F] = PM, kD)({get: PM
        }, y.prototype.J), y).prototype.Hd = void 0, function(n, t) {
            return (t = aD()) && 1 === n.eval(t.createScript("1")) ? function(a) {
                return t.createScript(a)
            } : function(a) {
                return "" + a
            }
        }(I));
    40 < (X = I.botguard || (I.botguard = {}), X.m) || (X.m = 41, X.bg = Dk, X.a = ID), X.jBG_ = function(n, t, a) {
        return a = new y(t, n), [function(O) {
            return Q0(a, O)
        }]
    };
}).call(this);
#8 JavaScript::Eval (size: 112) - SHA256: 904f398afaf371a1ac85a3dd044d56d0022bdf65e05ea2a23404125297753dd6
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(40)(google_tag_manager["GTM-MVCHKSD"].macro(41))
})();
#9 JavaScript::Eval (size: 112) - SHA256: 2ec0930f308fdc8b95ece518e0ac618d5b4efb778a8edab3ce2a62b640bfd764
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(94)(google_tag_manager["GTM-MVCHKSD"].macro(95))
})();
#10 JavaScript::Eval (size: 114) - SHA256: 0bc946b04a722e102b23b2bdaf48a6b43e6f8bfcbb9b3049af73a10cebcbcd3e
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(103)(google_tag_manager["GTM-MVCHKSD"].macro(104))
})();
#11 JavaScript::Eval (size: 81) - SHA256: 75459f9fba05a04490e51dc6b594f5cf915e8855f11f13f4739582af3d26a3d6
(function() {
    return void 0 === google_tag_manager["GTM-MVCHKSD"].macro(166) ? 0 : 1
})();
#12 JavaScript::Eval (size: 329) - SHA256: 79fb35bc585609418656950d06c802bf9d96cd1f0c88a19fb9e32d888304e13e
(function() {
    if (google_tag_manager["GTM-MVCHKSD"].macro(175)) return google_tag_manager["GTM-MVCHKSD"].macro(176);
    if (google_tag_manager["GTM-MVCHKSD"].macro(179) && "not accepted" != google_tag_manager["GTM-MVCHKSD"].macro(182)) try {
        return JSON.parse(google_tag_manager["GTM-MVCHKSD"].macro(185))
    } catch (a) {
        console.error(a)
    }
    return {}
})();
#13 JavaScript::Eval (size: 324) - SHA256: 809e59a995e56044a7b1a15fd07310653f745e0f6e22ad0617cf190b967a2bc2
(function() {
    if (google_tag_manager["GTM-MVCHKSD"].macro(38)) return google_tag_manager["GTM-MVCHKSD"].macro(39);
    if (google_tag_manager["GTM-MVCHKSD"].macro(42) && "not accepted" != google_tag_manager["GTM-MVCHKSD"].macro(45)) try {
        return JSON.parse(google_tag_manager["GTM-MVCHKSD"].macro(48))
    } catch (a) {
        console.error(a)
    }
    return {}
})();
#14 JavaScript::Eval (size: 80) - SHA256: 64aaafe446571c9302bebf86acde9841f4c738e919b46c18775db1f140e8665e
(function() {
    return void 0 === google_tag_manager["GTM-MVCHKSD"].macro(50) ? 0 : 1
})();
#15 JavaScript::Eval (size: 162) - SHA256: d468c2330dcdaf27e981735fa76738c37b89ab22a6665c04511cb3a91a059cfb
(function() {
    var a = window.location.search.toLowerCase();
    a = a.replace(/=/g, '":"').replace(/&/g, '","').replace("?", "");
    a = '{"' + a + '"}';
    return JSON.parse(a).sfmc_id
})();
#16 JavaScript::Eval (size: 329) - SHA256: 3da6dbc8e8f44077042ceceb2f3d1e520338883e48f24086fbe24aed1b2bc822
(function() {
    if (google_tag_manager["GTM-MVCHKSD"].macro(101)) return google_tag_manager["GTM-MVCHKSD"].macro(102);
    if (google_tag_manager["GTM-MVCHKSD"].macro(105) && "not accepted" != google_tag_manager["GTM-MVCHKSD"].macro(108)) try {
        return JSON.parse(google_tag_manager["GTM-MVCHKSD"].macro(111))
    } catch (a) {
        console.error(a)
    }
    return {}
})();
#17 JavaScript::Eval (size: 178) - SHA256: 580e8830333f30cb3bc61e15ecb9b6d194433313f05b48c9bcc14457c9f1fede
(function() {
    var a = google_tag_manager["GTM-MVCHKSD"].macro(125);
    return a.adform && a.doubleclick && a.facebook && a.amazon && a.twitter && a.googleadservice && a.bingads && a.zemanta ? !0 : !1
})();
#18 JavaScript::Eval (size: 89) - SHA256: 82a469cf9a0bd4feeddf6f16f3b24a080129a422076e498736804d9b2995e71a
(function() {
    var a = google_tag_manager["GTM-MVCHKSD"].macro(150);
    return a.criteo ? !0 : !1
})();
#19 JavaScript::Eval (size: 110) - SHA256: 3921a1168bf53af939904a68ddbb946a0f7bb78c9dae882861a777f73c14f8ef
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(7)(google_tag_manager["GTM-MVCHKSD"].macro(8))
})();
#20 JavaScript::Eval (size: 324) - SHA256: 7c946f01aa847ef1c29c628062801c5eaf0552c5c6a91865da5598084693bcf8
(function() {
    if (google_tag_manager["GTM-MVCHKSD"].macro(26)) return google_tag_manager["GTM-MVCHKSD"].macro(27);
    if (google_tag_manager["GTM-MVCHKSD"].macro(30) && "not accepted" != google_tag_manager["GTM-MVCHKSD"].macro(33)) try {
        return JSON.parse(google_tag_manager["GTM-MVCHKSD"].macro(36))
    } catch (a) {
        console.error(a)
    }
    return {}
})();
#21 JavaScript::Eval (size: 112) - SHA256: bfa547150e53f1dd64ea822477b08187247db4a9ae5d70b0dbf5a5437eee0270
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(46)(google_tag_manager["GTM-MVCHKSD"].macro(47))
})();
#22 JavaScript::Eval (size: 86) - SHA256: 2e6525b26d875d598cb7d1680aa812754878da2391617c42f7b73cadb6d038f7
(function() {
    return "1" === google_tag_manager["GTM-MVCHKSD"].macro(86)("das_nb") ? 1 : 0
})();
#23 JavaScript::Eval (size: 114) - SHA256: bd8b4e1e9b07e21af5f7aa8fe6a46fbdaacdb661d2192eada2ac522249dccd82
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(119)(google_tag_manager["GTM-MVCHKSD"].macro(120))
})();
#24 JavaScript::Eval (size: 15551) - SHA256: 18f575f0bb2a785eb17d67542b72fcf79681a1a0faa8d90195f248d95b1bed3f
/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var a = function(t) {
            return t
        },
        G = this || self,
        O = function(t, n) {
            if (!(t = (n = null, G.trustedTypes), t) || !t.createPolicy) return n;
            try {
                n = t.createPolicy("bg", {
                    createHTML: a,
                    createScript: a,
                    createScriptURL: a
                })
            } catch (H) {
                G.console && G.console.error(H.message)
            }
            return n
        };
    (0, eval)(function(t, n) {
        return (n = O()) && 1 === t.eval(n.createScript("1")) ? function(H) {
            return n.createScript(H)
        } : function(H) {
            return "" + H
        }
    }(G)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var i1=function(n,t,a,O,A,H){if(!t.K){t.h++;try{for(O=(H=(a=0,void 0),t.j);--n;)try{if(A=void 0,t.g)H=l(t.g,t);else{if((a=k(t,179),a)>=O)break;H=(A=w((S(336,t,a),t)),k(t,A))}Q(false,(H&&H.call?H(t,n):C([L,21,A],0,t),t),n,false)}catch(G){k(t,153)?C(G,22,t):S(153,t,G)}if(!n){if(t.gr){t.h--,i1(795457819800,t);return}C([L,33],0,t)}}catch(G){try{C(G,22,t)}catch(c){F(t,c)}}t.h--}},S=function(n,t,a){if(179==n||336==n)t.R[n]?t.R[n].concat(a):t.R[n]=tB(a,t);else{if(t.T&&107!=n)return;268==n||359==n||90==n||257==n||494==n?t.R[n]||(t.R[n]=nj(t,70,n,a)):t.R[n]=nj(t,105,n,a)}107==n&&(t.Z=N(32,false,t),t.X=void 0)},aD=function(n,t){if(n=(t=null,I).trustedTypes,!n||!n.createPolicy)return t;try{t=n.createPolicy("bg",{createHTML:HM,createScript:HM,createScriptURL:HM})}catch(a){I.console&&I.console.error(a.message)}return t},F=function(n,t){n.K=((n.K?n.K+"~":"E:")+t.message+":"+t.stack).slice(0,2048)},GD=function(n,t,a,O,A){for(O=a[A=0,3]|0,a=a[2]|0;15>A;A++)n=n>>>8|n<<24,O=O>>>8|O<<24,n+=t|0,n^=a+2278,t=t<<3|t>>>29,O+=a|0,t^=n,O^=A+2278,a=a<<3|a>>>29,a^=O;return[t>>>24&255,t>>>16&255,t>>>8&255,t>>>0&255,n>>>24&255,n>>>16&255,n>>>8&255,n>>>0&255]},E,jm=function(n,t,a,O){z(u(k((O=(a=w(n),w)(n),n),a),t),O,n)},y=function(n,t,a){a=this;try{Oc(n,this,t)}catch(O){F(this,O),n(function(A){A(a.K)})}},cM=function(n,t){return(t=P(n),t&128)&&(t=t&127|P(n)<<7),t},m=function(n,t,a,O,A,H){if(t.u.length){(t.B=!(t.B&&0(),0),t).rr=n;try{O=t.l(),t.P=O,t.Y=0,t.C=O,A=Kj(n,t),H=t.l()-t.P,t.o+=H,H<(a?0:10)||0>=t.i--||(H=Math.floor(H),t.N.push(254>=H?H:254))}finally{t.B=false}return A}},Oc=function(n,t,a,O,A){for(t.xP=((t.I8=(t.lb=t[q],AB),t.ys=l1,t).pW=kD({get:function(){return this.concat()}},t.J),h[t.J](t.pW,{value:{value:{}}})),A=0,O=[];128>A;A++)O[A]=String.fromCharCode(A);m(true,t,(g(t,(g(t,(S(406,t,(S((S(87,t,(S(90,t,(S(121,t,(t.qr=(S(188,t,((S(114,t,((S(59,t,(S(370,t,(S(56,t,(S(152,(S(0,(S(239,(S(238,(t.OP=(S(359,(S(194,t,(S(234,(S(17,(S(78,(S(270,t,(S(494,t,(S(108,(S(171,(S(427,t,(S(214,t,(S(284,(S(219,(S(((S(380,t,(S(11,t,(S((S(216,t,((S(223,(S(341,t,((S(146,t,(S(336,(S(179,(t.L=(t.j6=(t.A=1,((t.rr=false,t).O=[],A=(((t.K=void 0,t).o=0,t).i=((t.wr=0,t).R=[],t.h=(t.G=(t.Y=void 0,(t.U=0,t.T=false,t.ub=function(H){this.G=H},t.u=(t.C=(t.B=false,0),[]),t.D=8001,t.N=[],t).H=(t.j=0,null),t),t.e6=(t.P=0,[]),t.X=void 0,0),25),t.g=void 0,(t.I=void 0,t).Z=void 0,(t.W=void 0,window.performance)||{}),A.timeOrigin||(A.timing||{}).navigationStart)||0),[]),t),0),t),0),{})),t).S6=0,function(H,G,c,K){!Q(false,H,G,true)&&(G=b1(H),c=G.fW,K=G.V,H.G==H||K==H.ub&&c==H)&&(S(G.Gd,H,K.apply(c,G.s)),H.C=H.l())})),t),function(H,G,c,K,d,b){if(!Q(true,H,G,true)){if((H=(d=(K=(c=w((K=(d=w(H),w(H)),G=w(H),H)),G=k(H,G),k(H,K)),k(H,d)),k(H,c)),"object")==oD(d)){for(b in c=[],d)c.push(b);d=c}for(c=(b=(G=0<G?G:1,0),d.length);b<c;b+=G)K(d.slice(b,(b|0)+(G|0)),H)}}),S)(403,t,function(H,G,c,K){S((c=k(H,(K=k((G=(K=w((c=w(H),H)),w)(H),H),K),c)),G),H,c in K|0)}),function(H,G,c,K,d){(d=w((G=(c=w(H),w(H)),H)),H.G==H)&&(K=k(H,c),G=k(H,G),d=k(H,d),K[G]=d,107==c&&(H.X=void 0,2==G&&(H.Z=N(32,false,H),H.X=void 0)))})),12),t,function(H){Sm(H,4)}),function(H,G){pj((G=k(H,w(H)),H.G),G)})),S(257,t,[]),function(H,G,c){Q(false,H,G,true)||(G=w(H),c=w(H),S(c,H,function(K){return eval(K)}(dz(k(H.G,G)))))})),S)(248,t,t),153),t,332),t),function(H,G,c,K,d,b){Q(false,H,G,true)||(K=b1(H.G),G=K.Gd,c=K.fW,d=K.V,K=K.s,b=K.length,c=0==b?new c[d]:1==b?new c[d](K[0]):2==b?new c[d](K[0],K[1]):3==b?new c[d](K[0],K[1],K[2]):4==b?new c[d](K[0],K[1],K[2],K[3]):2(),S(G,H,c))}),t),function(H,G,c){G=(G=(c=(G=w(H),w(H)),k(H,G)),oD)(G),S(c,H,G)}),function(H){jm(H,1)})),function(H,G,c,K){(c=k(H,(K=k(H,(G=(c=(K=w(H),w(H)),w(H)),K)),c)),S)(G,H,K[c])})),t),function(H,G,c,K,d,b,p,x,V,Z,D,U){function W(Y,e){for(;d<Y;)D|=P(H)<<d,d+=8;return D>>=(e=D&(1<<Y)-(d-=Y,1),Y),e}for(G=(c=(b=(K=((d=D=(Z=w(H),0),W)(3)|0)+1,W(5)),V=0),[]);c<b;c++)U=W(1),G.push(U),V+=U?0:1;for(x=(V=((V|0)-1).toString(2).length,c=0,[]);c<b;c++)G[c]||(x[c]=W(V));for(V=0;V<b;V++)G[V]&&(x[V]=w(H));for(p=[];K--;)p.push(k(H,w(H)));S(Z,H,function(Y,e,v,T,r){for(T=(v=(e=[],0),[]);v<b;v++){if(!(r=x[v],G[v])){for(;r>=T.length;)T.push(w(Y));r=T[r]}e.push(r)}(Y.g=tB(p.slice(),Y),Y).I=tB(e,Y)})}),t),function(H,G,c,K,d){0!==(K=k(H,(G=(c=k(H,(d=k((c=w((K=(d=(G=w(H),w(H)),w)(H),H)),H),d),c)),k(H.G,G)),K)),G)&&(K=V0(K,1,c,H,G,d),G.addEventListener(d,K,R),S(423,H,[G,d,K]))}),[0,0,0])),function(){})),t),function(H){xD(4,H)}),t),function(H,G){(G=w(H),H=k(H.G,G),H)[0].removeEventListener(H[1],H[2],R)}),t),function(H,G,c){S((c=(G=w(H),w)(H),c),H,""+k(H,G))}),I)),t),f(4)),0),t),function(H,G,c,K){S((K=(G=w((c=w(H),H)),w(H)),K),H,k(H,c)||k(H,G))}),t),function(H,G,c,K){(G=(K=(c=w(H),P(H)),w(H)),S)(G,H,k(H,c)>>>K)}),t),function(H,G,c,K,d){for(d=(c=cM((G=w(H),H)),[]),K=0;K<c;K++)d.push(P(H));S(G,H,d)}),t),function(H,G,c,K){G=(K=k(H,(c=(K=w(H),G=w(H),w(H)),K)),k)(H,G),S(c,H,+(K==G))}),0)),function(H,G,c){(G=k(H,(c=0!=k(H,(G=w((c=w(H),H)),c)),G)),c)&&S(179,H,G)})),function(H,G,c,K,d){S((d=k(H,(c=k(H,(G=(d=w((G=(c=(K=w(H),w(H)),w(H)),H)),k(H,G)),c)),d)),K),H,V0(c,d,G,H))})),S)(442,t,function(H,G,c,K){K=(G=k(H,(K=w(H),c=w(H),c)),k)(H,K),S(c,H,G+K)}),function(H){xD(3,H)})),S)(423,t,0),function(H,G,c,K){if(G=H.e6.pop()){for(K=P(H);0<K;K--)c=w(H),G[c]=H.R[c];(G[257]=H.R[257],G[121]=H.R[121],H).R=G}else S(179,H,H.j)})),0),2048)),[])),function(H){jm(H,4)})),268),t,[160,0,0]),function(H,G,c,K,d,b,p){for(K=(p=(d=k(H,(G=(b=(c=w(H),cM)(H),""),222)),d.length),0);b--;)K=((K|0)+(cM(H)|0))%p,G+=O[d[K]];S(c,H,G)})),[wz])),g(t,[B,a]),[Cj,n])),true))},I=this||self,Lj=function(n,t,a,O,A){for(t=(A=(n=n.replace(/\\r\\n/g,"\\n"),[]),O=0);O<n.length;O++)a=n.charCodeAt(O),128>a?A[t++]=a:(2048>a?A[t++]=a>>6|192:(55296==(a&64512)&&O+1<n.length&&56320==(n.charCodeAt(O+1)&64512)?(a=65536+((a&1023)<<10)+(n.charCodeAt(++O)&1023),A[t++]=a>>18|240,A[t++]=a>>12&63|128):A[t++]=a>>12|224,A[t++]=a>>6&63|128),A[t++]=a&63|128);return A},Q0=function(n,t,a){return n.v(function(O){a=O},false,t),a},xD=function(n,t,a,O,A){z(((a=k(t,(a=w((A=n&3,n&=4,t)),O=w(t),a)),n&&(a=Lj(""+a)),A)&&z(u(a.length,2),O,t),a),O,t)},Uc=function(n,t){(t.push(n[0]<<24|n[1]<<16|n[2]<<8|n[3]),t.push(n[4]<<24|n[5]<<16|n[6]<<8|n[7]),t).push(n[8]<<24|n[9]<<16|n[10]<<8|n[11])},tB=function(n,t,a){return((a=h[t.J](t.xP),a)[t.J]=function(){return n},a).concat=function(O){n=O},a},pj=function(n,t){S(179,n,((n.e6.push(n.R.slice()),n).R[179]=void 0,t))},C=function(n,t,a,O,A,H){if(!a.T){if(3<(n=k(((A=k(a,(H=void 0,n&&n[0]===L&&(t=n[1],H=n[2],n=void 0),257)),0)==A.length&&(O=k(a,336)>>3,A.push(t,O>>8&255,O&255),void 0!=H&&A.push(H&255)),t="",n&&(n.message&&(t+=n.message),n.stack&&(t+=":"+n.stack)),a),121),n)){t=Lj((t=t.slice(0,(n|0)-3),n-=(t.length|0)+3,t)),H=a.G,a.G=a;try{z(u(t.length,2).concat(t),359,a,9)}finally{a.G=H}}S(121,a,n)}},J=I.requestIdleCallback?function(n){requestIdleCallback(function(){n()},{timeout:4})}:I.setImmediate?function(n){setImmediate(n)}:function(n){setTimeout(n,0)},b1=function(n,t,a,O,A,H){for(A=((O=w((t=n[YD]||{},n)),t).Gd=w(n),t.s=[],n.G==n)?(P(n)|0)-1:1,a=w(n),H=0;H<A;H++)t.s.push(w(n));for(t.V=k(n,O);A--;)t.s[A]=k(n,t.s[A]);return t.fW=k(n,a),t},z=function(n,t,a,O,A,H){if(a.G==a)for(H=k(a,t),359==t?(t=function(G,c,K,d,b){if(H.m8!=(c=((d=H.length,d)|0)-4>>3,c)){b=[0,(K=(c<<(H.m8=c,3))-4,0),A[1],A[2]];try{H.Jn=GD(F6((K|0)+4,H),F6(K,H),b)}catch(p){throw p;}}H.push(H.Jn[d&7]^G)},A=k(a,494)):t=function(G){H.push(G)},O&&t(O&255),a=0,O=n.length;a<O;a++)t(n[a])},f=function(n,t){for(t=[];n--;)t.push(255*Math.random()|0);return t},X,l=function(n,t){return n=n.create().shift(),t.g.create().length||t.I.create().length||(t.I=void 0,t.g=void 0),n},Nt=function(n,t,a,O){try{O=n[((t|0)+2)%3],n[t]=(n[t]|0)-(n[((t|0)+1)%3]|0)-(O|0)^(1==t?O<<a:O>>>a)}catch(A){throw A;}},Dk=function(n,t,a,O){function A(){}return{invoke:(a=ID(n,(O=void 0,function(H){A&&(t&&J(t),O=H,A(),A=void 0)}),!!t)[0],function(H,G,c,K){function d(){O(function(b){J(function(){H(b)})},c)}if(!G)return G=a(c),H&&H(G),G;O?d():(K=A,A=function(){(K(),J)(d)})})}},ID=function(n,t,a,O){return(O=X[n.substring(0,3)+"_"])?O(n.substring(3),t,a):Ec(n,t)},k=function(n,t){if(n=n.R[t],void 0===n)throw[L,30,t];if(n.value)return n.create();return n.create(3*t*t+-61*t+-57),n.prototype},oD=function(n,t,a){if("object"==(t=typeof n,t))if(n){if(n instanceof Array)return"array";if(n instanceof Object)return t;if("[object Window]"==(a=Object.prototype.toString.call(n),a))return"object";if("[object Array]"==a||"number"==typeof n.length&&"undefined"!=typeof n.splice&&"undefined"!=typeof n.propertyIsEnumerable&&!n.propertyIsEnumerable("splice"))return"array";if("[object Function]"==a||"undefined"!=typeof n.call&&"undefined"!=typeof n.propertyIsEnumerable&&!n.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==t&&"undefined"==typeof n.call)return"object";return t},Kj=function(n,t,a,O){for(;t.u.length;){a=(t.H=null,t.u.pop());try{O=zD(t,a)}catch(A){F(t,A)}if(n&&t.H){n=t.H,n(function(){m(true,t,true)});break}}return O},HM=function(n){return n},P=function(n){return n.g?l(n.I,n):N(8,true,n)},u=function(n,t,a,O){for(a=(O=(t|0)-1,[]);0<=O;O--)a[(t|0)-1-(O|0)]=n>>8*O&255;return a},kD=function(n,t){return h[t](h.prototype,{stack:n,floor:n,splice:n,propertyIsEnumerable:n,length:n,call:n,console:n,parent:n,pop:n,replace:n,document:n,prototype:n})},Q=function(n,t,a,O,A,H,G,c,K){if(((t.G=((H=(c=(n=4==(A=(O||t.Y++,K=n?255:O?5:2,0<t.U&&t.B&&t.rr&&1>=t.h&&!t.g&&!t.H&&(!O||1<t.D-a)&&0==document.hidden),t.Y))||A?t.l():t.C,G=c-t.C,G>>14),t).Z&&(t.Z^=H*(G<<2)),H||t.G),t).A+=H,n)||A)t.C=c,t.Y=0;if(!A||c-t.P<t.U-K)return false;return!(t.H=((S(179,t,(A=k((t.D=a,t),O?336:179),t.j)),t.u).push([u1,A,O?a+1:a]),J),0)},F6=function(n,t){return t[n]<<24|t[(n|0)+1]<<16|t[(n|0)+2]<<8|t[(n|0)+3]},nj=function(n,t,a,O,A,H,G,c){return(c=h[n.J]((O=[-90,-(G=(H=$D,t)&7,61),76,46,17,-76,O,21,12,-59],n.pW)),c[n.J]=function(K){G+=6+7*t,A=K,G&=7},c).concat=function(K){return(K=(K=+((K=a%16+1,H())|0)*K+3*a*a*K+O[G+27&7]*a*K+40*A*A+G- -2280*A- -2440*a*A-K*A-120*a*a*A,A=void 0,O)[K],O)[(G+69&7)+(t&2)]=K,O[G+(t&2)]=-61,K},c},g=function(n,t){n.u.splice(0,0,t)},V0=function(n,t,a,O,A,H){function G(){if(O.G==O){if(O.R){var c=[Zk,n,a,void 0,A,H,arguments];if(2==t)var K=m(false,(g(O,c),O),false);else if(1==t){var d=!O.u.length;g(O,c),d&&m(false,O,false)}else K=zD(O,c);return K}A&&H&&A.removeEventListener(H,G,R)}}return G},w=function(n,t){if(n.g)return l(n.I,n);return(t=N(8,true,n),t)&128&&(t^=128,n=N(2,true,n),t=(t<<2)+(n|0)),t},Ec=function(n,t){return[(t(function(a){a(n)}),function(){return n})]},WM=function(n,t,a){if(3==n.length){for(a=0;3>a;a++)t[a]+=n[a];for(a=(n=0,[13,8,13,12,16,5,3,10,15]);9>n;n++)t[3](t,n%3,a[n])}},R={passive:true,capture:true},zD=function(n,t,a,O,A){if((O=t[0],O)==M)n.i=25,n.S(t);else if(O==q){a=t[1];try{A=n.K||n.S(t)}catch(H){F(n,H),A=n.K}a(A)}else if(O==u1)n.S(t);else if(O==B)n.S(t);else if(O==Cj){try{for(A=0;A<n.L.length;A++)try{a=n.L[A],a[0][a[1]](a[2])}catch(H){}}catch(H){}(0,t[1])(function(H,G){n.v(H,true,G)},(n.L=[],function(H){(g(n,(H=!n.u.length,[em])),H)&&m(true,n,false)}))}else{if(O==Zk)return A=t[2],S(507,n,t[6]),S(146,n,A),n.S(t);O==em?(n.O=[],n.R=null,n.N=[]):O==wz&&"loading"===I.document.readyState&&(n.H=function(H,G){function c(){G||(G=true,H())}(G=false,I).document.addEventListener("DOMContentLoaded",c,R),I.addEventListener("load",c,R)})}},N=function(n,t,a,O,A,H,G,c,K,d,b,p,x,V){if((b=k(a,179),b)>=a.j)throw[L,31];for(x=(K=(V=b,d=0,a.lb).length,n);0<x;)A=V>>3,c=V%8,H=8-(c|0),O=a.O[A],H=H<x?H:x,t&&(p=a,p.X!=V>>6&&(p.X=V>>6,G=k(p,107),p.W=GD(p.X,p.Z,[0,0,G[1],G[2]])),O^=a.W[A&K]),d|=(O>>8-(c|0)-(H|0)&(1<<H)-1)<<(x|0)-(H|0),x-=H,V+=H;return S(179,a,(t=d,(b|0)+(n|0))),t},y0=function(n,t,a,O){return k(a,(S(179,a,(i1(t,((O=k(a,179),a).O&&O<a.j?(S(179,a,a.j),pj(a,n)):S(179,a,n),a)),O)),146))},Sm=function(n,t,a,O){for(O=w(n),a=0;0<t;t--)a=a<<8|P(n);S(O,n,a)},YD=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),q=[],em=[],B=[],u1=(y.prototype.EP=(y.prototype.gr=false,void 0),[]),Cj=[],L={},wz=[],M=(y.prototype.Pd=void 0,[]),Zk=(y.prototype.F="toString",[]),h=(Uc,f,Nt,WM,L).constructor,$D=(E=(y.prototype.J="create",y.prototype),E.v=function(n,t,a,O,A){if((a="array"===oD(a)?a:[a],this).K)n(this.K);else try{O=!this.u.length,A=[],g(this,[M,A,a]),g(this,[q,n,A]),t&&!O||m(t,this,true)}catch(H){F(this,H),n(this.K)}},E.l=(window.performance||{}).now?function(){return this.j6+window.performance.now()}:function(){return+new Date},E.sP=function(){return Math.floor(this.l())},void 0),AB=(((y.prototype.S=(E.Xh=function(n,t,a){return n^((t^=t<<13,t^=t>>17,t=(t^t<<5)&a)||(t=1),t)},E.nW=function(n,t,a,O,A,H){for(O=H=0,a=[];H<n.length;H++)for(O+=t,A=A<<t|n[H];7<O;)O-=8,a.push(A>>O&255);return a},E.a8=function(n,t,a,O,A){for(A=O=0;O<n.length;O++)A+=n.charCodeAt(O),A+=A<<10,A^=A>>6;return O=new Number((n=(A+=A<<3,A^=A>>11,A)+(A<<15)>>>0,n&(1<<t)-1)),O[0]=(n>>>t)%a,O},E.bb=function(){return Math.floor(this.o+(this.l()-this.P))},function(n,t){return $D=(n={},t={},function(){return t==n?-57:-37}),function(a,O,A,H,G,c,K,d,b,p,x,V,Z,D,U){D=t,t=n;try{if(U=a[0],U==B){O=a[1];try{for(K=p=(V=(x=atob(O),[]),0);p<x.length;p++)G=x.charCodeAt(p),255<G&&(V[K++]=G&255,G>>=8),V[K++]=G;S((this.j=(this.O=V,this).O.length<<3,107),this,[0,0,0])}catch(W){C(W,17,this);return}i1(8001,this)}else if(U==M)a[1].push(k(this,268).length,k(this,90).length,k(this,121),k(this,359).length),S(146,this,a[2]),this.R[476]&&y0(k(this,476),8001,this);else{if(U==q){this.G=(d=(Z=u(((V=a[2],k(this,268)).length|0)+2,2),this).G,this);try{H=k(this,257),0<H.length&&z(u(H.length,2).concat(H),268,this,10),z(u(this.A,1),268,this,109),z(u(this[q].length,1),268,this),x=0,x-=(k(this,268).length|0)+5,x+=k(this,56)&2047,c=k(this,359),4<c.length&&(x-=(c.length|0)+3),0<x&&z(u(x,2).concat(f(x)),268,this,15),4<c.length&&z(u(c.length,2).concat(c),268,this,156)}finally{this.G=d}if(A=((((K=f(2).concat(k(this,268)),K)[1]=K[0]^6,K)[3]=K[1]^Z[0],K)[4]=K[1]^Z[1],this).KW(K))A="!"+A;else for(A="",x=0;x<K.length;x++)b=K[x][this.F](16),1==b.length&&(b="0"+b),A+=b;return k(this,(k(this,(k((p=A,this),268).length=V.shift(),90)).length=V.shift(),S(121,this,V.shift()),359)).length=V.shift(),p}if(U==u1)y0(a[1],a[2],this);else if(U==Zk)return y0(a[1],8001,this)}}finally{t=D}}}()),y).prototype.ZE=0,y).prototype.hn=0,/./),l1,PM=B.pop.bind((y.prototype.KW=(y.prototype[Cj]=[0,0,1,1,0,1,1],function(n,t,a,O){if(a=window.btoa){for(O=(t=0,"");t<n.length;t+=8192)O+=String.fromCharCode.apply(null,n.slice(t,t+8192));n=a(O).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else n=void 0;return n}),y.prototype[M])),dz=((l1=(AB[y.prototype.F]=PM,kD)({get:PM},y.prototype.J),y).prototype.Hd=void 0,function(n,t){return(t=aD())&&1===n.eval(t.createScript("1"))?function(a){return t.createScript(a)}:function(a){return""+a}}(I));40<(X=I.botguard||(I.botguard={}),X.m)||(X.m=41,X.bg=Dk,X.a=ID),X.jBG_=function(n,t,a){return a=new y(t,n),[function(O){return Q0(a,O)}]};}).call(this);'));
}).call(this);
#25 JavaScript::Eval (size: 114) - SHA256: 33f5dc3df2c4e1dfc5045f3b4335ccbd9fc2032b4ad97688b22c37cee2810864
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(160)(google_tag_manager["GTM-MVCHKSD"].macro(161))
})();
#26 JavaScript::Eval (size: 114) - SHA256: 7408bfae15334c50f5ad351a0aef23fc9b32e210eb733e4fab200fff0afe213a
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(169)(google_tag_manager["GTM-MVCHKSD"].macro(170))
})();
#27 JavaScript::Eval (size: 87) - SHA256: a3c9a803599757f98a8df74dce57f48349ebfa9be31fe39e9f43172848f884b2
(function() {
    return "1" === google_tag_manager["GTM-MVCHKSD"].macro(172)("das_nb") ? 1 : 0
})();
#28 JavaScript::Eval (size: 114) - SHA256: 42734d2cc44b3d002027315870c0bc4a1cd4530b5680fa8ff75791e21bdb4bca
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(180)(google_tag_manager["GTM-MVCHKSD"].macro(181))
})();
#29 JavaScript::Eval (size: 178) - SHA256: 00f849f8d5e9c621499931f688aaf7217c87a1eb012e6bc584d9c25e170f2078
(function() {
    var a = google_tag_manager["GTM-MVCHKSD"].macro(186);
    return a.adform && a.doubleclick && a.facebook && a.amazon && a.twitter && a.googleadservice && a.bingads && a.zemanta ? !0 : !1
})();
#30 JavaScript::Eval (size: 112) - SHA256: 8d53e6d72b686409e6e1f3564e227d1b0852d2e0c5d16bcfe11b5a8e49e480ab
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(43)(google_tag_manager["GTM-MVCHKSD"].macro(44))
})();
#31 JavaScript::Eval (size: 112) - SHA256: a8dde758df821805dc2b71afa6c46c852689a1316a1fd356b99ccee4e63c62ff
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(81)(google_tag_manager["GTM-MVCHKSD"].macro(82))
})();
#32 JavaScript::Eval (size: 170) - SHA256: 66eb3b6b4a250e491fc93ded45be4780bb37f1c80d2ae62e6fa4d02ca1ec11ab
(function() {
    var a = window.location.search.toLowerCase();
    a = a.replace(/=/g, '":"').replace(/&/g, '","').replace("?", "");
    a = '{"' + a + '"}';
    return JSON.parse(a).sfmc_activityid
})();
#33 JavaScript::Eval (size: 114) - SHA256: 06d46debe892f4fde8fc2e403777c5bad60010ac749411c02153583bf5d725c8
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(190)(google_tag_manager["GTM-MVCHKSD"].macro(191))
})();
#34 JavaScript::Eval (size: 112) - SHA256: 0d71ffa0227bdef55aa3621726e72d0b61cf780c7bdaae791087f77d55c84225
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(34)(google_tag_manager["GTM-MVCHKSD"].macro(35))
})();
#35 JavaScript::Eval (size: 178) - SHA256: 7f6522b341afc3e061773429a016707039cdeb00783dd740ab5513556b95475f
(function() {
    var a = google_tag_manager["GTM-MVCHKSD"].macro(100);
    return a.adform && a.doubleclick && a.facebook && a.amazon && a.twitter && a.googleadservice && a.bingads && a.zemanta ? !0 : !1
})();
#36 JavaScript::Eval (size: 114) - SHA256: 324dc0f801de0df027af2b8f70f86db286893bcdc766dc6295443d7031078470
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(157)(google_tag_manager["GTM-MVCHKSD"].macro(158))
})();
#37 JavaScript::Eval (size: 329) - SHA256: bf3b792d82cd59d42be7d1236851460a136ee42cedfb418e8209320f8acb7585
(function() {
    if (google_tag_manager["GTM-MVCHKSD"].macro(152)) return google_tag_manager["GTM-MVCHKSD"].macro(153);
    if (google_tag_manager["GTM-MVCHKSD"].macro(156) && "not accepted" != google_tag_manager["GTM-MVCHKSD"].macro(159)) try {
        return JSON.parse(google_tag_manager["GTM-MVCHKSD"].macro(162))
    } catch (a) {
        console.error(a)
    }
    return {}
})();
#38 JavaScript::Eval (size: 5510) - SHA256: 7a8edf75256d6c2435903a15f4465b0c5b8a42b9b5894c66c462d6cd334f409c
(function() {
    var a = "3ds.abanca.com 3ds.alfabank.by 3ds.altynbank.kz 3ds.bankrbk.kz 3ds.borica.bg 3ds.bov.com 3ds.cafis-paynet.jp 3ds.cardservices.center 3ds.cathaybk.com.tw 3ds.consorsfinanz.de 3ds.egcp.com 3ds.kombank.com 3ds.kredobank.com.ua 3ds.open.ru 3ds.oschadbank.ua 3ds.payment.ru 3ds.priorbank.by 3ds.qnb.com 3ds.rpc-raiffeisen.com 3ds.sdm.ru 3ds.sia.eu 3ds.vinea.es 3ds.zenit.ru 3ds2.checkout.com 3ds2.open.ru 3ds2.ukrsibbank.com 3ds2-idcheck.acdcproc.com 3ds2-visasecure.acdcproc.com 3ds-a.live.ext.prod.enfuce.com 3ds-b.live.ext.prod.enfuce.com 3dsec.cardcenter.ch 3dsec.postfinance.ch 3dsecure.bcc.kz 3dsecure.bnpparibas.pl 3dsecure.cartasi.it 3dsecure.cartasi.it 3dsecure.cgbchina.com.cn 3dsecure.csas.cz 3dsecure.fr.ing.com 3dsecure.ing.ro 3dsecure.mbank.cz 3dsecure.mbank.pl 3dsecure.mbank.sk 3dsecure.pl.ing.com 3dsecure.psa.at 3dsecure.qiib.com.qa 3dsecure.raiffeisen.al 3dsecure.raiffeisenbank.rs 3dsecure.s-id-check-sparkassen.de 3dsecure.slsp.sk 3dsecure.tatrabanka.sk 3dsecure.unibank.az 3dsecure.yoomoney.ru 3dsecure.zen.com 3dsecure-1.wirecard.com 3dsecure2.credit-agricole.pl 3dsecure2.csas.cz 3dsecure2.halykbank.kz 3dsecure2.optimabank.kg 3dsecure2.vietcombank.com.vn 3dsecure-2.wirecard.com 3dsecure-korporacje.mbank.pl 3dsecure-vrp.de 3ds-hanseaticbank.de 3ds-n1.nbg.gr 3ds-n2.nbg.gr 3ds-n3.nbg.gr 3dsp2v.vtb.ru 3ds-pay.sberbank.kz 3dspayment.easybank.at 3dspayment.paylife.at 3dss.hpb.hr 3ds-secure.cardcomplete.com 3dssg.ocbc.com 78zd31yuezqzy5wkjtunafdwmtjee7.3dspx.bankcheckcode.com 79qjdkcsa7suimmizvre3tmjgwpqun.3dspx.bankcheckcode.com acs.3dsecure.az acs.ababank.com acs.airplus.com acs.alfabank.kiev.ua acs.alfabank.ru acs.bccard.com acs.bspb.ru acs.capitalone.com acs.cardpay.com acs.centrinvest.ru acs.creditdnepr.com acs.cupdata.com acs.eximb.com acs.fio.cz acs.fssnet.co.in acs.fuib.com acs.hanacard.co.kr acs.kapital24.uz acs.luminorgroup.com acs.mashreq.com acs.mercurypaymentservices.it acs.netsgroup.com acs.paymaya.com acs.redbanc.cl acs.rsb.ru acs.shinhancard.com acs.sia.eu acs.sibs.pt acs.spdb.com.cn acs.swisscard.ch acs.tbcbank.ge acs.touch.tech acs.upc.ua acs.wooricard.com acs1.3ds.modirum.com acs1.3dsecure.no acs1.edb.com acs1.sbrf.ru acs1.viseca.ch acs1-3dsecure.cic.fr acs1-3dsecure.cm-cic.com acs1-3dsecure.creditmutuel.fr acs1-3dsecure.targobank.de acs2.agillitas.com.br acs2.arca.am acs2.bgpb.by acs2.bspb.ru acs2.creditcard.ecitic.com acs2.edb.com acs2.gpesecure.com acs2.libertybank.ge acs2.nbu.uz acs2.nedsecure.co.za acs2.quipu.de acs2.rba.hr acs2.sbrf.ru acs2.six-payment-services.com acs2.uralsib.ru acs2-3dsecure.cic.fr acs2-3dsecure.cm-cic.com acs2-3dsecure.creditmutuel.fr acs2-3dsecure.targobank.de acs2c.ukrcard.com.ua acs2-concord.procard.ua acs2mc.multicarta.ru acs2v.multicarta.ru acs3.sbrf.ru acs3d.fisc.com.tw acs4.3dsecure.no acs4.privatbank.ua acs4.sbrf.ru acs6.unicredit.ru acsds.eubank.kz acs-jcn.dnp-cdms.jp acsm2.centrum24.pl acspa.petafuel.net acssv.ckb.me acssv.dskbank.bg acssv.otpbank.al acssv.otpbank.hu acs-trides2.asseco-see.hr acsus1.netsgroup.com acsv2.cardstandard.ru acsweb.novabanka.com authentication-acs.marqeta.com belgium-3ds-bxl.wlp-acs.com belgium-3ds-vdm.wlp-acs.com bfcoi-3ds-bxl.wlp-acs.com bfcoi-3ds-vdm.wlp-acs.com bnpp-3ds.wlp-acs.com bnpp-3ds-bxl.wlp-acs.com bnpp-3ds-vdm.wlp-acs.com boursorama-3ds-bxl.wlp-acs.com boursorama-3ds-vdm.wlp-acs.com bps.3dsecure.itcard.pl bred-3ds-bxl.wlp-acs.com bred-3ds-vdm.wlp-acs.com cacs-v2.icard.com cbc-bxl.wlp-acs.com cdn-3ds-bxl.wlp-acs.com cdn-3ds-vdm.wlp-acs.com coapacs2c.pingan.com.cn credit-mutuel-3ds.wlp-acs.com credit-mutuel-3ds-bxl.wlp-acs.com credit-mutuel-3ds-vdm.wlp-acs.com crqsbiacs.sbi danskebank-3ds-bxl.wlp-acs.com danskebank-3ds-vdm.wlp-acs.com emv3ds.npc.by emv3ds.npc.by emv3ds-acs.nccc.com.tw emv3ds-acs.taipeifubon.com.tw emv3dsauth1.secureacs.com emv3dsweb.santander.com.br emvacs.2c2p.com emvacs.bkm.com.tr emvacs.qiwi.com eu.3ds.acssecure.com fscd3dsprod.bci.cl gbemv3dsecure.garanti.com.tr german-3ds-bxl.wlp-acs.com german-3ds-vdm.wlp-acs.com gnb.3dsecure.itcard.pl hsbc-3ds-bxl.wlp-acs.com hsbc-3ds-vdm.wlp-acs.com ipcacs.bps-sberbank.by labanquepostale-3ds-bxl.wlp-acs.com labanquepostale-3ds-vdm.wlp-acs.com luxembourg-3ds-bxl.wlp-acs.com luxembourg-3ds-vdm.wlp-acs.com lv-worldline-3ds-bxl.wlp-acs.com lv-worldline-3ds-vdm.wlp-acs.com mafrenchbank-3ds-bxl.wlp-acs.com mafrenchbank-3ds-vdm.wlp-acs.com mail.acscloud.it mastercard2.acs.cmbchina.com metlacspa-my.sharepoint.com natixispaymentsolutions-3ds-bxl.wlp-acs.com natixispaymentsolutions-3ds-vdm.wlp-acs.com op-bxl.wlp-acs.com optpf-3ds-vdm.wlp-acs.com op-vdm.wlp-acs.com pca3ds.gbp.ma postbank-3ds-bxl.wlp-acs.com postbank-3ds-vdm.wlp-acs.com primeacs.nouvobanq.com roemv3dsecure.garantibank.ro rsa3dsauth.co.uk rsa3dsauth.com secure.3ds.bonuscard.ch secure.3ds.cornercard.ch secure.3ds.cornercard.eu secure-acs2ui-b1-indblr-blrtdc.wibmo.com secure-acs2ui-b1-indmum-mumrdc.wibmo.com sg-3ds-bxl.wlp-acs.com sg-3ds-vdm.wlp-acs.com ssl-prd-u7f-fo-acs-pa-casa.wlp-acs.com ssl-prd-u7f-fo-acs-pa-casa-bxl.wlp-acs.com ssl-prd-u7f-fo-acs-pa-casa-vdm.wlp-acs.com tas-conductor-acs2.com test3dsecure.cartasi.it testacs.cardnet-tds.com uobs3dsg2.uobgroup.com uobt3dsg2.uobgroup.com vacsverify.unionpay.com visa2.acs.cmbchina.com masterpass.com secure7.arcot.com".split(" "),
        b = /https?:\/\/([^/:]+)/.exec(google_tag_manager["GTM-MVCHKSD"].macro(164));
    if (b)
        for (var c = a.length; c--;)
            if ((new RegExp("^" + a[c] + "$")).test(b[1])) return null;
    return google_tag_manager["GTM-MVCHKSD"].macro(165)
})();
#39 JavaScript::Eval (size: 75) - SHA256: b8276d8c04a4d4ffb0df32307dc40c3f5f3a6d59ac49be6f3c0c8242fa09688a
(function() {
    return 1 == google_tag_manager["GTM-MVCHKSD"].macro(171) ? 1 : 0
})();
#40 JavaScript::Eval (size: 114) - SHA256: 834f58d9dad59323155bb1289dc3c7c017494d4e27aa032e60e90e4f4247b7b4
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(192)(google_tag_manager["GTM-MVCHKSD"].macro(193))
})();
#41 JavaScript::Eval (size: 329) - SHA256: c31b3ad9c89f4d568cad2c9345306be1ff0e1d24a3a46a585fd35ec0413314af
(function() {
    if (google_tag_manager["GTM-MVCHKSD"].macro(114)) return google_tag_manager["GTM-MVCHKSD"].macro(115);
    if (google_tag_manager["GTM-MVCHKSD"].macro(118) && "not accepted" != google_tag_manager["GTM-MVCHKSD"].macro(121)) try {
        return JSON.parse(google_tag_manager["GTM-MVCHKSD"].macro(124))
    } catch (a) {
        console.error(a)
    }
    return {}
})();
#42 JavaScript::Eval (size: 114) - SHA256: 71562e7fef8caf0b56d0a37959743bb277b426b78ac6e299a14407700515a766
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(141)(google_tag_manager["GTM-MVCHKSD"].macro(142))
})();
#43 JavaScript::Eval (size: 114) - SHA256: ceab570786dc5c9e17ec62e71acdd0a7eb0e1e400cccc467624941c1af8178e7
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(154)(google_tag_manager["GTM-MVCHKSD"].macro(155))
})();
#44 JavaScript::Eval (size: 75) - SHA256: 56c7ff4324b296001e6f149bc697e87688a678e0025fc763fb44eb0706687013
(function() {
    return 1 == google_tag_manager["GTM-MVCHKSD"].macro(194) ? 1 : 0
})();
#45 JavaScript::Eval (size: 120) - SHA256: 672568d489cfbe96d54dd29237cda4b546fee8eaa28ce6340530e05a3ffdbb83
(function() {
    var b = function(a) {
        if (a = document.cookie.match(new RegExp("(^| )" + a + "\x3d([^;]+)"))) return a[2]
    };
    return b
})();
#46 JavaScript::Eval (size: 112) - SHA256: 1bf1193cab249cc6ca2313584fa15680d42d86bfcc91f49c276f944f10150494
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(74)(google_tag_manager["GTM-MVCHKSD"].macro(75))
})();
#47 JavaScript::Eval (size: 114) - SHA256: 57bc80c23ba6e8bbe0a6e6b7bc09a68b7d79b5b5c23be92a857eae64c63c47e4
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(109)(google_tag_manager["GTM-MVCHKSD"].macro(110))
})();
#48 JavaScript::Eval (size: 114) - SHA256: ac430862d50dbca6817b2d183c84729b8f5fac0263fd58d41824abcb2416db5b
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(122)(google_tag_manager["GTM-MVCHKSD"].macro(123))
})();
#49 JavaScript::Eval (size: 329) - SHA256: b9ed1f06216cce6b2deec9475342e0d4a98d2e5d7fbac68847d448c14f75de16
(function() {
    if (google_tag_manager["GTM-MVCHKSD"].macro(127)) return google_tag_manager["GTM-MVCHKSD"].macro(128);
    if (google_tag_manager["GTM-MVCHKSD"].macro(131) && "not accepted" != google_tag_manager["GTM-MVCHKSD"].macro(134)) try {
        return JSON.parse(google_tag_manager["GTM-MVCHKSD"].macro(137))
    } catch (a) {
        console.error(a)
    }
    return {}
})();
#50 JavaScript::Eval (size: 114) - SHA256: 9c6d7f72d529e4e83696e55822dc3f79a4daa89f08a41b3e8ed0b97fe74373b1
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(144)(google_tag_manager["GTM-MVCHKSD"].macro(145))
})();
#51 JavaScript::Eval (size: 114) - SHA256: 1e571d261dc463459a647034fb46029a026e2389bd14d8589a5c29f862c7daa9
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(183)(google_tag_manager["GTM-MVCHKSD"].macro(184))
})();
#52 JavaScript::Eval (size: 22) - SHA256: 402e82e4156ccb59ff4c82fa91888cec66203cf0adcfd6c409930c11ba6a3c8b
0,
function(H) {
    Sm(H, 2)
}
#53 JavaScript::Eval (size: 112) - SHA256: d8be381dbbde32db968ee533b60fc7b5a6dde4130e3f6e371096d19e3ca598e5
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(10)(google_tag_manager["GTM-MVCHKSD"].macro(11))
})();
#54 JavaScript::Eval (size: 324) - SHA256: d4e7b02d5a9bd436a3cb07ae9c6c8d9e399fbbf335ad3ed569c25934f25dd3c9
(function() {
    if (google_tag_manager["GTM-MVCHKSD"].macro(14)) return google_tag_manager["GTM-MVCHKSD"].macro(15);
    if (google_tag_manager["GTM-MVCHKSD"].macro(18) && "not accepted" != google_tag_manager["GTM-MVCHKSD"].macro(21)) try {
        return JSON.parse(google_tag_manager["GTM-MVCHKSD"].macro(24))
    } catch (a) {
        console.error(a)
    }
    return {}
})();
#55 JavaScript::Eval (size: 88) - SHA256: 19069fc252f03ae3c3e9b612a57414dade7f16b2fd1647f6b20325b7e51e765f
(function() {
    var a = google_tag_manager["GTM-MVCHKSD"].macro(49);
    return a.amazon ? !0 : !1
})();
#56 JavaScript::Eval (size: 80) - SHA256: 0396846351a4c8089dad2baf9b3d39fa7471928a2413715264591e6ee223d3e8
(function() {
    return void 0 === google_tag_manager["GTM-MVCHKSD"].macro(80) ? 0 : 1
})();
#57 JavaScript::Eval (size: 112) - SHA256: cfbb23f4cc6bb16340bdf1ca4767b019fe5d1dbd94877b0d4bc9a9f1f21bd5e5
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(83)(google_tag_manager["GTM-MVCHKSD"].macro(84))
})();
#58 JavaScript::Eval (size: 112) - SHA256: c5e459c07fbd3a5ba47510e8515ede7793cefa2f30b56b2377040b42968b4d47
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(97)(google_tag_manager["GTM-MVCHKSD"].macro(98))
})();
#59 JavaScript::Eval (size: 114) - SHA256: 410d95587f2dd5dd6efb70d921d09896a3608eff51901a4bba8bff403f660359
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(116)(google_tag_manager["GTM-MVCHKSD"].macro(117))
})();
#60 JavaScript::Eval (size: 329) - SHA256: d9ccb3977b059ae999922c9f08982f016303699448362b72e2beffb08c3f5001
(function() {
    if (google_tag_manager["GTM-MVCHKSD"].macro(139)) return google_tag_manager["GTM-MVCHKSD"].macro(140);
    if (google_tag_manager["GTM-MVCHKSD"].macro(143) && "not accepted" != google_tag_manager["GTM-MVCHKSD"].macro(146)) try {
        return JSON.parse(google_tag_manager["GTM-MVCHKSD"].macro(149))
    } catch (a) {
        console.error(a)
    }
    return {}
})();
#61 JavaScript::Eval (size: 320) - SHA256: 8e41431f03597a0e757cc8211512c4caddc676da2e3ffaf5b16946483e687ae8
(function() {
    if (google_tag_manager["GTM-MVCHKSD"].macro(2)) return google_tag_manager["GTM-MVCHKSD"].macro(3);
    if (google_tag_manager["GTM-MVCHKSD"].macro(6) && "not accepted" != google_tag_manager["GTM-MVCHKSD"].macro(9)) try {
        return JSON.parse(google_tag_manager["GTM-MVCHKSD"].macro(12))
    } catch (a) {
        console.error(a)
    }
    return {}
})();
#62 JavaScript::Eval (size: 177) - SHA256: 18c369ddcf4b931cd927b04400a39e66ac0201560b7e0b64c18a975156bd7ab0
(function() {
    var a = google_tag_manager["GTM-MVCHKSD"].macro(25);
    return a.adform && a.doubleclick && a.facebook && a.amazon && a.twitter && a.googleadservice && a.bingads && a.zemanta ? !0 : !1
})();
#63 JavaScript::Eval (size: 114) - SHA256: 5a470d33f65cb5b07a4be9b8d771dac17f5e5242ac56ec760a5752fd6eaed3d1
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(147)(google_tag_manager["GTM-MVCHKSD"].macro(148))
})();
#64 JavaScript::Eval (size: 112) - SHA256: 46b99f1f1961b7d30ad7921247584bbdcdb605fb34b655f8d59289f0c42f0fdd
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(28)(google_tag_manager["GTM-MVCHKSD"].macro(29))
})();
#65 JavaScript::Eval (size: 324) - SHA256: 06e3c05ee0932166ca09176eed3904b404b56e5cc22e6748920fe6808e61186f
(function() {
    if (google_tag_manager["GTM-MVCHKSD"].macro(66)) return google_tag_manager["GTM-MVCHKSD"].macro(67);
    if (google_tag_manager["GTM-MVCHKSD"].macro(70) && "not accepted" != google_tag_manager["GTM-MVCHKSD"].macro(73)) try {
        return JSON.parse(google_tag_manager["GTM-MVCHKSD"].macro(76))
    } catch (a) {
        console.error(a)
    }
    return {}
})();
#66 JavaScript::Eval (size: 178) - SHA256: c7e2764acd8049aadb7b9b16dcdbaad6bec1a32d73ff36b9a83a5eccf202e204
(function() {
    var a = google_tag_manager["GTM-MVCHKSD"].macro(112);
    return a.adform && a.doubleclick && a.facebook && a.amazon && a.twitter && a.googleadservice && a.bingads && a.zemanta ? !0 : !1
})();
#67 JavaScript::Eval (size: 5510) - SHA256: 7d5ed7926c16e0070731b778d06fbdb59e67d5a30e530ff915b237bba42f883b
(function() {
    var a = "3ds.abanca.com 3ds.alfabank.by 3ds.altynbank.kz 3ds.bankrbk.kz 3ds.borica.bg 3ds.bov.com 3ds.cafis-paynet.jp 3ds.cardservices.center 3ds.cathaybk.com.tw 3ds.consorsfinanz.de 3ds.egcp.com 3ds.kombank.com 3ds.kredobank.com.ua 3ds.open.ru 3ds.oschadbank.ua 3ds.payment.ru 3ds.priorbank.by 3ds.qnb.com 3ds.rpc-raiffeisen.com 3ds.sdm.ru 3ds.sia.eu 3ds.vinea.es 3ds.zenit.ru 3ds2.checkout.com 3ds2.open.ru 3ds2.ukrsibbank.com 3ds2-idcheck.acdcproc.com 3ds2-visasecure.acdcproc.com 3ds-a.live.ext.prod.enfuce.com 3ds-b.live.ext.prod.enfuce.com 3dsec.cardcenter.ch 3dsec.postfinance.ch 3dsecure.bcc.kz 3dsecure.bnpparibas.pl 3dsecure.cartasi.it 3dsecure.cartasi.it 3dsecure.cgbchina.com.cn 3dsecure.csas.cz 3dsecure.fr.ing.com 3dsecure.ing.ro 3dsecure.mbank.cz 3dsecure.mbank.pl 3dsecure.mbank.sk 3dsecure.pl.ing.com 3dsecure.psa.at 3dsecure.qiib.com.qa 3dsecure.raiffeisen.al 3dsecure.raiffeisenbank.rs 3dsecure.s-id-check-sparkassen.de 3dsecure.slsp.sk 3dsecure.tatrabanka.sk 3dsecure.unibank.az 3dsecure.yoomoney.ru 3dsecure.zen.com 3dsecure-1.wirecard.com 3dsecure2.credit-agricole.pl 3dsecure2.csas.cz 3dsecure2.halykbank.kz 3dsecure2.optimabank.kg 3dsecure2.vietcombank.com.vn 3dsecure-2.wirecard.com 3dsecure-korporacje.mbank.pl 3dsecure-vrp.de 3ds-hanseaticbank.de 3ds-n1.nbg.gr 3ds-n2.nbg.gr 3ds-n3.nbg.gr 3dsp2v.vtb.ru 3ds-pay.sberbank.kz 3dspayment.easybank.at 3dspayment.paylife.at 3dss.hpb.hr 3ds-secure.cardcomplete.com 3dssg.ocbc.com 78zd31yuezqzy5wkjtunafdwmtjee7.3dspx.bankcheckcode.com 79qjdkcsa7suimmizvre3tmjgwpqun.3dspx.bankcheckcode.com acs.3dsecure.az acs.ababank.com acs.airplus.com acs.alfabank.kiev.ua acs.alfabank.ru acs.bccard.com acs.bspb.ru acs.capitalone.com acs.cardpay.com acs.centrinvest.ru acs.creditdnepr.com acs.cupdata.com acs.eximb.com acs.fio.cz acs.fssnet.co.in acs.fuib.com acs.hanacard.co.kr acs.kapital24.uz acs.luminorgroup.com acs.mashreq.com acs.mercurypaymentservices.it acs.netsgroup.com acs.paymaya.com acs.redbanc.cl acs.rsb.ru acs.shinhancard.com acs.sia.eu acs.sibs.pt acs.spdb.com.cn acs.swisscard.ch acs.tbcbank.ge acs.touch.tech acs.upc.ua acs.wooricard.com acs1.3ds.modirum.com acs1.3dsecure.no acs1.edb.com acs1.sbrf.ru acs1.viseca.ch acs1-3dsecure.cic.fr acs1-3dsecure.cm-cic.com acs1-3dsecure.creditmutuel.fr acs1-3dsecure.targobank.de acs2.agillitas.com.br acs2.arca.am acs2.bgpb.by acs2.bspb.ru acs2.creditcard.ecitic.com acs2.edb.com acs2.gpesecure.com acs2.libertybank.ge acs2.nbu.uz acs2.nedsecure.co.za acs2.quipu.de acs2.rba.hr acs2.sbrf.ru acs2.six-payment-services.com acs2.uralsib.ru acs2-3dsecure.cic.fr acs2-3dsecure.cm-cic.com acs2-3dsecure.creditmutuel.fr acs2-3dsecure.targobank.de acs2c.ukrcard.com.ua acs2-concord.procard.ua acs2mc.multicarta.ru acs2v.multicarta.ru acs3.sbrf.ru acs3d.fisc.com.tw acs4.3dsecure.no acs4.privatbank.ua acs4.sbrf.ru acs6.unicredit.ru acsds.eubank.kz acs-jcn.dnp-cdms.jp acsm2.centrum24.pl acspa.petafuel.net acssv.ckb.me acssv.dskbank.bg acssv.otpbank.al acssv.otpbank.hu acs-trides2.asseco-see.hr acsus1.netsgroup.com acsv2.cardstandard.ru acsweb.novabanka.com authentication-acs.marqeta.com belgium-3ds-bxl.wlp-acs.com belgium-3ds-vdm.wlp-acs.com bfcoi-3ds-bxl.wlp-acs.com bfcoi-3ds-vdm.wlp-acs.com bnpp-3ds.wlp-acs.com bnpp-3ds-bxl.wlp-acs.com bnpp-3ds-vdm.wlp-acs.com boursorama-3ds-bxl.wlp-acs.com boursorama-3ds-vdm.wlp-acs.com bps.3dsecure.itcard.pl bred-3ds-bxl.wlp-acs.com bred-3ds-vdm.wlp-acs.com cacs-v2.icard.com cbc-bxl.wlp-acs.com cdn-3ds-bxl.wlp-acs.com cdn-3ds-vdm.wlp-acs.com coapacs2c.pingan.com.cn credit-mutuel-3ds.wlp-acs.com credit-mutuel-3ds-bxl.wlp-acs.com credit-mutuel-3ds-vdm.wlp-acs.com crqsbiacs.sbi danskebank-3ds-bxl.wlp-acs.com danskebank-3ds-vdm.wlp-acs.com emv3ds.npc.by emv3ds.npc.by emv3ds-acs.nccc.com.tw emv3ds-acs.taipeifubon.com.tw emv3dsauth1.secureacs.com emv3dsweb.santander.com.br emvacs.2c2p.com emvacs.bkm.com.tr emvacs.qiwi.com eu.3ds.acssecure.com fscd3dsprod.bci.cl gbemv3dsecure.garanti.com.tr german-3ds-bxl.wlp-acs.com german-3ds-vdm.wlp-acs.com gnb.3dsecure.itcard.pl hsbc-3ds-bxl.wlp-acs.com hsbc-3ds-vdm.wlp-acs.com ipcacs.bps-sberbank.by labanquepostale-3ds-bxl.wlp-acs.com labanquepostale-3ds-vdm.wlp-acs.com luxembourg-3ds-bxl.wlp-acs.com luxembourg-3ds-vdm.wlp-acs.com lv-worldline-3ds-bxl.wlp-acs.com lv-worldline-3ds-vdm.wlp-acs.com mafrenchbank-3ds-bxl.wlp-acs.com mafrenchbank-3ds-vdm.wlp-acs.com mail.acscloud.it mastercard2.acs.cmbchina.com metlacspa-my.sharepoint.com natixispaymentsolutions-3ds-bxl.wlp-acs.com natixispaymentsolutions-3ds-vdm.wlp-acs.com op-bxl.wlp-acs.com optpf-3ds-vdm.wlp-acs.com op-vdm.wlp-acs.com pca3ds.gbp.ma postbank-3ds-bxl.wlp-acs.com postbank-3ds-vdm.wlp-acs.com primeacs.nouvobanq.com roemv3dsecure.garantibank.ro rsa3dsauth.co.uk rsa3dsauth.com secure.3ds.bonuscard.ch secure.3ds.cornercard.ch secure.3ds.cornercard.eu secure-acs2ui-b1-indblr-blrtdc.wibmo.com secure-acs2ui-b1-indmum-mumrdc.wibmo.com sg-3ds-bxl.wlp-acs.com sg-3ds-vdm.wlp-acs.com ssl-prd-u7f-fo-acs-pa-casa.wlp-acs.com ssl-prd-u7f-fo-acs-pa-casa-bxl.wlp-acs.com ssl-prd-u7f-fo-acs-pa-casa-vdm.wlp-acs.com tas-conductor-acs2.com test3dsecure.cartasi.it testacs.cardnet-tds.com uobs3dsg2.uobgroup.com uobt3dsg2.uobgroup.com vacsverify.unionpay.com visa2.acs.cmbchina.com masterpass.com secure7.arcot.com".split(" "),
        b = /https?:\/\/([^/:]+)/.exec(google_tag_manager["GTM-MVCHKSD"].macro(187));
    if (b)
        for (var c = a.length; c--;)
            if ((new RegExp("^" + a[c] + "$")).test(b[1])) return null;
    return google_tag_manager["GTM-MVCHKSD"].macro(188)
})();
#68 JavaScript::Eval (size: 80) - SHA256: 8a22d5c478028b01f184a1a07b56c17b810ec12bed1b1967719da33b0482891d
(function() {
    return void 0 === google_tag_manager["GTM-MVCHKSD"].macro(51) ? 0 : 1
})();
#69 JavaScript::Eval (size: 112) - SHA256: 173d5c8a8b4ade00c6633996571d2648a30c51b425385411f6c8a2e9e0e17eed
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(68)(google_tag_manager["GTM-MVCHKSD"].macro(69))
})();
#70 JavaScript::Eval (size: 178) - SHA256: a509c671944b71e3ed4219026cbf4604b7d2114869f946a77b71ea1550e74f17
(function() {
    var a = google_tag_manager["GTM-MVCHKSD"].macro(138);
    return a.adform && a.doubleclick && a.facebook && a.amazon && a.twitter && a.googleadservice && a.bingads && a.zemanta ? !0 : !1
})();
#71 JavaScript::Eval (size: 114) - SHA256: a3213745832a1a2f0cd8ee7bd3d81d643a596f990dc539ff4c7ee9a1d191d272
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(167)(google_tag_manager["GTM-MVCHKSD"].macro(168))
})();
#72 JavaScript::Eval (size: 112) - SHA256: eb3e305b2209934dcf3d9503cb786a82185eaa11d03d723e1223d3e809b34ba1
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(52)(google_tag_manager["GTM-MVCHKSD"].macro(53))
})();
#73 JavaScript::Eval (size: 112) - SHA256: d85e86d7d431f1807b527e1c9f6ddbb822975c6ae0d6ae416dab7bc78083373c
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(71)(google_tag_manager["GTM-MVCHKSD"].macro(72))
})();
#74 JavaScript::Eval (size: 74) - SHA256: 635f37009d1d589a1e96be25aa496989df8bf8289e88c63940b578a7945e04ee
(function() {
    return 1 == google_tag_manager["GTM-MVCHKSD"].macro(85) ? 1 : 0
})();
#75 JavaScript::Eval (size: 114) - SHA256: 89b6b7d53e1916d15c9d58c3d2116217eb8aecc54e359c8ec3bf1ee3c1f4752e
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(132)(google_tag_manager["GTM-MVCHKSD"].macro(133))
})();
#76 JavaScript::Eval (size: 114) - SHA256: b27ff4f97deff7c8077e78e4f99c5deb7967b84fb88a0118b72fac4b82e45dba
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(135)(google_tag_manager["GTM-MVCHKSD"].macro(136))
})();
#77 JavaScript::Eval (size: 114) - SHA256: 1b1ab3997ab4ca073a2ffc5f2e153cfa7b2d7bd8b479584053ea20f4f43f179c
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(177)(google_tag_manager["GTM-MVCHKSD"].macro(178))
})();
#78 JavaScript::Eval (size: 112) - SHA256: ae9a4422ba360cb71a9c6af2b7c183a1aa9d5e4ddbb4e94195ac22b6dddfbe2d
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(31)(google_tag_manager["GTM-MVCHKSD"].macro(32))
})();
#79 JavaScript::Eval (size: 47) - SHA256: f87e616f58d4ecdca7aa7920b87e64c95ac35360f79957d1c54c5cc416b93131
(function() {
    return window.devicePixelRatio
})();
#80 JavaScript::Eval (size: 112) - SHA256: 1e5ab6a6ebc5d1d6f27da70a9f2946fa436d3c05930dbcf6afea0d91af2c670f
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(91)(google_tag_manager["GTM-MVCHKSD"].macro(92))
})();
#81 JavaScript::Eval (size: 114) - SHA256: d4c67e2b200f3ebfbcb2c62fe97d7b225f6426f25824d8183c7b932ee6767c41
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(106)(google_tag_manager["GTM-MVCHKSD"].macro(107))
})();
#82 JavaScript::Eval (size: 22) - SHA256: 7b2d5929e3715c281515139b01f46779e30171443e70764044a3a24f53c1f5aa
0,
function(H) {
    Sm(H, 1)
}
#83 JavaScript::Eval (size: 114) - SHA256: 53d170ef0611f786e43881dc9ba4d1ae87d43ded36dddf2317dbccc839325a12
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(129)(google_tag_manager["GTM-MVCHKSD"].macro(130))
})();
#84 JavaScript::Eval (size: 64) - SHA256: c0df8d2d49fd7cdf41d99c3042e41028b23a9c484615d4cb91aa84dbe028c1fd
0,
function(H, G, c) {
    S((c = (G = (c = w(H), w(H)), H).R[c] && k(H, c), G), H, c)
}
#85 JavaScript::Eval (size: 110) - SHA256: 4b1860e7ee65d1a19d506409906fef2aba50cc4bbcfa64ef7b652d382d3da7a6
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(4)(google_tag_manager["GTM-MVCHKSD"].macro(5))
})();
#86 JavaScript::Eval (size: 112) - SHA256: 32b672228a98c317c5528e285d7ffa864e46a2664419ff9c5ce3fcafc99ebd05
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(16)(google_tag_manager["GTM-MVCHKSD"].macro(17))
})();
#87 JavaScript::Eval (size: 112) - SHA256: 6606e4fc28d2230b6d20f088baa2db76deffbe5948203f7b32983e4c92f3718b
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(19)(google_tag_manager["GTM-MVCHKSD"].macro(20))
})();
#88 JavaScript::Eval (size: 112) - SHA256: 1c02f2a95c99c1f1a5b3982c43d8113466b6e8bda26ff84424e7549f2eb00db9
(function() {
    return google_tag_manager["GTM-MVCHKSD"].macro(55)(google_tag_manager["GTM-MVCHKSD"].macro(56))
})();
#89 JavaScript::Eval (size: 177) - SHA256: 6ab1b3fe9a74f612dac3ed20a9b4701815444e7fad500e9e2035ca11cb32dedb
(function() {
    var a = google_tag_manager["GTM-MVCHKSD"].macro(77);
    return a.adform && a.doubleclick && a.facebook && a.amazon && a.twitter && a.googleadservice && a.bingads && a.zemanta ? !0 : !1
})();
#90 JavaScript::Eval (size: 178) - SHA256: f3919d438b3e9b380722cdb58c273076a9ae16c5b669f304aba8979afb3fd4df
(function() {
    var a = google_tag_manager["GTM-MVCHKSD"].macro(163);
    return a.adform && a.doubleclick && a.facebook && a.amazon && a.twitter && a.googleadservice && a.bingads && a.zemanta ? !0 : !1
})();
#91 JavaScript::Eval (size: 81) - SHA256: 5fe4c6c38413e679b0b0041816ea34323bebcb502859d706565b9f4a9aecf838
(function() {
    return void 0 === google_tag_manager["GTM-MVCHKSD"].macro(189) ? 0 : 1
})();

Executed Writes (0)


HTTP Transactions (86)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: ftp.info-nexi-key.myddns.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         45.125.66.70
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 02 Sep 2022 04:48:28 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 120
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   120
Md5:    7c0bde3a8f9710465f306038610055b9
Sha1:   965b90ce1eb8c916cfe84bd3bc9bb59245834b50
Sha256: cfd6c7b91ed696996645b99b8355cf692c193b8f201d645c8a9667e6f9d6781e

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 02 Sep 2022 04:41:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CM-3r2VB4JMLHw9zqX2KCSS1HBxIEwWN6D1L2pYgMekaSAhf9n9iTA==
Age: 409


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    b593eb39329cfe060d55be5e4a5405e2
Sha1:   78e46c1028e9f94f8569303ad2d90d7df13a059a
Sha256: 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15814
Expires: Fri, 02 Sep 2022 09:12:02 GMT
Date: Fri, 02 Sep 2022 04:48:28 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 01:15:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: M9SLsp096gwhJxloUTAlqBJBrk5zAWeZxCJdg9aQico5kr1Fe49nGA==
age: 12791
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 02 Sep 2022 04:48:28 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Sep 2022 04:48:28 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 06 Sep 2022 03:52:11 GMT
ETag: "477a521af5b3f66c6bb9c71ef25c7c10542af47e"
Last-Modified: Fri, 02 Sep 2022 03:52:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 81
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74439d14ad0bb4eb-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    45d8b6286016d190bdaa6e001fed42f7
Sha1:   477a521af5b3f66c6bb9c71ef25c7c10542af47e
Sha256: e2710a86ee83a336711ae377585df7a84953b95e84bc6e6848ec3826d59c5c5a
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 02 Sep 2022 04:38:16 GMT
Cache-Control: max-age=3600
Expires: Fri, 02 Sep 2022 05:11:04 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -IcrzZ34bs_71z5_UtVL3n7VyV98OfaSIAxZj7mMwsMau7Tp816rJA==
Age: 613


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4310
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Fri, 02 Sep 2022 03:36:39 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /9dd8bdfc74c3/cd37bd923e2c/launch-a40afd213c32.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.200.237
HTTP/2 200 OK
content-type: application/x-javascript
                                        
accept-ranges: bytes
etag: "8ea4dd166972a807f089f169e8c4d349:1649164291.270241"
last-modified: Tue, 05 Apr 2022 13:11:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Fri, 02 Sep 2022 05:48:29 GMT
date: Fri, 02 Sep 2022 04:48:29 GMT
content-length: 70944
access-control-allow-origin: https://www.nexi.it
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32746)
Size:   70944
Md5:    b3eb0d3a836e484762db3bf7ef3458c3
Sha1:   c6c2817370be9a81191d96ad2e5b7ce108fc86e3
Sha256: 1dba577a90c44faa7488c7d16b69d3d08457723dc29b7acf61acb240782b1129
                                        
                                            GET /gtm.js?id=GTM-MVCHKSD HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Sep 2022 04:48:29 GMT
expires: Fri, 02 Sep 2022 04:48:29 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90494
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (36044)
Size:   90494
Md5:    8ed61719bcc167b9bebcbb9acca10731
Sha1:   3b452cddeddc6e9e14d7181913ae5417b3f459c3
Sha256: 8ded1a75238019cb9ad0f68a88abe3fbfae699e3d3e2289f95733a0b38968be1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.200.237
HTTP/2 200 OK
content-type: application/x-javascript
                                        
accept-ranges: bytes
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
expires: Fri, 02 Sep 2022 05:48:29 GMT
date: Fri, 02 Sep 2022 04:48:29 GMT
content-length: 12163
cache-control: no-cache
access-control-allow-origin: https://www.nexi.it
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32768)
Size:   12163
Md5:    e616df092766c7ab7904619f971a35cc
Sha1:   a960429c42802a43e3ce728fc4d1e8bdab10e606
Sha256: 082ae7647bfdb639846791e5c0ca39b96544dff3aed0c365973c9589cd5b091e
                                        
                                            GET /etc/designs/icbpi-common/libs/jquery-3.5.1.min.js HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Tue, 26 Jul 2022 13:18:19 GMT
ETag: "15d84-5e4b522580637"
Accept-Ranges: bytes
Content-Length: 89476
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it


--- Additional Info ---
Magic:  ASCII text, with very long lines (65450), with CRLF line terminators
Size:   89476
Md5:    9ac39dc31635a363e377eda0f6fbe03f
Sha1:   29fa5ad995e9ec866ece1d3d0b698fc556580eee
Sha256: 9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
                                        
                                            GET /etc/designs/nexi/clientlib-node/style.css HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Mon, 29 Aug 2022 20:11:36 GMT
ETag: "8647c-5e766def3ddcf"
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it
Content-Encoding: gzip
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (56247), with CRLF, LF line terminators
Size:   128938
Md5:    123952f27b67c67c6a00c288f4fc8f07
Sha1:   34c19013a1e5a271247d0b0f4d801dc415c5d39f
Sha256: c3461a97a37b02f702034115f0f177f97d3fa87756da8b69fc002b97684c4198
                                        
                                            GET /content/dam/nexi/new-login-2019/loghi/logo--light-double.svg HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Mon, 29 Aug 2022 20:12:00 GMT
ETag: "5c4-5e766e05efd27"
Accept-Ranges: bytes
Content-Length: 1476
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1476
Md5:    77ef18d95472ac80e6e86cf40daf8d4e
Sha1:   9289a4e6397fb8374db9532c00b684d0568c9e2c
Sha256: c37a1253313f01ecf7b8d5ac83025a8059d161d955ecbe5254c99d4edf6989fc
                                        
                                            GET /content/dam/nexi/new-login-2019/icons/app_store.svg HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Mon, 29 Aug 2022 20:11:29 GMT
ETag: "3dc8-5e766de882c0d"
Accept-Ranges: bytes
Content-Length: 15816
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1295)
Size:   15816
Md5:    d11b30ed05c8b249efe85b47532305c4
Sha1:   e2be0738062a412e6a31b6bc67ea983b1db98732
Sha256: 5e3c6b5c51b5fbf7691fa5d0adbcd05be694548d5f03aee7d59d7a8b092b5d27
                                        
                                            GET /content/dam/nexi/img/icone/svg/icon-close.svg HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Mon, 29 Aug 2022 20:11:38 GMT
ETag: "628-5e766df15fac5"
Accept-Ranges: bytes
Content-Length: 1576
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1576
Md5:    6a2b6418343e69fd866ebb827f33a2d6
Sha1:   4b6842649792e108920c211c2dca658e6f429734
Sha256: f1926ee7a205ed96afdd1b8a74d845d21a64dadb6ef76e672558e5b84b58274c
                                        
                                            GET /content/dam/nexi/img/icone/svg/icon-phone.svg HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Mon, 29 Aug 2022 20:12:08 GMT
ETag: "fb0-5e766e0dfa5db"
Accept-Ranges: bytes
Content-Length: 4016
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   4016
Md5:    ba155a06b6ed2efff975f38208ca03a7
Sha1:   e75f40d95197f19c38d900ac7c749857fbdb93f7
Sha256: 7e6f9ccce4ea514b53fb258d72b5682c74d1e81ef9148d3c406fbd03cfd56919
                                        
                                            GET /content/dam/nexi/img/icone/svg/icon-close-white.svg HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Mon, 29 Aug 2022 20:12:07 GMT
ETag: "637-5e766e0c170ea"
Accept-Ranges: bytes
Content-Length: 1591
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1591
Md5:    e61ea756f9b2ae7f774048dfbc85f1df
Sha1:   d50555f8f6e6882e1031332a76a48ab9709f13b1
Sha256: 32cde70fcb4ed6949904cec5ef9065adce2196b3e8216bb5874019a9efe96edd
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6514
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Fri, 02 Sep 2022 02:59:55 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /content/dam/nexi/img/icone/svg/icon-phone-warning-white.svg HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Mon, 29 Aug 2022 20:12:08 GMT
ETag: "f29-5e766e0df8793"
Accept-Ranges: bytes
Content-Length: 3881
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   3881
Md5:    8ca4186994be106eea6423d4f2d9af10
Sha1:   4963eaacbdf6ba1cf7c529694ec488eea950bc92
Sha256: c8e1f312e86564f3d293bb04806f55d4296cc3342321655bb738d7d61eeeef22
                                        
                                            GET /content/dam/nexi/img/icone/svg/ico-down-blue.svg HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Mon, 29 Aug 2022 20:12:22 GMT
ETag: "382-5e766e1acb761"
Accept-Ranges: bytes
Content-Length: 898
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   898
Md5:    1b2dba4a014e4d4c5a8eec84e206663f
Sha1:   256506879ea3d3c18b65439a36611fb759893283
Sha256: d5ded7a91066c885b90252eb9849575a6c2f2e9c87d8748c496af886b731d3f8
                                        
                                            GET /content/dam/nexi/new-login-2019/icons/google_play.svg HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Mon, 29 Aug 2022 20:12:00 GMT
ETag: "62ff-5e766e05d4eac"
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (24914)
Size:   25343
Md5:    9f366adad75cc2c3bf7d704939967a7b
Sha1:   54264a40ad66760e85e4a7407f78a94ccfe754d1
Sha256: ed313341bbd73a61ddacf268f494c9f85cb84e46f8954bde8a5260e21174f340
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /content/dam/nexi/img/icone/svg/icon-blocked.svg HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Mon, 29 Aug 2022 20:12:08 GMT
ETag: "3a7-5e766e0dfbe43"
Accept-Ranges: bytes
Content-Length: 935
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   935
Md5:    c3034188332fd8391df588c244a10a55
Sha1:   8a95344a40342edf303b04b994f1787dd2207efb
Sha256: 92751c1749c593c1ad2a7b61ff640b0dbb1a4c32db1981a523e5432cc35a029f
                                        
                                            GET /content/dam/nexi/new-login-2019/icons/huawei-store.svg HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Mon, 29 Aug 2022 20:12:08 GMT
ETag: "5675-5e766e0dc65d4"
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (18654)
Size:   22133
Md5:    c26df35adcfe9f354a77777ea613f41d
Sha1:   45f3282c28ae184c6a1811c21e08526c6c7dc45f
Sha256: a22ea2c13b8179c675566ef9ce7a77c663056b6147674c851d898b21f6c68ee6
                                        
                                            GET /id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=6A724E255ED5F2A60A495E0E%40AdobeOrg&d_nsid=0&ts=1662094108471 HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.nexi.it
Connection: keep-alive
Referer: https://www.nexi.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.154.199.204
HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.nexi.it
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-1-v038-0251275be.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=75817027522192538282243488981541671626; Max-Age=15552000; Expires=Wed, 01 Mar 2023 04:48:29 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: lk6wB/rsSdc=
Content-Length: 312
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (371), with no line terminators
Size:   312
Md5:    5f819f9c969c5c761a5f9b0f8c8e6189
Sha1:   a0df3415359becf63e9ba787fc928c5725daf134
Sha256: b1c36ec9222ad0fe1245b15a506866cd868d24f460c5455095531f52897823d0
                                        
                                            GET /recaptcha/api.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Fri, 02 Sep 2022 04:48:29 GMT
date: Fri, 02 Sep 2022 04:48:29 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (850), with no line terminators
Size:   555
Md5:    20ea0fc27ddf01e53ed8882484fc01de
Sha1:   0ab2af2f82275ff31c78701aeaad55f702ac8a40
Sha256: f6bd5bccba08ad51ba7be815ff11f12155c7f507a37c690075b3e01dc25d6fcd
                                        
                                            GET /g78f9/in/35a637bcbb435062331fa6fd0a1de4af/2/1?t=1662094108 HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg=1176715910%7CMCIDTS%7C19238%7CvVersion%7C5.4.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Cache-Control: no-cache, no-store, proxy-revalidate, no-transform, must-revalidate
Pragma: no-cache
Expires: 0
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it
Content-Encoding: gzip
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (11179), with no line terminators
Size:   5327
Md5:    b6f70bcaf626ef93d38143430e748a70
Sha1:   3c80903de4abd1954d5cb07e67e482ae8d0e9f73
Sha256: 9628f34fe7de6f1b30e00cf5c95446507012c824596bb953ed774ca6e78b9239
                                        
                                            GET /cookieservice/nexi-it/content.ckscript.js HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg=1176715910%7CMCIDTS%7C19238%7CvVersion%7C5.4.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Mon, 29 Aug 2022 20:11:26 GMT
ETag: "13da0-5e766de572b95"
Accept-Ranges: bytes
Content-Length: 81312
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (9056)
Size:   81312
Md5:    0086b1d5a24deda2c6948cf98c1204c2
Sha1:   482b164ae2967c8dd8dbb622a29b49e9cc347d00
Sha256: 985d09a4efadc95d6807e63c203ebac79f5d7533de4109adf07dbc6ba9d2b72e
                                        
                                            GET /cookieservice/nexi-it/style.css HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg=1176715910%7CMCIDTS%7C19238%7CvVersion%7C5.4.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Mon, 29 Aug 2022 20:11:43 GMT
ETag: "52c6-5e766df5a1818"
Accept-Ranges: bytes
Content-Length: 6775
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   6775
Md5:    a44e7ee77847a1fc51c3d4fd03121997
Sha1:   38c8466690ee68cf72ade2deb45bbd6eb50848fe
Sha256: a16ecf05a07718b0abed8aa88376dc930fad915ca41e0565048d74741b431eaf
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /etc/designs/nexi/clientlib-node/fonts/karbon-regular-webfont.woff HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.nexi.it/etc/designs/nexi/clientlib-node/style.css
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg=1176715910%7CMCIDTS%7C19238%7CvVersion%7C5.4.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: application/font-woff
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Mon, 29 Aug 2022 20:11:43 GMT
ETag: "5ef4-5e766df5476b0"
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 24308, version 1.0\012- data
Size:   24308
Md5:    e6b850dccbd545df306ea2f25452a124
Sha1:   08bdf0f61b8316130f85a2725dcbd7eb5a6dc750
Sha256: ade827343407a2a81168acb91cabc1ed7d83de7010966dd1b7f06f4e0344b9e6
                                        
                                            GET /etc/designs/nexi/clientlib-node/fonts/karbon-medium-webfont.woff HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.nexi.it/etc/designs/nexi/clientlib-node/style.css
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg=1176715910%7CMCIDTS%7C19238%7CvVersion%7C5.4.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: application/font-woff
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Mon, 29 Aug 2022 20:11:42 GMT
ETag: "617c-5e766df4afce8"
Accept-Ranges: bytes
Content-Length: 24956
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 24956, version 1.0\012- data
Size:   24956
Md5:    034fa219154a0eed22d6ef6ebd89c3a9
Sha1:   c8574cf3bfc69f53392d916aef929ccc882a9386
Sha256: 4061275193aa1a5245941f7768b307219fc0f86f44dc1cf4d293168b93a72259
                                        
                                            GET /etc/designs/nexi/clientlib-node/fonts/karbon-semibold-webfont.woff HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.nexi.it/etc/designs/nexi/clientlib-node/style.css
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg=1176715910%7CMCIDTS%7C19238%7CvVersion%7C5.4.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: application/font-woff
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Mon, 29 Aug 2022 20:11:41 GMT
ETag: "61c8-5e766df35d394"
Accept-Ranges: bytes
Content-Length: 25032
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 25032, version 1.0\012- data
Size:   25032
Md5:    4e893a43d47ba798763b8990f9e07180
Sha1:   9ac339e30beac18d0a4aaecce5b66a723ec46532
Sha256: 0696904b24ea3bdaf9ee857ded71391ccd44d40b84334571a5c5e71f93b4a0c6
                                        
                                            GET /etc/designs/nexi/clientlib-node/bundle.js HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg=1176715910%7CMCIDTS%7C19238%7CvVersion%7C5.4.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Mon, 29 Aug 2022 20:11:54 GMT
ETag: "10a14d-5e766dffefa3d"
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (65472)
Size:   1089869
Md5:    9d606006ec09aaf52ef34c1f5c3450e9
Sha1:   3066ccde6c8e2b8c26ec50ff374e0868c82d5ff7
Sha256: 37e18042907560da2dc851e4958ccf7d6d52ff930cadc7607956110fd796fe5c
                                        
                                            GET /content/dam/nexi/new-login-2019/img/placeholder_login_portale_privati.png HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg=1176715910%7CMCIDTS%7C19238%7CvVersion%7C5.4.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 02 Sep 2022 04:48:29 GMT
Last-Modified: Mon, 29 Aug 2022 20:13:13 GMT
ETag: "13bef4-5e766e4baee68"
Accept-Ranges: bytes
Content-Length: 1294068
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it


--- Additional Info ---
Magic:  PNG image data, 1440 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Size:   1294068
Md5:    9b4f08a7eada2bd2112e81a742f5130d
Sha1:   f571a9a391a86bc0046aa9a299592a65e44cf4f1
Sha256: 4e78d7ff08366ee22738a94a7c0777add9bfa2363548916d32da8387e1c81a1e
                                        
                                            GET /dest5.html?d_nsid=0 HTTP/1.1 
Host: nexipayments.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         54.154.32.144
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
date: Fri, 2 Sep 2022 04:48:30 GMT
DCS: dcs-prod-irl1-2-v038-0a54615c3.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 3 Aug 2022 12:12:43 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: gSzGG0RtRoE=
Content-Length: 2791
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size:   2791
Md5:    ccbdcb1e84c241950763ec4cd516cdfc
Sha1:   55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
Sha256: de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.239.38.178
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Fri, 02 Sep 2022 04:41:12 GMT
expires: Fri, 02 Sep 2022 06:41:12 GMT
cache-control: public, max-age=7200
age: 438
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            GET /etc/designs/nexi/favicon/favicon-196x196.png HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg=1176715910%7CMCIDTS%7C19238%7CMCMID%7C69807001804964175311654381237983550581%7CMCAAMLH-1662698909%7C6%7CMCAAMB-1662698909%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1662101309s%7CNONE%7CvVersion%7C5.4.0; _ga_2EQBRC1CMY=GS1.1.1662094108.1.0.1662094109.0.0.0; _ga=GA1.1.1208166052.1662094109; AMCVS_6A724E255ED5F2A60A495E0E%40AdobeOrg=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 02 Sep 2022 04:48:30 GMT
Last-Modified: Mon, 29 Aug 2022 20:12:08 GMT
ETag: "627f-5e766e0dbaf07"
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data
Size:   25215
Md5:    3a0ce25384d4ea5734d25779bc8bd41a
Sha1:   62b5bd3bdeac213d075f7de99a2b96283717574e
Sha256: 77d497a3c716b3fb900f01e92bc5b6f0928c6040d30a3d88eb8a95df71c625cf
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Sep 2022 04:48:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /etc/designs/nexi/favicon/favicon-16x16.png HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg=1176715910%7CMCIDTS%7C19238%7CMCMID%7C69807001804964175311654381237983550581%7CMCAAMLH-1662698909%7C6%7CMCAAMB-1662698909%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1662101309s%7CNONE%7CvVersion%7C5.4.0; _ga_2EQBRC1CMY=GS1.1.1662094108.1.0.1662094109.0.0.0; _ga=GA1.1.1208166052.1662094109; AMCVS_6A724E255ED5F2A60A495E0E%40AdobeOrg=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 02 Sep 2022 04:48:30 GMT
Last-Modified: Mon, 29 Aug 2022 20:12:00 GMT
ETag: "12c-5e766e0584984"
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   300
Md5:    200029b5e4fb2ebe6681acdc3c54f558
Sha1:   8f2eda5c64a7cfde221947a29fc6ffb57b11b772
Sha256: b6a9125da73f90564107299c92997b40c2ddba9bd37272c960b16932d5854e4d
                                        
                                            GET /recaptcha/releases/mBwkfBPLFWI0ygbsp8eJNMkw/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.nexi.it
Connection: keep-alive
Referer: https://www.nexi.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157730
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 16:27:28 GMT
expires: Tue, 29 Aug 2023 16:27:28 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Aug 2022 04:01:21 GMT
age: 303662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (613)
Size:   157730
Md5:    d27f59fd0d124cb313fe64dd5ba8b26c
Sha1:   05da0ecd3970a5a568305a51f1e38945cca7ab39
Sha256: 09b3f5846ef9e14fd2fb99c280cee6a25fc4c7c96e050e70cc754a96625de485
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Sep 2022 04:48:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Sep 2022 04:48:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 04:48:30 GMT
Last-Modified: Fri, 02 Sep 2022 04:00:33 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: d9-8ucxmyzq3JjpjFcSMnsaP4XZH6j1Z_tj6cYYifHglNvv7bzTCEA==
Age: 2877

                                        
                                            GET /g78f9/in/35a637bcbb435062331fa6fd0a1de4af/3/1 HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg=1176715910%7CMCIDTS%7C19238%7CMCMID%7C69807001804964175311654381237983550581%7CMCAAMLH-1662698909%7C6%7CMCAAMB-1662698909%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1662101309s%7CNONE%7CvVersion%7C5.4.0; _ga_2EQBRC1CMY=GS1.1.1662094108.1.0.1662094109.0.0.0; _ga=GA1.1.1208166052.1662094109; AMCVS_6A724E255ED5F2A60A495E0E%40AdobeOrg=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 02 Sep 2022 04:48:30 GMT
Cache-Control: no-cache, no-store, proxy-revalidate, no-transform, must-revalidate
Pragma: no-cache
Expires: 0
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it
Vary: Accept-Encoding


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    07fff40b5dd495aca2ac4e1c3fbc60aa
Sha1:   e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
Sha256: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
                                        
                                            POST /g/collect?v=2&tid=G-2EQBRC1CMY&gtm=2oe8v0&_p=1904409463&tt=external&cid=1208166052.1662094109&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&dt=%2Flogin-titolari.html&sid=1662094108&sct=1&seg=0&dl=https%3A%2F%2Fwww.nexi.it%2Flogin-titolari.html%3Fhttps%3A%2F%2Fwww.nexi.it%2Fprivati%2Fservizi%2Farea-personale.html&en=page_view&_fv=1&_nsi=1&_ss=1&epn.is_internal_traffic=0&epn.device_pixel_ratio=1&ep.cookie_policy_acceptance=not%20accepted&ep.container_id=GTM-MVCHKSD&epn.is_nb_customer=0 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.nexi.it
Connection: keep-alive
Referer: https://www.nexi.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://www.nexi.it
date: Fri, 02 Sep 2022 04:48:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /cm/dd?d_uuid=75817027522192538282243488981541671626 HTTP/1.1 
Host: cm.everesttech.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.215.243.107
HTTP/1.1 302
                                        
Date: Fri, 02 Sep 2022 04:48:30 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~YxGLHgAAAEdXAAOV; Domain=.everesttech.net; Expires=Sat, 02-Sep-2023 04:48:30 GMT; Path=/ everest_session_v2=YxGLHgAAAEdXAQOV; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxGLHgAAAEdXAAOV
Server: AMO-cookiemap/1.1

                                        
                                            POST /api/services/nexi-utilities-service/prelogin/retrieve-cookie-policy HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
pragma: no-cache
cache-control: no-cache
cookie-origin: https://www.nexi.it
Application: sp
Env: PRODUCTION
Client-Version: web
Channel: web
Locale: it
X-Requested-With: XMLHttpRequest
Content-Length: 60
Origin: https://www.nexi.it
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg=1176715910%7CMCIDTS%7C19238%7CMCMID%7C69807001804964175311654381237983550581%7CMCAAMLH-1662698909%7C6%7CMCAAMB-1662698909%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1662101309s%7CNONE%7CvVersion%7C5.4.0; _ga_2EQBRC1CMY=GS1.1.1662094108.1.0.1662094109.0.0.0; _ga=GA1.1.1208166052.1662094109; AMCVS_6A724E255ED5F2A60A495E0E%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: application/json;charset=UTF-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.nexi.it
X-Application-Context: zuul-gateway:production:4000
Content-Length: 4693
Date: Fri, 02 Sep 2022 04:48:30 GMT
Set-Cookie: wpamm_cookie=22871529897170712691310000000000000000000000; Max-Age=2147483647; Path=/CHP/api/services/nexi-utilities-service/prelogin; HttpOnly; Domain=www.nexi.it lb_cookie=rd7o00000000000000000000ffff0a0a010co8443; expires=Sat, 03-Sep-2022 04:48:30 GMT; path=/ TS01a05a0f=0101a8acbe4b649d8ba13d57b58e7a55cdb4f3f6de8ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc297dd0ef3d1ece2f886328d0f18e4c1ed8110a647f094154b4d73e1f2ed5bdc5; Path=/; Domain=.www.nexi.it TS0154e360=0101a8acbee944b270088bbe35f9ed6cd35b5642ed8ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc42f5c1c280c683b3783eff47b8187f917b55c42db731230c567637619043aa97; path=/CHP/api/services/nexi-utilities-service/prelogin
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (4693), with no line terminators
Size:   4693
Md5:    87e16f6b4ba9e9e7290bdd493f5c752c
Sha1:   767e1cfed76427d5fa028b234973da78def3811e
Sha256: f788e376e14be4b187702e7cbdb6d14710e4e84247b430fc0bf83046f21f4e88
                                        
                                            GET /content/nexi/it.navs.json?_=1662094109316 HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe4b649d8ba13d57b58e7a55cdb4f3f6de8ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc297dd0ef3d1ece2f886328d0f18e4c1ed8110a647f094154b4d73e1f2ed5bdc5; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg=1176715910%7CMCIDTS%7C19238%7CMCMID%7C69807001804964175311654381237983550581%7CMCAAMLH-1662698909%7C6%7CMCAAMB-1662698909%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1662101309s%7CNONE%7CvVersion%7C5.4.0; _ga_2EQBRC1CMY=GS1.1.1662094108.1.0.1662094109.0.0.0; _ga=GA1.2.1208166052.1662094109; AMCVS_6A724E255ED5F2A60A495E0E%40AdobeOrg=1; _gid=GA1.2.1437864692.1662094110; _gat_UA-3681719-1=1; lb_cookie=rd7o00000000000000000000ffff0a0a010co8443
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Fri, 02 Sep 2022 04:48:30 GMT
Last-Modified: Thu, 01 Sep 2022 10:24:07 GMT
ETag: "e96b-5e79b03749185"
Accept-Ranges: bytes
Content-Length: 59755
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: ncsi=2be0928ce2f9f45f7b5f85803446fcd1; Path=/; Domain=nexi.it; Expires=Fri, 02-Sep-2022 05:18:30 GMT binc=10ea3e2845bb5514a32711078bf61c4f; Path=/; Domain=nexi.it; Expires=Sat, 02-Sep-2023 04:48:30 GMT TS01a05a0f=0101a8acbe4b649d8ba13d57b58e7a55cdb4f3f6de8ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc297dd0ef3d1ece2f886328d0f18e4c1ed8110a647f094154b4d73e1f2ed5bdc5; Path=/; Domain=.www.nexi.it TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; path=/; domain=nexi.it
uniqueid: e13d98ed069bfc56729fe17b4213100c


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (59645), with no line terminators
Size:   59755
Md5:    8fe60b3f1b7b713fd094f25a872e577a
Sha1:   f0e424a0b0c392ed638b1bb674e5e4bd2d6c44b0
Sha256: a096d1bd981ad253bc8044e913724d139e06e9d9e2b4dc059702658d7b1e8758
                                        
                                            GET /box-1ada912494ba7fc7aca15fcef1c2a7ae.html HTTP/1.1 
Host: vars.hotjar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         143.204.55.20
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1044
date: Wed, 13 Jul 2022 08:33:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "0b3d3f4206ab84d8861a8cc4b2ddbe66"
last-modified: Wed, 13 Jul 2022 08:32:20 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QsUVHjLAU0v40StUXkDJaUvHH3kBA7dWTkUzinr_QlrnRXdoOBk5Fw==
age: 4392924
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2431), with no line terminators
Size:   1044
Md5:    0b3d3f4206ab84d8861a8cc4b2ddbe66
Sha1:   4561b7c0419b65db5c1314be2143bd1734e88d89
Sha256: ec42652b198c82469afbe5e6e69312a25425c1fd38d379cf3761b328ecd48e4a
                                        
                                            POST /g78f9/in/e13d98ed069bfc56729fe17b4213100c/2 HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
x-as-transport: 6
Content-Length: 20096
Origin: https://www.nexi.it
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe4b649d8ba13d57b58e7a55cdb4f3f6de8ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc297dd0ef3d1ece2f886328d0f18e4c1ed8110a647f094154b4d73e1f2ed5bdc5; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg=1176715910%7CMCIDTS%7C19238%7CMCMID%7C69807001804964175311654381237983550581%7CMCAAMLH-1662698909%7C6%7CMCAAMB-1662698909%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1662101309s%7CNONE%7CvVersion%7C5.4.0; _ga_2EQBRC1CMY=GS1.1.1662094108.1.0.1662094109.0.0.0; _ga=GA1.2.1208166052.1662094109; AMCVS_6A724E255ED5F2A60A495E0E%40AdobeOrg=1; _gid=GA1.2.1437864692.1662094110; _gat_UA-3681719-1=1; lb_cookie=rd7o00000000000000000000ffff0a0a010co8443; s_cc=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Date: Fri, 02 Sep 2022 04:48:30 GMT
Access-Control-Allow-Origin: https://www.nexi.it
Vary: Origin
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, proxy-revalidate, no-transform, must-revalidate
Pragma: no-cache
Expires: 0
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe4b649d8ba13d57b58e7a55cdb4f3f6de8ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc297dd0ef3d1ece2f886328d0f18e4c1ed8110a647f094154b4d73e1f2ed5bdc5; Path=/; Domain=.www.nexi.it

                                        
                                            POST /g78f9/in/35a637bcbb435062331fa6fd0a1de4af/1 HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
x-as-transport: 6
Content-Length: 291924
Origin: https://www.nexi.it
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg=1176715910%7CMCIDTS%7C19238%7CMCMID%7C69807001804964175311654381237983550581%7CMCAAMLH-1662698909%7C6%7CMCAAMB-1662698909%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1662101309s%7CNONE%7CvVersion%7C5.4.0; _ga_2EQBRC1CMY=GS1.1.1662094108.1.0.1662094109.0.0.0; _ga=GA1.1.1208166052.1662094109; AMCVS_6A724E255ED5F2A60A495E0E%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Date: Fri, 02 Sep 2022 04:48:30 GMT
Access-Control-Allow-Origin: https://www.nexi.it
Vary: Origin
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, proxy-revalidate, no-transform, must-revalidate
Pragma: no-cache
Expires: 0
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it

                                        
                                            GET /g78f9/in/e13d98ed069bfc56729fe17b4213100c/8/35a637bcbb435062331fa6fd0a1de4af HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe4b649d8ba13d57b58e7a55cdb4f3f6de8ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc297dd0ef3d1ece2f886328d0f18e4c1ed8110a647f094154b4d73e1f2ed5bdc5; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg=1176715910%7CMCIDTS%7C19238%7CMCMID%7C69807001804964175311654381237983550581%7CMCAAMLH-1662698909%7C6%7CMCAAMB-1662698909%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1662101309s%7CNONE%7CvVersion%7C5.4.0; _ga_2EQBRC1CMY=GS1.1.1662094108.1.0.1662094109.0.0.0; _ga=GA1.2.1208166052.1662094109; AMCVS_6A724E255ED5F2A60A495E0E%40AdobeOrg=1; _gid=GA1.2.1437864692.1662094110; _gat_UA-3681719-1=1; lb_cookie=rd7o00000000000000000000ffff0a0a010co8443; s_cc=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 02 Sep 2022 04:48:30 GMT
Cache-Control: no-cache, no-store, proxy-revalidate, no-transform, must-revalidate
Pragma: no-cache
Expires: 0
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe4b649d8ba13d57b58e7a55cdb4f3f6de8ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc297dd0ef3d1ece2f886328d0f18e4c1ed8110a647f094154b4d73e1f2ed5bdc5; Path=/; Domain=.www.nexi.it
Vary: Accept-Encoding


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    07fff40b5dd495aca2ac4e1c3fbc60aa
Sha1:   e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
Sha256: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10760
Expires: Fri, 02 Sep 2022 07:47:50 GMT
Date: Fri, 02 Sep 2022 04:48:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10760
Expires: Fri, 02 Sep 2022 07:47:50 GMT
Date: Fri, 02 Sep 2022 04:48:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10760
Expires: Fri, 02 Sep 2022 07:47:50 GMT
Date: Fri, 02 Sep 2022 04:48:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10760
Expires: Fri, 02 Sep 2022 07:47:50 GMT
Date: Fri, 02 Sep 2022 04:48:30 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07bb4db4-56e2-4430-909b-976597aba501.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13253
x-amzn-requestid: 372e3029-5c62-431c-9610-9045be377566
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqCtkFu8IAMFeLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d7e56-4d7bb8b503cc59e901844669;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 03:04:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: F1_0ZY-X5-j8tKr4tU6-8FV0nVj7r37W-2iy2Y-ILkNEt08piIME7w==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 08:09:54 GMT
age: 74316
etag: "b9ef3333987cfc271b81bafc90a353d9d135b04b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13253
Md5:    b1c779e7aabb3a1f345a82155f80d595
Sha1:   b9ef3333987cfc271b81bafc90a353d9d135b04b
Sha256: 0a2e1e59853593878a416c9aa6604ce0389903d03144e8a6441901b700270fcf
                                        
                                            GET /modules.07ac9b8d187d510db456.js HTTP/1.1 
Host: script.hotjar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.46
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 65413
date: Tue, 30 Aug 2022 12:30:07 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "fff5770f0de5c66c4269264cf792ec05"
last-modified: Tue, 30 Aug 2022 12:29:33 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZqoPrG3RorRnvBmUL3Bvj6xmwKEeVVXz-89ioQTmpUtOZY2h_DoXgw==
age: 231503
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (48715)
Size:   65413
Md5:    fff5770f0de5c66c4269264cf792ec05
Sha1:   39fdb897caaa4b3d6baaee51c84f6d4ffda5e055
Sha256: 5a4eb0540987c1ad47a0f9080596d4476cb659f503c0b9ab0e5dddd54221deeb
                                        
                                            GET /ibs:dpid=411&dpuuid=YxGLHgAAAEdXAAOV HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nexi.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.154.199.204
HTTP/1.1 302 Found
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v038-025173b61.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YxGLHgAAAEdXAAOV
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=14522655922924622613361793973325840822; Max-Age=15552000; Expires=Wed, 01 Mar 2023 04:48:30 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 2jvY9GXLTn8=
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409dfca9-6638-46e3-bd6c-98a42f043bc4.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9040
x-amzn-requestid: 24ba8357-3dbc-4609-8998-a358d3b4c4cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLleHKxIAMFqFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112622-2b67e5bd14e08d5c3ccf352f;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ot2ovRarFg0nSndNjtz8HZJjZ4zlgAoCZvQY1QLbjAaNUSzf7A4tVQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:38:30 GMT
age: 25800
etag: "05e3b1ca0471c4a754beefd5fa5cf88b8d86c141"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9040
Md5:    a6c03a9391cf529bf7354ef49730bf29
Sha1:   05e3b1ca0471c4a754beefd5fa5cf88b8d86c141
Sha256: c0f03851ec2bb7dce175820e2d89112d4149c2bedee10b82ea7a751ca0fdc134
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46f649a4-e4bd-4029-a6eb-fb8b7b66d943.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3283
x-amzn-requestid: 8567846c-e747-40ce-9129-72714bb0ef33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMBqF5CIAMFnzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631126d7-2726b25630a7935048414ad9;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nX9drLFEO1J-Kb2E5t2qrr3pkpyxlL5KTqvKLKhycFLeYUV0ns7UcA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:56:58 GMT
age: 24692
etag: "9df71dbf1cfc4501fe364875aec931b1d4cf966b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3283
Md5:    1594505ac80a2d787d918c39c8ddc7d1
Sha1:   9df71dbf1cfc4501fe364875aec931b1d4cf966b
Sha256: eadc0f6f8ffb5337db910ddc8e73040a9d000c8af3f61ff57e901e5a45f9d9c0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92e93c5d-fd27-4eb2-b92a-cb36c0a9dd5a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9960
x-amzn-requestid: 50b32ec4-bc0d-4688-a57f-3a2be28296e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzL6_EaxoAMFh0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631126ac-6e34c4b477bee94b43ac67ed;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: m4O94k0M1ODXowQJCRLhRrkQuG2oW9BG88wvoKOwFSynVVvgzf3M9Q==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:06:50 GMT
age: 24100
etag: "a914438297847f1de165c8ec8b67d4204cfb8aa0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9960
Md5:    ab0ab1c19ba075fb2824d46c54df9f71
Sha1:   a914438297847f1de165c8ec8b67d4204cfb8aa0
Sha256: 603c5ab17b63559dedb5d0fb7df703406ea3f0c5af64f794ba19523b887f346f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe107ad28-65a4-4da6-acf9-ccb14d8503cd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10489
x-amzn-requestid: 9ddf3d6f-b4d1-4d5f-a84d-cfdb3bcbd80c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLx_HKqoAMFzCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112672-7de601b74dcc23070611db09;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:38:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p8UoOZXko5kHqr_GvEy2q1W9hSuLkA-Xp2KG9tO7S4pmyz_Dl4s-DA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:03:15 GMT
age: 24315
etag: "ec84f7d5c5202df3bd716e19ceb9b0283cfff714"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10489
Md5:    e22c8145b541b1fbc277f2f76fd91d2a
Sha1:   ec84f7d5c5202df3bd716e19ceb9b0283cfff714
Sha256: 32dbfeaac6960253057fe4d24ad7d782d4e398a49b188c0af357dd924bf0c9c3
                                        
                                            GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 Aug 2022 12:31:58 GMT
expires: Sun, 27 Aug 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 490592
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size:   15344
Md5:    5d4aeb4e5f5ef754e307d7ffaef688bd
Sha1:   06db651cdf354c64a7383ea9c77024ef4fb4cef8
Sha256: 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4655
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 04:48:30 GMT
Last-Modified: Fri, 02 Sep 2022 03:30:55 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YxGLHgAAAEdXAAOV HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nexi.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.154.199.204
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-2-v038-0b8676b4d.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: cHaLY3QAScE=
Content-Length: 59
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   59
Md5:    1251cd5e5c2def4c046309375f87c1c1
Sha1:   e02d6b0c6a5c495c15985e2832e335eda8528c80
Sha256: 4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
                                        
                                            GET /b/ss/nexipayments.production/1/JS-2.22.4-LCS4/s77590690962440?AQB=1&ndh=1&pf=1&t=2%2F8%2F2022%204%3A48%3A29%205%200&mid=69807001804964175311654381237983550581&aamlh=6&ce=UTF-8&pageName=%2Flogin-titolari.html&g=https%3A%2F%2Fwww.nexi.it%2Flogin-titolari.html%3Fhttps%3A%2F%2Fwww.nexi.it%2Fprivati%2Fservizi%2Farea-personale.html&cc=EUR&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v4=%2Flogin-titolari.html&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=6A724E255ED5F2A60A495E0E%40AdobeOrg&AQE=1 HTTP/1.1 
Host: nexipayments.sc.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         15.236.176.210
HTTP/2 200 OK
content-type: image/gif;charset=utf-8
                                        
access-control-allow-origin: *
date: Fri, 02 Sep 2022 04:48:30 GMT
expires: Thu, 01 Sep 2022 04:48:30 GMT
last-modified: Sat, 03 Sep 2022 04:48:30 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3569319924061896704-4619832388940084519
vary: *
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 2 x 2\012- data
Size:   43
Md5:    ad480fd0732d0f6f1a8b06359e3a42bb
Sha1:   a544538683a2dfe574eeb2e358ac8fcc78289d50
Sha256: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Sep 2022 04:48:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3681719-1&cid=1208166052.1662094109&jid=1012224156&gjid=355643866&_gid=1437864692.1662094110&_u=YADAAEAAAAAAAC~&z=661407480 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.nexi.it
Connection: keep-alive
Referer: https://www.nexi.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         64.233.163.155
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.nexi.it
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Sep 2022 04:48:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Sep 2022 04:48:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2302
Cache-Control: max-age=109252
Date: Fri, 02 Sep 2022 04:48:31 GMT
Etag: "631089e5-1d7"
Expires: Sat, 03 Sep 2022 11:09:23 GMT
Last-Modified: Thu, 01 Sep 2022 10:31:01 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Sep 2022 04:48:31 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 06 Sep 2022 02:16:28 GMT
ETag: "1d0181652bb3d8f25877b89c5a48045ca312bf6f"
Last-Modified: Fri, 02 Sep 2022 02:16:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 82
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74439d249cd0b4eb-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    14c3e41aa544b840c3ad6259d3ab3a1d
Sha1:   1d0181652bb3d8f25877b89c5a48045ca312bf6f
Sha256: 1ebf03b8f9ef06979f7ef81b8bd333d39d7b6915d4734247aacefb276e7dfcdf
                                        
                                            OPTIONS /api/services/login/auth/prelogin/card-holder-name HTTP/1.1 
Host: privati.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: application,cache-control,channel,client-version,content-type,env,locale,macro-context,micro-context,pragma
Referer: https://www.nexi.it/
Origin: https://www.nexi.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         185.198.117.136
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.nexi.it
Access-Control-Allow-Headers: application,cache-control,channel,client-version,content-type,env,locale,macro-context,micro-context,pragma
Content-Length: 30
Date: Fri, 02 Sep 2022 04:48:31 GMT
Set-Cookie: lb_cookie=rd7o00000000000000000000ffff0a0a010co8443; expires=Sat, 03-Sep-2022 04:48:31 GMT; path=/ lb_cookie_privati="fdaa1aa047ac547b97b97d31ec0778cf3fc4240e0e2ab338527fcb567344b37f pero"; Path=/; Domain=.nexi.it; Expires=Fri, 02-Sep-2022 06:48:31 GMT ncsi=a7dc55a4563f7efcf4afb3e40ee938fe; Path=/; Domain=nexi.it; Expires=Fri, 02-Sep-2022 05:18:31 GMT binc=d37191e4f3cd4e4c78427c87fdb63f31; Path=/; Domain=nexi.it; Expires=Sat, 02-Sep-2023 04:48:31 GMT TS014ad647=01d37309fce5734491308ea7f9352cfbe8f2bd35aa05ed671200d253a715ca140c6fd4584edde60f2d88489faffd297879a0852e74; Path=/ TS01db9159=01d37309fce5734491308ea7f9352cfbe8f2bd35aa05ed671200d253a715ca140c6fd4584edde60f2d88489faffd297879a0852e74; path=/; domain=.nexi.it TS01be1f7b=01d37309fce5734491308ea7f9352cfbe8f2bd35aa05ed671200d253a715ca140c6fd4584edde60f2d88489faffd297879a0852e74; path=/; domain=nexi.it
uniqueid: e196dd83c724ee103f2ec5d253b641c4
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Vary: Accept-Encoding


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   30
Md5:    960d1cc4e1f7a974a962fb0b012852fc
Sha1:   dcd6c28c02b13f4a53c2f5369447afa209272d43
Sha256: 4d1a6db34f7312fa88cadb1bb9e8c7be442676877b46df4e8833066eb98797d8
                                        
                                            GET /api/services/login/auth/prelogin/card-holder-name HTTP/1.1 
Host: privati.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nexi.it/
Content-Type: application/json
pragma: no-cache
cache-control: no-cache
Application: pt
Env: PRODUCTION
Client-Version: [object Object]
Channel: web
Locale: it
Macro-Context:
Micro-Context:
Origin: https://www.nexi.it
Connection: keep-alive
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg=1176715910%7CMCIDTS%7C19238%7CMCMID%7C69807001804964175311654381237983550581%7CMCAAMLH-1662698909%7C6%7CMCAAMB-1662698909%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1662101309s%7CNONE%7CMCSYNCSOP%7C411-19245%7CvVersion%7C5.4.0; _ga_2EQBRC1CMY=GS1.1.1662094108.1.0.1662094109.0.0.0; _ga=GA1.2.1208166052.1662094109; AMCVS_6A724E255ED5F2A60A495E0E%40AdobeOrg=1; _gid=GA1.2.1437864692.1662094110; _gat_UA-3681719-1=1; s_cc=true; _hjSessionUser_653229=eyJpZCI6IjFkZGRkZDVhLTY3MzItNWY5Ny04MjVhLWIyZWVkNjAwNjBmMyIsImNyZWF0ZWQiOjE2NjIwOTQxMTAwNjcsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_653229=eyJpZCI6IjkxNjcxZjQzLTQ3MjMtNDI3YS1iMmFkLWY5ZWU5ZmJlMjgzOCIsImNyZWF0ZWQiOjE2NjIwOTQxMTAyMzAsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0; mbox=session#2f9659b019404a4fa6e87ff2469f98f8#1662095971; at_check=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         185.198.117.136
HTTP/1.1 200 OK
Content-Type: application/json;charset=UTF-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.nexi.it
X-Application-Context: zuul-gateway:production:4000
Content-Length: 2
Date: Fri, 02 Sep 2022 04:48:31 GMT
Set-Cookie: wpamm_cookie=22871527273600712691311000000000000000000000; Max-Age=2147483647; Path=/CHP/api/services/login/auth/prelogin; HttpOnly; Domain=privati.nexi.it lb_cookie=rd7o00000000000000000000ffff0a0a0128o8443; expires=Sat, 03-Sep-2022 04:48:31 GMT; path=/ lb_cookie_privati="bfbc4033530dcb6fdabc54fe502f228540445989c876aae6ab0effc4b1fd55ab pero"; Path=/; Domain=.nexi.it; Expires=Fri, 02-Sep-2022 06:48:31 GMT ncsi=2be0928ce2f9f45f7b5f85803446fcd1; Path=/; Domain=nexi.it; Expires=Fri, 02-Sep-2022 05:18:31 GMT binc=10ea3e2845bb5514a32711078bf61c4f; Path=/; Domain=nexi.it; Expires=Sat, 02-Sep-2023 04:48:31 GMT TS014ad647=01d37309fca25f2d8c1ac9dbb85396145018d667972f7055150b2340275ab874a8489207be4c1667ea41d8d527990cf05f2e8a5ece; Path=/ TS013e2413=01d37309fca25f2d8c1ac9dbb85396145018d667972f7055150b2340275ab874a8489207be4c1667ea41d8d527990cf05f2e8a5ece; path=/CHP/api/services/login/auth/prelogin; domain=privati.nexi.it TS01db9159=01d37309fca25f2d8c1ac9dbb85396145018d667972f7055150b2340275ab874a8489207be4c1667ea41d8d527990cf05f2e8a5ece; path=/; domain=.nexi.it TS01be1f7b=01d37309fca25f2d8c1ac9dbb85396145018d667972f7055150b2340275ab874a8489207be4c1667ea41d8d527990cf05f2e8a5ece; path=/; domain=nexi.it
uniqueid: 1e6cfa931c72aed5f7c57c1ad1c9054c
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Vary: Accept-Encoding


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /content/dam/nexi/portale-titolari/pagine-login/portale-titolari/login_pt_background_02.jpg HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; ncsi=2be0928ce2f9f45f7b5f85803446fcd1; binc=10ea3e2845bb5514a32711078bf61c4f; TS01a05a0f=0101a8acbe4b649d8ba13d57b58e7a55cdb4f3f6de8ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc297dd0ef3d1ece2f886328d0f18e4c1ed8110a647f094154b4d73e1f2ed5bdc5; TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg=1176715910%7CMCIDTS%7C19238%7CMCMID%7C69807001804964175311654381237983550581%7CMCAAMLH-1662698909%7C6%7CMCAAMB-1662698909%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1662101309s%7CNONE%7CMCSYNCSOP%7C411-19245%7CvVersion%7C5.4.0; _ga_2EQBRC1CMY=GS1.1.1662094108.1.0.1662094110.0.0.0; _ga=GA1.2.1208166052.1662094109; AMCVS_6A724E255ED5F2A60A495E0E%40AdobeOrg=1; _gid=GA1.2.1437864692.1662094110; _gat_UA-3681719-1=1; lb_cookie=rd7o00000000000000000000ffff0a0a010co8443; s_cc=true; _hjSessionUser_653229=eyJpZCI6IjFkZGRkZDVhLTY3MzItNWY5Ny04MjVhLWIyZWVkNjAwNjBmMyIsImNyZWF0ZWQiOjE2NjIwOTQxMTAwNjcsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=1; _hjSession_653229=eyJpZCI6IjkxNjcxZjQzLTQ3MjMtNDI3YS1iMmFkLWY5ZWU5ZmJlMjgzOCIsImNyZWF0ZWQiOjE2NjIwOTQxMTAyMzAsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0; mbox=session#2f9659b019404a4fa6e87ff2469f98f8#1662095971|PC#2f9659b019404a4fa6e87ff2469f98f8.37_0#1725338911; at_check=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 02 Sep 2022 04:48:31 GMT
Last-Modified: Mon, 29 Aug 2022 20:14:57 GMT
ETag: "69983-5e766eaeeda30"
Accept-Ranges: bytes
Content-Length: 432515
Access-Control-Allow-Methods: GET, HEAD
Cache-Control: max-age=300, public
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: TS01a05a0f=0101a8acbe4b649d8ba13d57b58e7a55cdb4f3f6de8ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc297dd0ef3d1ece2f886328d0f18e4c1ed8110a647f094154b4d73e1f2ed5bdc5; Path=/; Domain=.www.nexi.it


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1440x1024, components 3\012- data
Size:   432515
Md5:    b9a33ab5b99902deb7d1c2a80e087d3b
Sha1:   735b1f9129d66f768861a332dc0f6e0e0c8fc4fd
Sha256: dc50ef7f80147b0a2407f5a560125db8b36c799d5a5a32b17d83fea8f03492e5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Sep 2022 04:48:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3681719-1&cid=1208166052.1662094109&jid=1012224156&_u=YADAAEAAAAAAAC~&z=94144635 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 04:48:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Sep 2022 04:48:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /c/hotjar-653229.js?sv=7 HTTP/1.1 
Host: static.hotjar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nexi.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.66
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Fri, 02 Sep 2022 04:48:30 GMT
cache-control: max-age=60
etag: W/6f17dc509ed162489e0e39f07d1bd875
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: u8pQCjXw7IUwnebTtzQZ9bt71Plc98AsZO1zO-o9c8EIRlB2OO8yiQ==
age: 49
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /rest/v1/delivery?client=nexipayments&sessionId=2f9659b019404a4fa6e87ff2469f98f8&version=2.8.2 HTTP/1.1 
Host: nexipayments.tt.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1011
Origin: https://www.nexi.it
Connection: keep-alive
Referer: https://www.nexi.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.248.44.21
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
                                        
date: Fri, 02 Sep 2022 04:48:31 GMT
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
access-control-allow-origin: https://www.nexi.it
access-control-allow-credentials: true
x-request-id: 2ee33646ef48f12e885cfbff50c1999a
timing-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /login-titolari.html?https://www.nexi.it/privati/servizi/area-personale.html HTTP/1.1 
Host: www.nexi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         185.198.118.126
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 02 Sep 2022 04:48:28 GMT
Last-Modified: Mon, 29 Aug 2022 22:00:47 GMT
ETag: "e5e00-5e7686566cdf3"
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Set-Cookie: lb_cookie2="33e3b2eddb5d3afa9695fab4a436cbead495e67320d6c1a06799d85e58a343c9 settimo"; Path=/; Domain=.nexi.it; Expires=Fri, 02-Sep-2022 06:48:28 GMT ncsi=2be0928ce2f9f45f7b5f85803446fcd1; Path=/; Domain=nexi.it; Expires=Fri, 02-Sep-2022 05:18:28 GMT binc=10ea3e2845bb5514a32711078bf61c4f; Path=/; Domain=nexi.it; Expires=Sat, 02-Sep-2023 04:48:28 GMT TS01a05a0f=0101a8acbe9065ee91db0dec6e0257b732288fcc058ae913957786aa1c6b418c3e9bf551c8706270b5aaff8dddebe654ca26da94bc33104e62b9499e2de04383a142a245ca; Path=/; Domain=.www.nexi.it TS019ca071=0101a8acbeae2741c0fe09ad34f3c2720ba75e26d88ae913957786aa1c6b418c3e9bf551c8eb4c863483055d703a27d70bc8f124245347063457a958b489f55256de2ed8fc4079f122eca8080a91043067a503dece; path=/; domain=nexi.it
uniqueid: 35a637bcbb435062331fa6fd0a1de4af
Transfer-Encoding: chunked


--- Additional Info ---
                                        
                                            GET /cdn-cgi/trace HTTP/1.1 
Host: www.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.nexi.it
Connection: keep-alive
Referer: https://www.nexi.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.16.123.96
HTTP/2 200 OK
content-type: text/plain
                                        
date: Fri, 02 Sep 2022 04:48:30 GMT
access-control-allow-origin: *
server: cloudflare
cf-ray: 74439d1e7e5fb4eb-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---