r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4244
Expires: Sun, 22 Jan 2023 20:02:50 GMT
Date: Sun, 22 Jan 2023 18:52:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8a5e416451617846248067d72b675125
995b0346adefaf5f2e167d1b81e60cc9afc4f19e
c5fafb9127b71cbd4f7b1a44f755fc4aa0e2f47bbc50de4b15c870a22bf160d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5FAFB9127B71CBD4F7B1A44F755FC4AA0E2F47BBC50DE4B15C870A22BF160D9"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7129
Expires: Sun, 22 Jan 2023 20:50:55 GMT
Date: Sun, 22 Jan 2023 18:52:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 22 Jan 2023 18:42:32 GMT
content-type: application/json
age: 574
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13002
Expires: Sun, 22 Jan 2023 22:28:48 GMT
Date: Sun, 22 Jan 2023 18:52:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZZ4hpaqzQ9NlYHENvCbFCkrQ1aZbQA8sJqkWcYF+DzUIDxql8/s1a973DF0u5XW9CV3zwqja9M8=
x-amz-request-id: H3CD4NYC8D0EB7RZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 22 Jan 2023 18:47:24 GMT
age: 282
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:52:06 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 22 Jan 2023 18:48:58 GMT
age: 189
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4639
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:52:07 GMT
Last-Modified: Sun, 22 Jan 2023 17:34:48 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.167.56.184101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.167.56.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: J2ZAKBfTxEyC5Gcl50lsAA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: btyqFDQlfQHvoQEXWAzqWKlJNgQ=
news.prolocosangiovannivaldarno.it/
89.46.105.68200 OK 14 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/
IP 89.46.105.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1746), with CRLF, LF line terminators
Hash 5dbf8aebdc7bbb55b001039ed8b26476
6da6ecb348b95156a21cd7b4b4ced3938590aabb
5f8d328f4ddd477db4e068c83eb61df5941072170c990b881bbc26bb393c0c16
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://news.prolocosangiovannivaldarno.it/xmlrpc.php
Link: <http://news.prolocosangiovannivaldarno.it/wp-json/>; rel="https://api.w.org/", <http://news.prolocosangiovannivaldarno.it/>; rel=shortlink
Set-Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7; path=/
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-includes/css/dist/block-library/style.min.css?ver=5.0.18
89.46.105.68200 OK 4.4 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-includes/css/dist/block-library/style.min.css?ver=5.0.18
IP 89.46.105.68:0
File type ASCII text, with very long lines (25658), with no line terminators
Hash c3cf869fdf57a5517263a279051ce64a
40317f4ad822e2df9aae157f91d9ccb878bca8bd
3376cdda0ced1c55adf3a34b7c2b99418c8769024040e3ff63e602cea3c1968e
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.0.18 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 10 Jan 2019 16:59:05 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1
89.46.105.68200 OK 652 B URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1
IP 89.46.105.68:0
Hash 5b378deba27b30b77cedceb2f64741b8
ed2aec42e9db42f84d0b1670283cab677587fe49
2db004af0477ba3d0d7b01d961bbcbb92ff16e7cfd699a525ac76e8f41da7cce
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 10 Jan 2019 17:00:05 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700&ver=5.0.18
142.250.74.106200 OK 521 B URL HTTP/1.1 fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700&ver=5.0.18
IP 142.250.74.106:0
Hash b52e405858cd07e929b5387c0ed0d1de
8dc157b5ece5222f0f175eee9379a699dee76cd8
e289bd897465ef8c6c74d81d09ee98cf500d744073df727158f6323caf335547
GET /css?family=Montserrat%3Aregular%2C700&ver=5.0.18 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 22 Jan 2023 18:52:08 GMT
Date: Sun, 22 Jan 2023 18:52:08 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C300%2C600%2C700%2C800%7CLora%3A400italic%2C400%2C700%2C700italic%7COswald%3A400%2C300%7CNews+Cycle%3A400%2C700&ver=5.0.18
142.250.74.106200 OK 1.3 kB URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C300%2C600%2C700%2C800%7CLora%3A400italic%2C400%2C700%2C700italic%7COswald%3A400%2C300%7CNews+Cycle%3A400%2C700&ver=5.0.18
IP 142.250.74.106:0
Hash f1bddea6841de3db8c87bd2a8dfdb870
32cf15ffdc156e310ec486d5249464d0a91fd64b
e7f18ea18616ae48105e6d572795964d5074a5c0d58d937e93fc64c7f6477e97
GET /css?family=Open+Sans%3A400italic%2C400%2C300%2C600%2C700%2C800%7CLora%3A400italic%2C400%2C700%2C700italic%7COswald%3A400%2C300%7CNews+Cycle%3A400%2C700&ver=5.0.18 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 22 Jan 2023 18:52:08 GMT
Date: Sun, 22 Jan 2023 18:52:08 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C600%2C700&ver=5.0.18
142.250.74.106200 OK 575 B URL HTTP/1.1 fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C600%2C700&ver=5.0.18
IP 142.250.74.106:0
Hash 334d94c80affe8305a7ecdaa57dd0adb
df3bd5d0807f4a54469d825259fa9a3463a3513e
dbab8809ac95e28b28f55e79aa2094ab468bdf71c40a87670030553d84b746ee
GET /css?family=Montserrat%3A300%2C400%2C600%2C700&ver=5.0.18 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 22 Jan 2023 18:52:08 GMT
Date: Sun, 22 Jan 2023 18:52:08 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
news.prolocosangiovannivaldarno.it/wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=5.0.18
89.46.105.68200 OK 9.9 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=5.0.18
IP 89.46.105.68:0
File type ASCII text, with very long lines (45507)
Hash 5461f4245e200d2f862e21adef8c941e
f7cdc1057b5dbef218852fd09e499d647ed45f40
604049d32fdaa5460a35b6b4814cc5ee10197890ccdc415a17d107df2cf9e94f
GET /wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=5.0.18 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 10 Jan 2019 17:00:40 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.css?ver=1
89.46.105.68200 OK 313 B URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.css?ver=1
IP 89.46.105.68:0
File type ASCII text, with very long lines (850)
Hash 1dd1129795df6e900fecbe2d73ac3068
9adafd827ba7c5a59f41d466862547c45508a0a8
9dfdac78c0115c8877fbe917d83f5ade1e64af7c50c3167ecae8e139efe1edd3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.css?ver=1 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 07 Nov 2017 17:18:31 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/plugins/social-media-widget/social_widget.css?ver=5.0.18
89.46.105.68200 OK 507 B URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/social-media-widget/social_widget.css?ver=5.0.18
IP 89.46.105.68:0
Hash ec64861b00ac1a9240637a76caa3c931
558db07c00818f63025d4ec4a5c7f3aee6909b06
17eff06e2c6b677b623ff8518dc58196e1c72e47a44e7d8087efbbd7af20766f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/social-media-widget/social_widget.css?ver=5.0.18 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 17 Feb 2017 11:53:07 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/plugins/mailchimp-for-wp/assets/css/form-themes.css?ver=4.8.11
89.46.105.68200 OK 1.3 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/mailchimp-for-wp/assets/css/form-themes.css?ver=4.8.11
IP 89.46.105.68:0
File type ASCII text, with very long lines (6776), with no line terminators
Hash b18099fb4816b5742037a8ca9fe5c708
6ff7fb79247e4b6a13d820ed10f20bbbb549afa1
d3dbeb0c8f06c008f4529dc60b4c4350e36f85840e3661ea92a746d1859cfe1d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/mailchimp-for-wp/assets/css/form-themes.css?ver=4.8.11 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 19 Nov 2022 10:24:19 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
a.mailmunch.co/app/v1/site.js
143.204.55.29200 OK 8.4 kB URL HTTP/1.1 a.mailmunch.co/app/v1/site.js
IP 143.204.55.29:0
File type ASCII text, with very long lines (26047), with no line terminators
Hash 6d1c8151ae9d98b8e0415d8816046293
a6dcf215fcc68883a880284115fc5c5a1e45ef49
a060737ed370d894f5d36a229271aa1631215c771793961af9962050a2b41a77
GET /app/v1/site.js HTTP/1.1
Host: a.mailmunch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 8416
Connection: keep-alive
Date: Sun, 22 Jan 2023 03:03:22 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, POST, PUT, DELETE
Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 3000
Last-Modified: Fri, 20 Jan 2023 23:33:40 GMT
ETag: "6d1c8151ae9d98b8e0415d8816046293"
Cache-Control: max-age=172800
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Q236G47YdTcuve_goxYqkDonRzq8olJ8nYGRoYhiwYzFAZqrYsNakQ==
Age: 56927
news.prolocosangiovannivaldarno.it/wp-content/plugins/download-manager/assets/css/front.css?ver=5.0.18
89.46.105.68200 OK 36 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/download-manager/assets/css/front.css?ver=5.0.18
IP 89.46.105.68:0
File type ASCII text, with very long lines (482)
Hash 6ba7ad14fba0150175c8c5f9c1132441
21cc703996b4dd2b5df30788497d49c9baa92c7a
f8d2c5bece0c164e4962604aee7badc7adfe58e9b78d40f83484f73603a9635b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/download-manager/assets/css/front.css?ver=5.0.18 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 10 Jan 2019 17:00:40 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 826d5c766ce0ce8420f434a6a6bf54e8
cfa552769c70d2116d812969848563a581752396
81f8186af0c427a089da76610236d631bab359b23118ad5fb3c5ba78247cfe58
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:52:08 GMT
Etag: "63cc8541-118"
Server: ECS (amb/6B99)
Content-Length: 280
news.prolocosangiovannivaldarno.it/wp-content/plugins/wpml-cms-nav/res/css/navigation.css?ver=1.4.21
89.46.105.68200 OK 195 B URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/wpml-cms-nav/res/css/navigation.css?ver=1.4.21
IP 89.46.105.68:0
Hash 9814326af00ee2ee4fd2cb335ffe029a
4182bd3e19d3e1049ae0d805bcaa77841e0477ac
f08834e4658395c1da632570d860cc916a14e888a448c1736a1e72e9efbb5a95
GET /wp-content/plugins/wpml-cms-nav/res/css/navigation.css?ver=1.4.21 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 07 Nov 2017 17:13:54 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.css?ver=5.0.18
89.46.105.68200 OK 20 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.css?ver=5.0.18
IP 89.46.105.68:0
Hash 08b0dfedc8bad1311d2e5bb4f7d507bc
bacfa18cd1c12bff92ac6c5d4dc9100f9dae192d
0c9edd1f761dbf902856192e82662c10efc881a63d3d22c7818befa10e36a041
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.css?ver=5.0.18 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 10 Jan 2019 17:00:40 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/plugins/wpml-cms-nav/res/css/cms-navigation-base.css?ver=1.4.21
89.46.105.68200 OK 936 B URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/wpml-cms-nav/res/css/cms-navigation-base.css?ver=1.4.21
IP 89.46.105.68:0
Hash f64c8a83d12a7a48abb059216d091719
af8aa1beca491228bea29e11be9bd9e1ba359782
8101795012de9450714c2a97c8f9b1ccd6c3af05574ecc8214e50032831a9ffe
GET /wp-content/plugins/wpml-cms-nav/res/css/cms-navigation-base.css?ver=1.4.21 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 07 Nov 2017 17:13:53 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/plugins/wpml-cms-nav/res/css/cms-navigation.css?ver=1.4.21
89.46.105.68200 OK 646 B URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/wpml-cms-nav/res/css/cms-navigation.css?ver=1.4.21
IP 89.46.105.68:0
Hash 38d8a87181b4ffe7001e20f331f4dfac
df661f933ed504558913d21007e75317dc11b222
65d2fa2cf3cfc6a12e19f41244c30cb8a5b6bd669e173b5aef0cd20dfb446930
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpml-cms-nav/res/css/cms-navigation.css?ver=1.4.21 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 07 Nov 2017 17:13:54 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/css/dyncss.css?ver=5.0.18
89.46.105.68200 OK 17 B URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/css/dyncss.css?ver=5.0.18
IP 89.46.105.68:0
File type ASCII text, with no line terminators
Hash ff40694fc1b0f1173806090b25dee643
130cf1e8dc6d81988e45bb19b7952a739550ae27
f5ca5776a04fe9cc6ee7b1bb6d56ec1f3d41f303185350760af74664c25304f1
GET /wp-content/themes/blogit-wp/css/dyncss.css?ver=5.0.18 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: text/css
Content-Length: 17
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2016 10:32:57 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.0.18
89.46.105.68200 OK 1.1 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.0.18
IP 89.46.105.68:0
File type ASCII text, with very long lines (5334), with no line terminators
Hash 8ea2086986daf814927f282527c2abda
37c803bd996f97f6fc837e28bc394fbecbc64dc7
34898abb1100b23f47f07b953be6c0fa56d9ec3a6759936324ace5262a970378
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cookie-notice/css/front.min.css?ver=5.0.18 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 19 Nov 2022 10:28:49 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-includes/js/jquery/jquery.js?ver=1.12.4
89.46.105.68200 OK 34 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 89.46.105.68:0
File type ASCII text, with very long lines (31997)
Hash 52337c64ba22a8dc64cd0c15ffa5f040
f22ea974e10e43f68833d7d020e370378fafe69c
6818a20d51cd8dfc2c3473f33d9822466b3d4eb898706ed3899fece665237be4
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 05 Sep 2019 10:46:47 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.0.18
89.46.105.68200 OK 9.6 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.0.18
IP 89.46.105.68:0
File type ASCII text, with very long lines (32025)
Hash ac40765cec4efa10449407d3334496ed
03547b4b7724fbb1204bf2001c8862cf322eb4b3
b22bfaebdba2e251798205492458cb92aca632c8e935a2c083c2c6e2ecf6fb2e
GET /wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.0.18 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 10 Jan 2019 17:00:40 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/plugins/download-manager/assets/js/front.js?ver=5.0.18
89.46.105.68200 OK 7.3 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/download-manager/assets/js/front.js?ver=5.0.18
IP 89.46.105.68:0
File type C++ source, ASCII text, with very long lines (4123)
Hash 664b1ce750ac8ba4bee38d14ff300a29
02b12a0fe47b580233746fdaf302a6c5bb5f643c
ba676a9488e81cf689917bb4b2575d20c68f353dd20d0203769e0f0754d64935
GET /wp-content/plugins/download-manager/assets/js/front.js?ver=5.0.18 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 10 Jan 2019 17:00:41 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js?ver=5.0.18
89.46.105.68200 OK 8.9 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js?ver=5.0.18
IP 89.46.105.68:0
Hash d2425798e7e1dfed6af51a1556743f56
4e438aedf311ffd25d67c2c087ac1aba462f699c
f866b699af491f8d2483af89513a422937194708cb65f12757bbb88d60f05d02
GET /wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js?ver=5.0.18 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 10 Jan 2019 17:00:41 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.2
89.46.105.68200 OK 2.1 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.2
IP 89.46.105.68:0
File type C source, ASCII text, with very long lines (8750), with no line terminators
Hash ffe1a137ea70712b3d4992571d94784b
81f9c50767edd2afdf7abb3b92f00c53795a3bd7
f4ccf10b3d5e30a2f48072096c57177918dd7af1736beeaf53fb38efee46d2fb
GET /wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.2 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 19 Nov 2022 10:28:49 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/plugins/js_composer/assets/lib/vc_carousel/css/vc_carousel.min.css?ver=5.0.1
89.46.105.68200 OK 1.5 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/js_composer/assets/lib/vc_carousel/css/vc_carousel.min.css?ver=5.0.1
IP 89.46.105.68:0
File type ASCII text, with very long lines (10490), with no line terminators
Hash f95771bf8f1f10ec7562aea7fa891873
eacc3995abd993b70e12ab18b86ad1f14fa1d3e5
87525150a7794957cd9004ad7aa2a8f3edce67fe1a40d9509710bdacd8ccf21d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/vc_carousel/css/vc_carousel.min.css?ver=5.0.1 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 17 Feb 2017 12:06:19 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1
89.46.105.68200 OK 6.3 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1
IP 89.46.105.68:0
File type ASCII text, with very long lines (16256)
Hash ec67d1a2507328775e535e96f5f93421
7526985c430cd486876ee7740e912e598809856e
1c3f309ba628d370634b1029787145c6fce4bb059b17ef65a529afc342a0d11f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 16 Nov 2017 12:51:10 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
89.46.105.68200 OK 4.0 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
IP 89.46.105.68:0
Hash 333bcc2782409edaaaaf53c333153017
f29395c68f89e8555c3689411358ccb190687ddc
b6dd54a86eb017ea2e0150b088c302ab39ae1b35c98c95ae3c883cf23cb9459f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 10 Jan 2019 17:00:05 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/js/jquery.masonry.min.js
89.46.105.68200 OK 2.2 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/js/jquery.masonry.min.js
IP 89.46.105.68:0
File type ASCII text, with very long lines (5292)
Hash 892c2197b4c5722f8bb9da9de86ed9dd
29bc9e3f3913ab2d48bf45a94b261c0198e3d4db
cf654b32fd5513a74dbfc6cc531e905be544342e7d57a349f1fec81650fb7dee
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/blogit-wp/js/jquery.masonry.min.js HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 15 Nov 2016 10:33:36 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/js/jquery.ticker.js
89.46.105.68200 OK 4.5 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/js/jquery.ticker.js
IP 89.46.105.68:0
File type exported SGML document, ASCII text, with very long lines (464)
Hash e898f20e64567706d534b67220bdc02a
8ac150ba900c73e1adad4f2557e92d74ad044e26
1d715d1c60d050937cc4ad52ae28c13a50b56cfc7c6d31a2d3a4e52b00cf2ac7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/blogit-wp/js/jquery.ticker.js HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 15 Nov 2016 10:33:37 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/js/jquery.plugins.js
89.46.105.68200 OK 36 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/js/jquery.plugins.js
IP 89.46.105.68:0
File type ASCII text, with very long lines (21223)
Hash 29380988045693c93f86973baf338539
cf6088074240c5b0fb4e052a2a70a3ef2e8459aa
97ceede042875842a6e46332f9ebdaa0811c757f3dbb8811cd5c14ac773e7c9f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/blogit-wp/js/jquery.plugins.js HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 15 Nov 2016 10:33:38 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/js/live-search.js
89.46.105.68200 OK 3.1 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/js/live-search.js
IP 89.46.105.68:0
Hash 4c246d2a32fccfa5b791ab034c4e1ef2
1423bfa0898efecf662043a1176e01fe1e5116af
49b0ee657ff7d213df0a1008d6ac792e66dc8d3f27d3714c76d69f3774f2afe3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/blogit-wp/js/live-search.js HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 15 Nov 2016 10:33:38 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 032ea16a79a95a9f16a60674c5f3ad5c
daea213df10fabce0cd857bcd4f3e64dd1293fad
4637cdfefc8df89f6f6cc042daa30247921cbd001bd16484b18c384f1e7b9781
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:52:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
news.prolocosangiovannivaldarno.it/wp-includes/js/wp-embed.min.js?ver=5.0.18
89.46.105.68200 OK 739 B URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-includes/js/wp-embed.min.js?ver=5.0.18
IP 89.46.105.68:0
File type ASCII text, with very long lines (1391), with no line terminators
Hash 60d8829560031a011771efa2f39708af
a4689c3b70f773deb896eec78028e0902ef15097
a0176bd4cc53bd2e920b0dfd10f56d2a4a3820d671539414ef4b3e2b3e50b9b7
GET /wp-includes/js/wp-embed.min.js?ver=5.0.18 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 16 Apr 2021 00:51:04 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.0.1
89.46.105.68200 OK 5.6 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.0.1
IP 89.46.105.68:0
File type ASCII text, with very long lines (19302), with no line terminators
Hash e6026f638e8842e99f9ad0179eaeb952
7ea4d3f9ece5caafd1114f0ebd1962be8ab02361
2ea8be53931659052732fefe1d83b33d9557c6a47b58c64db65f40f91054d628
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.0.1 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 17 Feb 2017 12:04:31 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 826d5c766ce0ce8420f434a6a6bf54e8
cfa552769c70d2116d812969848563a581752396
81f8186af0c427a089da76610236d631bab359b23118ad5fb3c5ba78247cfe58
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:52:08 GMT
Etag: "63cc8541-118"
Last-Modified: Sun, 22 Jan 2023 18:52:08 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
news.prolocosangiovannivaldarno.it/wp-content/plugins/js_composer/assets/lib/vc_carousel/js/transition.min.js?ver=5.0.1
89.46.105.68200 OK 333 B URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/js_composer/assets/lib/vc_carousel/js/transition.min.js?ver=5.0.1
IP 89.46.105.68:0
File type ASCII text, with very long lines (656), with no line terminators
Hash b6e601276758da760c48a68a1c1c7098
d4b73cdd4c315b383748f0715d56d10aea537292
833db43661633b5c8d55a6d12bf8c0b19c340661375630cac4e9f5d778b0d5bb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/vc_carousel/js/transition.min.js?ver=5.0.1 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 17 Feb 2017 12:06:21 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/plugins/js_composer/assets/lib/vc_carousel/js/vc_carousel.min.js?ver=5.0.1
89.46.105.68200 OK 2.8 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/js_composer/assets/lib/vc_carousel/js/vc_carousel.min.js?ver=5.0.1
IP 89.46.105.68:0
File type ASCII text, with very long lines (9722), with no line terminators
Hash 59cc1af583613d1bf0bcc197235acf8a
407c9483ad52792b6f0b33d929e1d39dde5f3541
55d7a49ef36319beed0fb0f28b734efe7439ed56dbcf8fefa661d004080d2e52
GET /wp-content/plugins/js_composer/assets/lib/vc_carousel/js/vc_carousel.min.js?ver=5.0.1 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 17 Feb 2017 12:06:21 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.11
89.46.105.68200 OK 2.6 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.11
IP 89.46.105.68:0
File type ASCII text, with very long lines (6210), with no line terminators
Hash 2312cabe63330b59a012e535fc127472
579dd884a109172feeb8b1ffccf12c9f4c6785dd
6db313d72cb7f37b787f20ea03e46246189a520ec26d5e8f818abf127ebbc66c
GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.11 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 19 Nov 2022 10:24:19 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-includes/js/wp-emoji-release.min.js?ver=5.0.18
89.46.105.68200 OK 4.4 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-includes/js/wp-emoji-release.min.js?ver=5.0.18
IP 89.46.105.68:0
File type ASCII text, with very long lines (9063)
Hash d003dd2e571097385bde0a605679ae06
de43f1329eaffe6791b8dcf20779550722a6115c
55ac05ff21ebcd3328a22771444f5be265f19998bbf3292072bc17b93adb4bbb
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.0.18 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 16 Apr 2021 00:51:04 GMT
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 032ea16a79a95a9f16a60674c5f3ad5c
daea213df10fabce0cd857bcd4f3e64dd1293fad
4637cdfefc8df89f6f6cc042daa30247921cbd001bd16484b18c384f1e7b9781
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:52:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/css/master-min.php?ver=5.0.18
89.46.105.68200 OK 141 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/css/master-min.php?ver=5.0.18
IP 89.46.105.68:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 141 kB (141166 bytes)
Hash 24e7a24a65deda6e98f45d867c4a1265
7bb490c85d9215f497f506552061af19f9d9336b
48a21d7efd98313befcd63f7f961cf7982ac664dcd67121b520a4ab5e2b71d1a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/blogit-wp/css/master-min.php?ver=5.0.18 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-ServerName: ipvsproxy49.ad.aruba.it
Content-Encoding: gzip
news.prolocosangiovannivaldarno.it/wp-content/plugins/sitepress-multilingual-cms/res/flags/it.png
89.46.105.68200 OK 267 B URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/sitepress-multilingual-cms/res/flags/it.png
IP 89.46.105.68:0
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 9c6287bdf64843201af93ff1afbfac6c
a31d1f6a6dc624c02a6e7767bd9d5ad894c7cddb
85d05871f6315412de38a72c7164fd4917efba135ba06ed9972c502c1fd811ff
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/it.png HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/png
Content-Length: 267
Connection: keep-alive
Last-Modified: Tue, 07 Nov 2017 17:17:30 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/plugins/social-media-widget/images/default/32/instagram.png
89.46.105.68200 OK 1.8 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/social-media-widget/images/default/32/instagram.png
IP 89.46.105.68:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash a5c6fbcd9cb98158d0b0a724322e0af4
3f6cbd2b1c297c695918f60005f820c2d9f09dc2
c0a55b6bcc810d94bf80ca5be172b6df680e5a83d656da3281fa2f4fda95f1c6
GET /wp-content/plugins/social-media-widget/images/default/32/instagram.png HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/png
Content-Length: 1833
Connection: keep-alive
Last-Modified: Fri, 17 Feb 2017 11:53:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/plugins/social-media-widget/images/default/32/twitter.png
89.46.105.68200 OK 877 B URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/social-media-widget/images/default/32/twitter.png
IP 89.46.105.68:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash e41e7fc39e2b5888b3fc8e79788e27f6
c36704f196aef77534fabd1752443ab49cd82feb
0e2160fefe0b02729a87a03ef7f21fe2003b7054a7bbb5c11011c11a51a4156f
GET /wp-content/plugins/social-media-widget/images/default/32/twitter.png HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/png
Content-Length: 877
Connection: keep-alive
Last-Modified: Fri, 17 Feb 2017 11:53:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/plugins/social-media-widget/images/default/32/facebook.png
89.46.105.68200 OK 634 B URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/social-media-widget/images/default/32/facebook.png
IP 89.46.105.68:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 82378b10a9b16af6fc2e089037660e4b
3b41821a2c28b414a727e477484d6f8ab219705c
81480cebe2ddeedde1af2e2a6f9eab352094abd78c75464705be2bcbb6e91b54
GET /wp-content/plugins/social-media-widget/images/default/32/facebook.png HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/png
Content-Length: 634
Connection: keep-alive
Last-Modified: Fri, 17 Feb 2017 11:53:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
89.46.105.68200 OK 600 B URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
IP 89.46.105.68:0
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 2878f64a0217a154e531853f6a822c65
ac7a53e9f53b9de8a344c38222e217d50d559b83
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/png
Content-Length: 600
Connection: keep-alive
Last-Modified: Tue, 07 Nov 2017 17:17:23 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/uploads/2016/11/logo.png
89.46.105.68200 OK 15 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2016/11/logo.png
IP 89.46.105.68:0
File type PNG image data, 505 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash 7676cc3be8e4e9ccf8537cf3477d6ad9
e4b17fa780457322f5ed36306df2f6df56f357ba
3fa70447436504ec2b4847b2b39cef939841ca022d598e6a2e02b82921581aa9
GET /wp-content/uploads/2016/11/logo.png HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/png
Content-Length: 14687
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2016 14:22:37 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/uploads/2023/01/sgv-900x500.jpeg
89.46.105.68200 OK 98 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2023/01/sgv-900x500.jpeg
IP 89.46.105.68:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6], baseline, precision 8, 900x500, components 3\012- data
Hash 5292404c8b59b9f9c101eb10311a2898
4694348c52ded6090000f64276a4592e07e9a172
b95e868e0857fc7e1a503832c9e700c50886aa0a273750484897f1d0a7eb018a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2023/01/sgv-900x500.jpeg HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/jpeg
Content-Length: 97837
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 11:04:27 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/uploads/2023/01/WhatsApp-Image-2023-01-09-at-11.41.08-900x500.jpeg
89.46.105.68200 OK 80 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2023/01/WhatsApp-Image-2023-01-09-at-11.41.08-900x500.jpeg
IP 89.46.105.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 900x500, components 3\012- data
Hash e116d6644097d5cd20de27c0546d34a3
64a507d9508388c3fcb8e0e3c388a1a6d2a6dcee
d32b9b550797570bea8a6d158c7ffef509937424b3357c34669c83b001e3ba54
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2023/01/WhatsApp-Image-2023-01-09-at-11.41.08-900x500.jpeg HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/jpeg
Content-Length: 80142
Connection: keep-alive
Last-Modified: Mon, 09 Jan 2023 12:01:49 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/uploads/2022/10/IMG_20201014_183228--720x406.jpeg
89.46.105.68200 OK 87 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2022/10/IMG_20201014_183228--720x406.jpeg
IP 89.46.105.68:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=16], baseline, precision 8, 720x406, components 3\012- data
Hash 6df81c21ba21719925eb55cfd0a8e692
338660386c75949b50b6bb19206ae2efb7a877b9
26ee3f66c45490e5ad29f1c05922545e93da619e78356c1acbf6d2bcf96348b7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/10/IMG_20201014_183228--720x406.jpeg HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/jpeg
Content-Length: 86795
Connection: keep-alive
Last-Modified: Sat, 22 Oct 2022 07:29:00 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/uploads/2023/01/WhatsApp-Image-2023-01-09-at-11.41.08-720x406.jpeg
89.46.105.68200 OK 59 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2023/01/WhatsApp-Image-2023-01-09-at-11.41.08-720x406.jpeg
IP 89.46.105.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x406, components 3\012- data
Hash 303c8e737b7fa899ceed16f4f872d7ca
8b62317d06f37d7742f13738f80d28cd1f73eecc
49aa19d5debc04b8285e1bf504654658b2bdce32613e946a09873a4af18f65a3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2023/01/WhatsApp-Image-2023-01-09-at-11.41.08-720x406.jpeg HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/jpeg
Content-Length: 58944
Connection: keep-alive
Last-Modified: Mon, 09 Jan 2023 11:51:29 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/bottone2.png
89.46.105.68200 OK 96 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/bottone2.png
IP 89.46.105.68:0
File type PNG image data, 400 x 284, 8-bit/color RGBA, non-interlaced\012- data
Hash 43a4adbc915921d8ff3c90969306c958
7a24c8c9885c274a951960f5dd8eb6b72f630643
3e3287d4220a02d4cb66148bab454c3f4c97df3f5a23868d24f458f98e4697af
GET /wp-content/uploads/2015/01/bottone2.png HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/png
Content-Length: 96544
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2016 13:43:37 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/uploads/2023/01/sgv-720x406.jpeg
89.46.105.68200 OK 77 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2023/01/sgv-720x406.jpeg
IP 89.46.105.68:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6], baseline, precision 8, 720x406, components 3\012- data
Hash ffbaaad849dce7cbaaf95f668ec219ed
be93f3e6a82209123bcbdbd012adab60aa462ea4
5f0edb4fb3938201eff01948078d48137d1d2da77948902c67b8dab957e269a4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2023/01/sgv-720x406.jpeg HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/jpeg
Content-Length: 76649
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 10:59:34 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/bottone1.png
89.46.105.68200 OK 80 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/bottone1.png
IP 89.46.105.68:0
File type PNG image data, 400 x 284, 8-bit/color RGBA, non-interlaced\012- data
Hash 8d30a7989a47744773dd1983b9125915
dd74c7f06005f6b081cc21d6bf29066abeb7fde4
f5860ed90c7a57991813d116a56763a6187904b39dc7623893d1abad173054d4
GET /wp-content/uploads/2015/01/bottone1.png HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/png
Content-Length: 80122
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2016 13:43:30 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/uploads/2022/10/IMG_20201014_183228--900x500.jpeg
89.46.105.68200 OK 112 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2022/10/IMG_20201014_183228--900x500.jpeg
IP 89.46.105.68:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=16], baseline, precision 8, 900x500, components 3\012- data
Size 112 kB (111542 bytes)
Hash b8420271d98041c076391f552cd5c538
0e0297bb4855179da7b56aaf740c8187f4c56a92
b0943549c27ca917c43ab8c188f83dcabf4278737bf40877e6f7fc5149ed117d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/10/IMG_20201014_183228--900x500.jpeg HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/jpeg
Content-Length: 111542
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 08:59:20 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/images/bdbg1.png
89.46.105.68200 OK 18 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/images/bdbg1.png
IP 89.46.105.68:0
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash 1fa5e4576470cb3f622c41365aa87351
611f2cdb6e99259fc748069802c2ad1b9d07362b
71227d09b4572555770e369aeba9ff162fdaa4345d05755164a18552cd52479f
GET /wp-content/themes/blogit-wp/images/bdbg1.png HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/css/master-min.php?ver=5.0.18
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/png
Content-Length: 17460
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2016 10:33:16 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/1.1 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news.prolocosangiovannivaldarno.it
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 30928
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 17 Jan 2023 09:41:29 GMT
Expires: Wed, 17 Jan 2024 09:41:29 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 11 Jul 2022 18:57:39 GMT
Content-Type: font/woff2
Age: 465039
news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/bottone3.png
89.46.105.68200 OK 113 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/bottone3.png
IP 89.46.105.68:0
File type PNG image data, 400 x 284, 8-bit/color RGBA, non-interlaced\012- data
Size 113 kB (112705 bytes)
Hash 6ced7165c622148012d380c7ca198826
3727a95bf4e0c6725930e67bc1ac1d9d042edc37
fa6ad82512e3e2d64f678a8f178ada4f6217a1abbc9cebd5402c48015c48aac0
GET /wp-content/uploads/2015/01/bottone3.png HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/png
Content-Length: 112705
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2016 13:43:43 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/fonts/fontawesome-webfont.woff?v=4.2.0
89.46.105.68200 OK 66 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/fonts/fontawesome-webfont.woff?v=4.2.0
IP 89.46.105.68:0
File type Web Open Font Format, TrueType, length 65452, version 1.0\012- data
Hash d95d6f5d5ab7cfefd09651800b69bd54
7d65e0227d0d7cdc1718119cd2a7dce0638f151c
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/blogit-wp/fonts/fontawesome-webfont.woff?v=4.2.0 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/css/master-min.php?ver=5.0.18
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: font/woff
Content-Length: 65452
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2016 10:33:12 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
fonts.googleapis.com/css?family=Cantarell:400,700
142.250.74.106200 OK 846 B URL HTTP/2 fonts.googleapis.com/css?family=Cantarell:400,700
IP 142.250.74.106:0
Hash dc00557d687b3ea7062b30a03a18d33d
66061e5e4f930128c2f2cc201e413eab8da4b2ac
17382f4d0f6fc11d553f67b84769aafdadd8aaf7aee500f9d5e0a428a2572364
GET /css?family=Cantarell:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 22 Jan 2023 18:52:08 GMT
date: Sun, 22 Jan 2023 18:52:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
news.prolocosangiovannivaldarno.it/wp-content/uploads/2023/01/CALATA-Valdarno-2-720x406.jpg
89.46.105.68200 OK 57 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2023/01/CALATA-Valdarno-2-720x406.jpg
IP 89.46.105.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x406, components 3\012- data
Hash d7c7499a902dbc898174fedf7fad8505
b62332c2468896c5146ccee886e2afb012315478
f87f947171b969df011fd859779c9cdcae81611b453cbfc99dbd5ed19014cee1
GET /wp-content/uploads/2023/01/CALATA-Valdarno-2-720x406.jpg HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/jpeg
Content-Length: 56559
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 08:27:32 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/images/find-ico1.png
89.46.105.68200 OK 402 B URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/images/find-ico1.png
IP 89.46.105.68:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 01642b6d0b70c5a416f7e3c3544f51f7
da0988bd22e75e6d4ad438aefc9b90676a35e69d
a1a64933c86509dde2bd0f2baae267e8f5da9ab58cf99e87402bd7f1b0584a71
GET /wp-content/themes/blogit-wp/images/find-ico1.png HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/css/master-min.php?ver=5.0.18
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/png
Content-Length: 402
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2016 10:33:22 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
fonts.gstatic.com/s/lora/v26/0QIhMX1D_JOuMw_LIftL.woff2
216.58.207.227200 OK 39 kB URL HTTP/1.1 fonts.gstatic.com/s/lora/v26/0QIhMX1D_JOuMw_LIftL.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 39056, version 1.0\012- data
Hash ab20a3cbee44939ad33cb2d162484f23
f4df3e71cc8aebd85b6207d4ac35c76c602c2779
0a1dc89a4a29593bd35cc4811bfedd9765eeca4a9ef57323eec2cff14c9f9c5b
GET /s/lora/v26/0QIhMX1D_JOuMw_LIftL.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news.prolocosangiovannivaldarno.it
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 39056
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 20 Jan 2023 01:01:26 GMT
Expires: Sat, 20 Jan 2024 01:01:26 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 15 Aug 2022 18:05:31 GMT
Content-Type: font/woff2
Age: 237042
news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/bg.jpg
89.46.105.68200 OK 734 B URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/bg.jpg
IP 89.46.105.68:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 463x15, components 3\012- data
Hash 161a341cce2c78483db557e57cede7cd
46b31ebcc74c4b528bae1b61e98f9f26e9017836
bf5b1114a1d1c199b36a82cf8e0b19788fb185ed3ee2a5e7eb084cd07202ce6d
GET /wp-content/uploads/2015/01/bg.jpg HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/jpeg
Content-Length: 734
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2016 13:53:22 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/uploads/2021/12/Frame-02781-720x406.png
89.46.105.68200 OK 425 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2021/12/Frame-02781-720x406.png
IP 89.46.105.68:0
File type PNG image data, 720 x 406, 8-bit/color RGBA, non-interlaced\012- data
Size 425 kB (425077 bytes)
Hash fbc511e7af27c2f520e82005ad5b7aa1
73195fa2e4a5ce988458e85baf6ab91eef2ad0e1
46078beed0deb065c52bd9135622227f81a076acad945aeb18aaba30a0453b41
GET /wp-content/uploads/2021/12/Frame-02781-720x406.png HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/png
Content-Length: 425077
Connection: keep-alive
Last-Modified: Sat, 18 Dec 2021 10:04:29 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news.prolocosangiovannivaldarno.it
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 22 Jan 2023 18:35:42 GMT
Expires: Mon, 22 Jan 2024 18:35:42 GMT
Cache-Control: public, max-age=31536000
Age: 986
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2
216.58.207.227200 OK 36 kB URL HTTP/1.1 fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 35660, version 1.0\012- data
Hash 0d0d3e5824e5e67a9e993960df2b67a9
328d67bb1d5899a7809df9f4385181863fd035f1
38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
GET /s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news.prolocosangiovannivaldarno.it
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 35660
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 16 Jan 2023 18:27:25 GMT
Expires: Tue, 16 Jan 2024 18:27:25 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 15 Aug 2022 18:07:59 GMT
Content-Type: font/woff2
Age: 519883
news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/sgv.jpg
89.46.105.68200 OK 10 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/sgv.jpg
IP 89.46.105.68:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 397x162, components 3\012- data
Hash f1d1ca6d1e0e4688b2a2f96c8d2ad68b
6466f9e0a2fdf87d044fe3119110550d91eff317
a35a89878d9d287b852077749cdd9b3cad6dcf9f485fcaf96a2f4e86dfd8d952
GET /wp-content/uploads/2015/01/sgv.jpg HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/jpeg
Content-Length: 10035
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2016 16:18:33 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/images/dividerline1.png
89.46.105.68200 OK 1.0 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/images/dividerline1.png
IP 89.46.105.68:0
File type PNG image data, 1920 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash fd8bb9b1acd0fa5a380917008dbd4dd5
2d1bf10f76055441447eec5bd0dd94a12e12abff
746b8c51d82c0f2f2def2dc5ebbbc7c7a0759a5e814528f2243aca9c679e1289
GET /wp-content/themes/blogit-wp/images/dividerline1.png HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/wp-content/themes/blogit-wp/css/master-min.php?ver=5.0.18
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/png
Content-Length: 1045
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2016 10:33:19 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/bottone4.png
89.46.105.68200 OK 166 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/bottone4.png
IP 89.46.105.68:0
File type PNG image data, 400 x 284, 8-bit/color RGBA, non-interlaced\012- data
Size 166 kB (166537 bytes)
Hash 40e1c65afbd8d5c5609b32d047a40e23
2f931d70b173130d3ec75b7251fc3ad5c9ebfdcd
efe8d80ca06137037bda0b27afe5f81fc10a1279fd9c714aae1b6d80d40ead5d
GET /wp-content/uploads/2015/01/bottone4.png HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/png
Content-Length: 166537
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2016 13:43:49 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/apt.jpg
89.46.105.68200 OK 7.5 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/apt.jpg
IP 89.46.105.68:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, software=ACD Systems Digital Imaging, datetime=2005:07:28 17:46:13], baseline, precision 8, 160x104, components 3\012- data
Hash 629ce1ef2796913d88bbc5a7d81bed2e
fe6e1001dd581c131aabef7839ff4ef60209fabf
43ae2da785477dcb46ba91ee9679c82fdde7afac079e42e6dd5c79484c43bc93
GET /wp-content/uploads/2015/01/apt.jpg HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/jpeg
Content-Length: 7478
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2016 15:07:07 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/regione.jpg
89.46.105.68200 OK 7.0 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/regione.jpg
IP 89.46.105.68:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 397x162, components 3\012- data
Hash 542a264605fa492e82e83064d75864fc
9da154abd2b4970162b7b4c9ec622af78717e444
52a915da42ca5577865817e76b6c160b0cc61be63d78fa92193ddebb36ddf85a
GET /wp-content/uploads/2015/01/regione.jpg HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/jpeg
Content-Length: 6950
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2016 16:15:26 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/vie.jpg
89.46.105.68200 OK 9.6 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/vie.jpg
IP 89.46.105.68:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 397x162, components 3\012- data
Hash 809d9f83eb7e3a8494dcd2ff07271cfd
2559719981ddcb0dbfc807a6f85d63c2aa5c69b0
f4d40ddfd0b9d3111a137e2b5e01404867a5dc727b682525847f5ae28adcc89a
GET /wp-content/uploads/2015/01/vie.jpg HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/jpeg
Content-Length: 9604
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2016 16:31:09 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/apt-1.jpg
89.46.105.68200 OK 6.8 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/apt-1.jpg
IP 89.46.105.68:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 397x162, components 3\012- data
Hash c60b27a8511c1053361e1d79b078cd35
c47167cbbdd1509cb566036d1808013fed7b6af9
f0e4de7851e39f1d6c595a54882f790a56afa5f7b6a7ec0db41c3e3531316078
GET /wp-content/uploads/2015/01/apt-1.jpg HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/jpeg
Content-Length: 6776
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2016 16:27:49 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/logo-Provincia-Arezzo-1.jpg
89.46.105.68200 OK 12 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2015/01/logo-Provincia-Arezzo-1.jpg
IP 89.46.105.68:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 397x162, components 3\012- data
Hash 9ecc6eb538dd556fbef8630d072c9513
884172a27bcbc4a21b60e606a024bb7390281bbb
3e576f474f463df69fffae5153d054247060138867e5ee21d6380afa1d3b8447
GET /wp-content/uploads/2015/01/logo-Provincia-Arezzo-1.jpg HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/jpeg
Content-Length: 12002
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2016 15:50:34 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/uploads/2017/01/favicon.jpg
89.46.105.68200 OK 550 B URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2017/01/favicon.jpg
IP 89.46.105.68:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 16x16, components 3\012- data
Hash 9f225f684215c6b4f4430febdb7ba1ab
7648d054a7683e035eecf016c2bde1b41608377a
daf39a5617a79e1359234d9dd68f307fde0e84cb88aded5fc116c18f94c94d3d
GET /wp-content/uploads/2017/01/favicon.jpg HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/jpeg
Content-Length: 550
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2017 10:55:23 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
news.prolocosangiovannivaldarno.it/wp-content/uploads/2017/01/ipad.jpg
89.46.105.68200 OK 3.1 kB URL HTTP/1.1 news.prolocosangiovannivaldarno.it/wp-content/uploads/2017/01/ipad.jpg
IP 89.46.105.68:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 694420a0ddb6d41243cddad70a4a5a7b
56b8ac02f00de3e6b83c80e0ecf3264ebf460fba
dfe80366a6277167c607235de63a56d8de05bc6d2927087d9c17b0ab38d1cfb5
GET /wp-content/uploads/2017/01/ipad.jpg HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:08 GMT
Content-Type: image/jpeg
Content-Length: 3051
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2017 10:53:29 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy49.ad.aruba.it
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash c0f67edfa92ff11474d17ad3160ed43e
a43cc627d3c9258bdbe14ff3ceeed1c98496ff50
309dea4b94ceda4ec43c2f944cdfad61434c96eaafd172bc55c39545f3bf5a1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:52:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c114f3be1c64caf537bbc5732161627c
e11d3fa9ed68273974a0d0ac438688a68521e373
8be011e5b2e38066e906b6d0860fad14ad2fa751a055d87421d64fcd7c8bd2b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6253
Cache-Control: max-age=154048
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:52:08 GMT
Etag: "63cd242b-1d7"
Expires: Tue, 24 Jan 2023 13:39:36 GMT
Last-Modified: Sun, 22 Jan 2023 11:55:23 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 22 Jan 2023 18:41:07 GMT
expires: Sun, 22 Jan 2023 20:41:07 GMT
cache-control: public, max-age=7200
age: 661
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash b6a7b076a30a5406b12344e01ba2d7ea
17e8497f4041b0c7e6fe4a13cfc5fe634c622fc5
5c82bf44b7ea0d2399d52df26b0ebc574cea4c4ff5d34423d07a1fc20e2e3587
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:52:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.mailmunch.co/app/v1/styles.css
143.204.55.29200 OK 2.3 kB URL HTTP/1.1 a.mailmunch.co/app/v1/styles.css
IP 143.204.55.29:0
File type ASCII text, with very long lines (21666), with no line terminators
Hash 2ee8dc28a21e802efe800cce4bf98bca
e3b4083dc5c3ef14ef578bc567ca63cadcc5eb77
2de8f2d773396983d4426fb59c20b4c81f229e211d3cfdd1246b5d1a91e71124
GET /app/v1/styles.css HTTP/1.1
Host: a.mailmunch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 2274
Connection: keep-alive
Date: Sat, 21 Jan 2023 19:03:14 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, POST, PUT, DELETE
Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 3000
Last-Modified: Fri, 20 Jan 2023 23:33:45 GMT
ETag: "2ee8dc28a21e802efe800cce4bf98bca"
Cache-Control: max-age=172800
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1D52vp6oOcMigWm4WenUAyxsWVVwqZVnv5NACKHe2E-pUyGF5gu_Zg==
Age: 85736
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/fmaxgpEbJcL.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/fmaxgpEbJcL.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4431)
Hash c7e672babf32e3bf723f6c8c5876720f
b42e705b5615da737b3eaa8c7b0fc2194c805175
3d90a671cc3f05e943faa106f79cfa2d034d6a11e7cb1e86486a7587abd1fbd3
GET /rsrc.php/v3/yC/l/0,cross/fmaxgpEbJcL.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 21 Jan 2024 17:31:24 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: x+Zyur8y479yP2yMWHZyDw==
x-fb-debug: FwGsLNObYM/ewIuHsjGjr6XCNnCgmjvAe9DA5u1re9RTMwD3WJSbttguX49/+r1SZWHjaIDslbJMiuhlGnj0+w==
content-length: 5098
x-fb-trip-id: 1904183273
date: Sun, 22 Jan 2023 18:52:09 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iLl54/yI/l/en_US/cDcOw13Y5VI.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.5 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLl54/yI/l/en_US/cDcOw13Y5VI.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (2905)
Hash 617835339086c700332bf0f645f6b4ce
db3872418f68874647f963f044661a292653d6b4
0149022198676c9cdd99ce6a2966be38c8e2125e44925f7bcd8181dc7a6d6cdd
GET /rsrc.php/v3iLl54/yI/l/en_US/cDcOw13Y5VI.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 11 Jan 2024 16:29:42 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: YXg1M5CGxwAzK/D2Rfa0zg==
x-fb-debug: AaZ18QDFbAUhTinTQsTK0gy6am4bazxMlUJ50OgUPWBzyBtCxmlsybABnrJJ1hTri9VqLSJY9HArSgMTsFQx8w==
priority: u=3,i
content-length: 5459
x-fb-trip-id: 1904183273
date: Sun, 22 Jan 2023 18:52:09 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 293 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (327)
Hash 2f913d812811ef7e6fca30334c5972e2
d17caaa167443dc08696c672380f237e0db3fb02
ee8918a2f5d163099104b70f79065abc8fd309e69add57170546f2706956eef8
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 19 Jan 2024 15:06:03 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: L5E9gSgR735vyjAzTFly4g==
x-fb-debug: B/Q6nzz2xy6vvuaerFLdaRo1ZwjavaPpXe2M/DXy1zll0kC5ya/y/zyAZjkxxl/64gM2neE6AmG50Ur0fsgwIg==
priority: u=3,i
content-length: 293
x-fb-trip-id: 1904183273
date: Sun, 22 Jan 2023 18:52:09 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yN/r/elvGmxOyMJZ.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yN/r/elvGmxOyMJZ.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (3744)
Hash 1d528b587346b24d7e36f3881c2d6a77
9e92e6b415c50f4882ba7e0dd65ff6ee31091bb6
89c5f78d73cde32bff1a97a0e9ff383400e282d0d3473d267132a5000abd28c3
GET /rsrc.php/v3/yN/r/elvGmxOyMJZ.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 11 Jan 2024 16:28:03 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: HVKLWHNGsk1+NvOIHC1qdw==
x-fb-debug: JkYANgf6gtTPOpXLfWvHrVuqHrAo9h1+7F4Ryj0+ZUuacEoAMLL23v8khOPcKk5wU0jfoR9hJe3DTUEjj3x++Q==
priority: u=3,i
content-length: 1728
x-fb-trip-id: 1904183273
date: Sun, 22 Jan 2023 18:52:09 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y2/r/hWOdyLOhufr.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y2/r/hWOdyLOhufr.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4057)
Hash 4542c58795523351cacfecdb315eba00
e44e00242137798121e12b6cb4353fac2e127af3
ecb041648adda0cdbf6d2b01eed61e1cc22a1f3d33026ee58c3b89b4ca2e40e1
GET /rsrc.php/v3/y2/r/hWOdyLOhufr.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 19 Jan 2024 01:28:44 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: RULFh5VSM1HKz+zbMV66AA==
x-fb-debug: i0ncaHtDBjmM9uo/ZFAq/gKHMlBmSClQknKF9ETAx7wiou3lK4R6AoCLD1bGxlirpvRWQGz68Gu8mabk9kQXlQ==
priority: u=3,i
content-length: 7168
x-fb-trip-id: 1904183273
date: Sun, 22 Jan 2023 18:52:09 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEui4/yX/l/en_US/GrOIp5ovRFx.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 19 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEui4/yX/l/en_US/GrOIp5ovRFx.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (10595)
Hash 6959cded8f798242c875ad212e6c8672
4b357123a3864b8fee254ab0ba410719310ce20e
67d20d2084ea7c2a1d8c2799107f0d4eeaa6d892cfad7911fa7253d3f0d2cbaa
GET /rsrc.php/v3iEui4/yX/l/en_US/GrOIp5ovRFx.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 21 Jan 2024 19:09:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: aVnN7Y95gkLIda0hLmyGcg==
x-fb-debug: bGLX50vHJeyIXPii88CyGuMXzi/K+qtmgpEHT5eG/dwFJbLcxn5pC7gnt3skEn1vAyNMIAQXu5AyjSGUFpMVHg==
priority: u=3,i
content-length: 19419
x-fb-trip-id: 1904183273
date: Sun, 22 Jan 2023 18:52:09 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12551
Expires: Sun, 22 Jan 2023 22:21:20 GMT
Date: Sun, 22 Jan 2023 18:52:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12551
Expires: Sun, 22 Jan 2023 22:21:20 GMT
Date: Sun, 22 Jan 2023 18:52:09 GMT
Connection: keep-alive
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yN/l/en_US/jF56mpSoBYl.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 24 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/yN/l/en_US/jF56mpSoBYl.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (42114)
Hash f8ca3ab8395af8fbd25391b445bb6670
12da1e04b1e26a8c7710ac93a66ab4fbbbc5026d
2f11cd57e135482fab0eb7606f056110bfd99d3a5afb47732cc4bab681fb54ed
GET /rsrc.php/v3iEpO4/yN/l/en_US/jF56mpSoBYl.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 11 Jan 2024 17:49:16 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: +Mo6uDla+PvSU5G0RbtmcA==
x-fb-debug: bGQXl8iNte29+a+CoHLP6rYMCp4jXpAhxaCF9+gacXNruqdtAxtEEC1JIsQwFtr8H24rd/6DiEMqIgu17T+e1w==
content-length: 23510
x-fb-trip-id: 1904183273
date: Sun, 22 Jan 2023 18:52:09 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/s0faeuC9AwY.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 56 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yJ/r/s0faeuC9AwY.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (48918)
Hash 6746d6e5c25010a2b475171f5e15e5c8
0f72cd46e54d5a213685575abb62e425f6940801
63db6f9aee139ecfdd9b8b4ce31f5c9a3df8e176bafcf686dd321c6a858a7e44
GET /rsrc.php/v3/yJ/r/s0faeuC9AwY.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 18 Jan 2024 21:34:16 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Z0bW5cJQEKK0dRcfXhXlyA==
x-fb-debug: qFmBbVF5sin8OxXQrsp3+LVBhavcO1vk2VcMIz9HgReFH6xgd33mYLRiJXw79jdtD8Tv8AN+Eas3ettPlRjYbw==
priority: u=3,i
content-length: 56377
x-fb-trip-id: 1904183273
date: Sun, 22 Jan 2023 18:52:09 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y1/r/rME_Upq6Uau.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y1/r/rME_Upq6Uau.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (1984)
Hash 05e6db0296ef65b13b4294202d5e15fc
ea8242349655d0204c21e2c294ac64f9a1810615
c125f6696711bdc3ef0210f38d7a959a3702b2f570bf7e354a7a7f062162e26e
GET /rsrc.php/v3/y1/r/rME_Upq6Uau.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 21 Jan 2024 17:28:22 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: BebbApbvZbE7QpQgLV4V/A==
x-fb-debug: aOIX3W808UxMocRHc9rPSfzdeVCE7hbwj67v3j1DczDo1aSQLNA5Q8xO3Uwe3SRHi8X6b/kbpcUFQakz9KReKA==
content-length: 1707
x-fb-trip-id: 1904183273
date: Sun, 22 Jan 2023 18:52:09 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RlbJymJhU6Ti5RZCSIvPzloackAiBEBGapKI440u4ZIfB5FYBNugLw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 03:24:49 GMT
age: 55640
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5542)
Hash 1ad15afc034f310427c81b0759603a2b
e5efd1d029dccf5fa8128c84aadb6544a4ab60e0
fedf63f655f9eef24c517c3d6762fb07b142213ba623d4a0b06614fb5d9754bd
GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 19 Jan 2024 02:24:38 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: GtFa/ANPMQQnyBsHWWA6Kw==
x-fb-debug: pEykkd6AbeTapXx3dASeaboWWH5vF0eQ0XvPVGVfjL/a/hVxBnZ+h9PxXxydc1M8rRAaJrkuaHkhciGbnA9WYA==
priority: u=3,i
content-length: 12334
x-fb-trip-id: 1904183273
date: Sun, 22 Jan 2023 18:52:09 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e71636bb9a13ad7d52d253e16cd6a3f
401dd58e34982d3434739b9a2f7182487ea1cac5
1ac336df72b6eb569983e197f094378a26a175113249bedca0610cabd57e2e54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8057
x-amzn-requestid: 5469b005-6740-4f3d-80ca-a45fd39cae68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkCFiZoAMF8oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c80-210da08f113a3273257b7d61;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: j3SoP46ER0JjOaLh363bQ9QW4ZIW19_rbgeQ7Ey8W-zgyGMMLSLccA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:17 GMT
etag: "401dd58e34982d3434739b9a2f7182487ea1cac5"
content-type: image/jpeg
age: 75832
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yV/r/MO_x3KteSt1.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 85 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yV/r/MO_x3KteSt1.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (18622)
Hash 12853a823a87678a311be2b1f8cb28ce
23863929c199821ef89f8f4a6549361b1d0ff937
ad0a3a290830bb9cb3bad40aefa4ca11afb1cce230841ace3cfdcb7a61a63b6f
GET /rsrc.php/v3/yV/r/MO_x3KteSt1.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 20 Jan 2024 15:02:06 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: EoU6gjqHZ4oxG+Kx+Msozg==
x-fb-debug: IFQRvyaWX+5q4TAF7CkCeTVH6Q60KXX5hRNmPCTw9N/7Tq29HoSJW+Fxs1pRzOGtSJo3YNbiW2ncSFx2CmesvQ==
priority: u=2
content-length: 85105
x-fb-trip-id: 1904183273
date: Sun, 22 Jan 2023 18:52:09 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f86ec004a2042b4030cd2cce2bf1e1d
e3c00dcc55f095f03a6f4505960ac1cee0b3877c
64b5084d4145d5931af05c335d21e31e75db30b1f9e8a2efd92fc4cd0aa7ac07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8221
x-amzn-requestid: 02db02af-4f05-450d-9370-0e7a9dda6948
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHOEWGUMoAMF2QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5d4e-050e7cdf21878aa159f36d0b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:46:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VtzsQ7NI9ODiQfxm_EaSDsizPQhDOSH3O23UEaHg1KI9bg8imLdOnw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:16 GMT
age: 75833
etag: "e3c00dcc55f095f03a6f4505960ac1cee0b3877c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12551
Expires: Sun, 22 Jan 2023 22:21:20 GMT
Date: Sun, 22 Jan 2023 18:52:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e5cb3e8d03fffcd307c5ebaef08167
1a813821d15afd416b82c3343a7920a0ffc909cb
84a81b6f63faa3f17a20222b8fa389761a0fb0512a1549b4848849c0425539c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7656
x-amzn-requestid: 6e1ebd9d-6ef0-48d0-a891-51bbf914ed42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNlYHaUoAMFr-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c88-479e8fb72b0b248d020d9e77;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DaWs0RT0IupgLoLeQZYbdYdvYFd02bXrdQBFYpqLxwmKf1bKhh_wgQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:06 GMT
etag: "1a813821d15afd416b82c3343a7920a0ffc909cb"
content-type: image/jpeg
age: 75843
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54bb2c2439cbf0cefc3075f25576f161
e4e506d7acc877b266c18ae6da3b948e0d41bb1e
8cfef01c8eea67086fdea9865d760f9ed1ecc15dc42f3b2c94fc85d609a31aa2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9334
x-amzn-requestid: 23f9071b-5274-4c6a-9a4a-d63ea74c7483
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNWQETCoAMFdjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c27-393e62854ba77f783f142985;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BWc9_KsIp1FH10PJZFoIteQrb0Q8cfqRN8RiynsqbHyFUHhDCxwqIw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:06 GMT
age: 75843
etag: "e4e506d7acc877b266c18ae6da3b948e0d41bb1e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
weatherfor.us/widget?skin=mini&location=san%20giovanni%20valdarno%2C%20italy&bg_color=%23FAFAFA&txt_color=%23000000&unit=metric&ref=http%3A%2F%2Fnews.prolocosangiovannivaldarno.it%2F
172.67.149.103200 OK 4.5 kB URL HTTP/1.1 weatherfor.us/widget?skin=mini&location=san%20giovanni%20valdarno%2C%20italy&bg_color=%23FAFAFA&txt_color=%23000000&unit=metric&ref=http%3A%2F%2Fnews.prolocosangiovannivaldarno.it%2F
IP 172.67.149.103:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1659)
Hash c0bd20ce62b37e38b727a8eed9c489a3
ad96716eee69846320119155c81d1ff483a85043
a88eb7850604adacc5ca38a7781ef0c43f3d56bc4f11ac1c4e76402b6d7adcf3
GET /widget?skin=mini&location=san%20giovanni%20valdarno%2C%20italy&bg_color=%23FAFAFA&txt_color=%23000000&unit=metric&ref=http%3A%2F%2Fnews.prolocosangiovannivaldarno.it%2F HTTP/1.1
Host: weatherfor.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:52:09 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://premium.weatherfor.us
Vary: Origin
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdb7fbVS9dG9hxRPrZv7F2BCTIAJHXrHAhTRc2v3vrzT0BqvO%2FRuasq56UxWzOV5m9cGfUn0Nf%2B9HvCf6zpqv81KDrSzNi64A2P1cgQynxzfH6fdGvKhIt1BP2EMLzKw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da7c2c0bf4b4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
weatherfor.us/static/style/weather-icons/weather-icons.css
172.67.149.103200 OK 3.8 kB URL HTTP/1.1 weatherfor.us/static/style/weather-icons/weather-icons.css
IP 172.67.149.103:0
File type ASCII text, with very long lines (25011)
Hash 611c17862f464dbb16b35aef70d446a0
e7a2308cf4239617fe7079ccfeed82219fb5fb0a
959c840e64460410dd3bcb0dc1b7fb7e56d849bea44a34735d75f766e0262e5a
GET /static/style/weather-icons/weather-icons.css HTTP/1.1
Host: weatherfor.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://weatherfor.us/widget?skin=mini&location=san%20giovanni%20valdarno%2C%20italy&bg_color=%23FAFAFA&txt_color=%23000000&unit=metric&ref=http%3A%2F%2Fnews.prolocosangiovannivaldarno.it%2F
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:52:09 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://premium.weatherfor.us
Cache-Control: public, max-age=86400
Cf-Bgj: minify
Cf-Polished: origSize=30728
ETag: W/"7808-1823874fbd8"
Last-Modified: Tue, 26 Jul 2022 03:02:47 GMT
Vary: Origin, Accept-Encoding
X-Powered-By: Express
CF-Cache-Status: HIT
Age: 30923
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xo6TQts2h57Fes%2Fj0DKbBSNeYrBs52AqWGAuAhNiDLKmMGW5gK0QP5MrMCJpbYddzQsUFIcSOUENSTZsDpr%2B%2BpvHBN0vy23csaSRd1rg5aU0cbqvrkLVuuNZ4iQlwEsb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da7c2e7f4db4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
forms.mailmunch.co/sites/321883
54.157.58.70200 OK 130 B URL HTTP/1.1 forms.mailmunch.co/sites/321883
IP 54.157.58.70:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f37c7cc0e7d4a162b77faba3fbe716d3
226563b2c42bb182014fb4b1c77b46f2ec0d4692
d7e1453f7d8d0cffc2a465a72f2c392f0a04e05cbea73e7d72382d9fd6491fdf
GET /sites/321883 HTTP/1.1
Host: forms.mailmunch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://news.prolocosangiovannivaldarno.it
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-MM-Form-Tool, X-MM-Coupons
Access-Control-Expose-Headers: X-MM-Comp-Tracking, X-MM-EU-Continent, X-MM-T
Content-Type: application/json; charset=utf-8
Content-Length: 130
Etag: W/"82-ImVjssQrsYIBT7Sxx3tG8uwNRpI"
Vary: Accept-Encoding
Date: Sun, 22 Jan 2023 18:52:09 GMT
Via: 1.1 vegur
weatherfor.us/static/js/jquery.js
172.67.149.103200 OK 37 kB URL HTTP/1.1 weatherfor.us/static/js/jquery.js
IP 172.67.149.103:0
File type ASCII text, with very long lines (41056)
Hash 76b7270230bcb7b33d7c669d7b22a0aa
5be700a8da98e4c1bb4b996fe32f91c0b9030dde
2b2ccc3cf09f9a5ccda7c690ac147a1ea7b50d66d345aef2c351bbb01e58129f
GET /static/js/jquery.js HTTP/1.1
Host: weatherfor.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://weatherfor.us/widget?skin=mini&location=san%20giovanni%20valdarno%2C%20italy&bg_color=%23FAFAFA&txt_color=%23000000&unit=metric&ref=http%3A%2F%2Fnews.prolocosangiovannivaldarno.it%2F
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:52:09 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://premium.weatherfor.us
Cache-Control: public, max-age=86400
Cf-Bgj: minify
Cf-Polished: origSize=104881
ETag: W/"199b1-1823874ec38"
Last-Modified: Tue, 26 Jul 2022 03:02:43 GMT
Vary: Origin, Accept-Encoding
X-Powered-By: Express
CF-Cache-Status: HIT
Age: 30922
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjptIYOtaUv1LlMR17%2BnfKUE497nYgucz9LY8VGoj01e9X3ZPEX%2FuxYYQfKI2XEdnT3y79GpxxHQF13%2BSOqAj8ne4Owk%2F7QmOLaZ7i9jfs7OHVhEE1ewMIFynLBI5Vz6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da7c2e8f6cb4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
weatherfor.us/static/style/weather-icons/weather-icons-wind.css
172.67.149.103200 OK 11 kB URL HTTP/1.1 weatherfor.us/static/style/weather-icons/weather-icons-wind.css
IP 172.67.149.103:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3f8ea788e9053ee8037da0be10e01cd5
a8ed0e2c43fada7072ed388df99e7a462aff6c51
2621100003b0e552110204b190d127e83f7a221bd075c7e11547bcf8bef69dff
GET /static/style/weather-icons/weather-icons-wind.css HTTP/1.1
Host: weatherfor.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://weatherfor.us/widget?skin=mini&location=san%20giovanni%20valdarno%2C%20italy&bg_color=%23FAFAFA&txt_color=%23000000&unit=metric&ref=http%3A%2F%2Fnews.prolocosangiovannivaldarno.it%2F
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:52:09 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://premium.weatherfor.us
Cache-Control: public, max-age=86400
Cf-Bgj: minify
Cf-Polished: origSize=145200
ETag: W/"23730-1823874fbd8"
Last-Modified: Tue, 26 Jul 2022 03:02:47 GMT
Vary: Origin, Accept-Encoding
X-Powered-By: Express
CF-Cache-Status: HIT
Age: 30922
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKI64qmMenT%2BIN6kNhvH7cKwb0%2FtqmRyNWAYwTQ8a5teQAuwLMBS5vB2JTXd60Ia4pNtOTC36pwoINGwwP9ns%2FhgSc%2B6USavX9x66l0q7fkVEdC6PSfdFn8vHH%2ByGBw1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da7c2e7cf8b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css?family=Arvo
142.250.74.106200 OK 260 B URL HTTP/1.1 fonts.googleapis.com/css?family=Arvo
IP 142.250.74.106:0
Hash 72c7536ac725f24aeceae59299b0aecd
42f8ab9ad0aea92d229b96f0baba856837989e4d
92fec8528aa768d64debaad00ca72bdae487981bdb2b4a3c54c948f97aa0a66a
GET /css?family=Arvo HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://weatherfor.us/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 22 Jan 2023 18:52:09 GMT
Date: Sun, 22 Jan 2023 18:52:09 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
weatherfor.us/static/style/reset.css
172.67.149.103200 OK 437 B URL HTTP/1.1 weatherfor.us/static/style/reset.css
IP 172.67.149.103:0
File type ASCII text, with very long lines (773), with no line terminators
Hash 5bcd6972d9d527b258da74330a836f31
268a327846e2e0b8d110d5b83354da22325d9699
ea060493ab5804231dfc39a9b7df66db644c47a79b6d4081bed18aee55367743
GET /static/style/reset.css HTTP/1.1
Host: weatherfor.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://weatherfor.us/widget?skin=mini&location=san%20giovanni%20valdarno%2C%20italy&bg_color=%23FAFAFA&txt_color=%23000000&unit=metric&ref=http%3A%2F%2Fnews.prolocosangiovannivaldarno.it%2F
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:52:09 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://premium.weatherfor.us
Cache-Control: public, max-age=86400
Cf-Bgj: minify
Cf-Polished: origSize=1106
ETag: W/"452-1823874ec38"
Last-Modified: Tue, 26 Jul 2022 03:02:43 GMT
Vary: Origin, Accept-Encoding
X-Powered-By: Express
CF-Cache-Status: HIT
Age: 30922
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIBQSWrOPqwOOSW9RVmyRNoT1ZVQyDWzYLLXqItV%2FfRJff%2B12XwARs%2FulKQoK8zB2grEqZTkbfqnjTwgEAU3IWyyreLNAq3mhufkRfdDXRhlhJZ2GjeD7brEx6gVDT75"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da7c2e8ac7b515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
weatherfor.us/static/js/datacommons.js
172.67.149.103200 OK 1.8 kB URL HTTP/1.1 weatherfor.us/static/js/datacommons.js
IP 172.67.149.103:0
File type ASCII text, with very long lines (4407), with no line terminators
Hash 85667e5ff6c0b2d1ed8faeacb1c915e2
143a8afdca35e3d596c42405d039822f2f0bfb71
6b5c105c0e8914de199a4a18ae9a5ef6dfef4fce957177da7b765fa802bceb1d
GET /static/js/datacommons.js HTTP/1.1
Host: weatherfor.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://weatherfor.us/widget?skin=mini&location=san%20giovanni%20valdarno%2C%20italy&bg_color=%23FAFAFA&txt_color=%23000000&unit=metric&ref=http%3A%2F%2Fnews.prolocosangiovannivaldarno.it%2F
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:52:09 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://premium.weatherfor.us
Cache-Control: public, max-age=86400
Cf-Bgj: minify
ETag: W/"1137-1827f16d8e0"
Last-Modified: Mon, 08 Aug 2022 20:13:00 GMT
Vary: Origin, Accept-Encoding
X-Powered-By: Express
CF-Cache-Status: HIT
Age: 30922
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0hyFLaFRV8%2FlwgNKnSetBb%2F%2B11yzCR7YOs%2BzL2uMP%2F8lhRTdDR5ddeeIjI40%2B4hN%2Ftq0JpfmFsMTdCdEe771xKqLmk3rhlC9XrQJcHM8SL%2FWxEPHZbYoln151LaQhA%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da7c2e9a331c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdnjs.cloudflare.com/ajax/libs/onecolor/3.0.4/one-color.js
104.17.24.14200 OK 2.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/onecolor/3.0.4/one-color.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (4334)
Hash c8331d9e058e3a05e6f73098b029650f
b2c3a968dad5c5203ac1db5d2e29214154f3bea1
73995c5891eaa059871202890c503715964f2669f3e3421b92d34d1eded8b547
GET /ajax/libs/onecolor/3.0.4/one-color.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://weatherfor.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 18:52:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 2235
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f2e-1a21"
last-modified: Mon, 04 May 2020 16:13:34 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2756
expires: Fri, 12 Jan 2024 18:52:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G88MapWcVRhm5MVhqElvdXXYGkCqyox1dbLNkjMPAuju6vpZ%2Faxkb2FoNVnTQi1p7J8go7bJDCsCE6OtusEBULIeeY7iwR5nTxY6bjppIfA8jMF1fceVkp%2B4X6yYKcRQdSgWnepz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78da7c2eaa0a1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
weatherfor.us/static/js/sherlock.min.js
172.67.149.103200 OK 40 kB URL HTTP/1.1 weatherfor.us/static/js/sherlock.min.js
IP 172.67.149.103:0
File type ASCII text, with very long lines (54754)
Hash 5ceef2113c7b9b4677bda540f4ef2382
f247ccfff65616a7a22031e2eed3428bad48329d
a7c37e9ff27784959a7b22aff9f394496bcbdf5d0deb450b49d6d86f11522558
GET /static/js/sherlock.min.js HTTP/1.1
Host: weatherfor.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://weatherfor.us/widget?skin=mini&location=san%20giovanni%20valdarno%2C%20italy&bg_color=%23FAFAFA&txt_color=%23000000&unit=metric&ref=http%3A%2F%2Fnews.prolocosangiovannivaldarno.it%2F
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:52:09 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://premium.weatherfor.us
Vary: Origin, Accept-Encoding
Cache-Control: public, max-age=86400
Last-Modified: Sat, 20 Aug 2022 18:51:29 GMT
ETag: W/"1d74e-182bc988768"
CF-Cache-Status: HIT
Age: 30923
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZOlSgyOl7bArfo1tix01e8m5vwFTXTzRzlOzA4Etegz0glFY4FeC65zezF9KnWhuWprXo0LsV93ZJBJCQ4HnfdnGhOGoaVc9QYjXju%2F6CisogU23HAWOym2QQGYjLBm"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da7c2e9eb1b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
weatherfor.us/static/js/minion/minion.page.js?_=251002
172.67.149.103200 OK 967 B URL HTTP/1.1 weatherfor.us/static/js/minion/minion.page.js?_=251002
IP 172.67.149.103:0
File type ASCII text, with very long lines (2260), with no line terminators
Hash fee3287e5255fe23bda79f70b2486a86
bca383ac65413f5e96353182cdfb7a51aade660b
f23e7f84b7e53865db835482d32f5b43d9f0a55ed7cdf223a952eb45e795d2be
GET /static/js/minion/minion.page.js?_=251002 HTTP/1.1
Host: weatherfor.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://weatherfor.us/widget?skin=mini&location=san%20giovanni%20valdarno%2C%20italy&bg_color=%23FAFAFA&txt_color=%23000000&unit=metric&ref=http%3A%2F%2Fnews.prolocosangiovannivaldarno.it%2F
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:52:09 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://premium.weatherfor.us
Cache-Control: public, max-age=86400
Cf-Bgj: minify
ETag: W/"8d4-1827f16d8e0"
Last-Modified: Mon, 08 Aug 2022 20:13:00 GMT
Vary: Origin, Accept-Encoding
X-Powered-By: Express
CF-Cache-Status: HIT
Age: 30922
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzikePO9kOHOuZm3HIIe046BcTdXXKYy1hKq7A%2BIsqNqS7F8W0DF721c7Y67z86evEQl8QqJunPAxL6Vw7QKVodhe2Mth9qRyl3p2Uk0c%2BXRkOJHaZgldBbT9dyv2tNE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da7c2e9cf3b527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
weatherfor.us/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674403200
172.67.149.103200 OK 17 kB URL HTTP/1.1 weatherfor.us/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674403200
IP 172.67.149.103:0
Hash 20c169a42d5dfa0a0c1e7978383b9125
f1e7680847197f714668314539d9ce2456771f6d
3c7a6c515f50a7e6f1259d5274d5152634fd338cb5369c55cd3b8e9c8fc1a2a3
GET /cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674403200 HTTP/1.1
Host: weatherfor.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:52:09 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=14400, public
x-control-type-options: nosniff
content-encoding: gzip
vary: accept-encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scf970I%2BYHJLOmCsfjhagVnh4Dpp6hL3oUyi3dXs6iB3pOjjNy3Yoxfz9lFhZ0DBkMJVSFPthICU4ZC9E4YcTQUZivw3m475JB%2Bj6zJGn82%2FsdDYVDMoeuHDaf%2FArxtT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da7c30380cb505-OSL
alt-svc: h2=":443"; ma=60
cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
130.211.5.208200 OK 17 kB URL HTTP/1.1 cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
IP 130.211.5.208:0
File type ASCII text, with very long lines (755)
Hash caa762087e9d75cecc34b5d6626cb7b9
fcc68d485c2f42e0f880260c3e104cedf50d0d11
dc0ec55efae4c1f0ff095cf05133cc835e1cc4ff7906d3b7a2d0d86789bfe145
GET /libs/mixpanel-2-latest.min.js HTTP/1.1
Host: cdn.mxpnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://weatherfor.us/
HTTP/1.1 200 OK
X-GUploader-UploadID: ADPycdttrgVGEXyqGKDJSc2TyzPnRON96jvF81w9b2Hq1ppuoq9d1e7zviDWvMpZ46EflHfUvTDbXcntAkEVyiJMP8ji4UsFr3Ix
x-goog-generation: 1645129310876382
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 17435
Content-Encoding: gzip
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-storage-class: MULTI_REGIONAL
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 17435
Access-Control-Allow-Origin: *
Server: UploadServer
Date: Sun, 22 Jan 2023 18:43:39 GMT
Expires: Sun, 22 Jan 2023 18:53:39 GMT
Cache-Control: public,max-age=600
Age: 510
Last-Modified: Thu, 17 Feb 2022 20:21:50 GMT
ETag: "caa762087e9d75cecc34b5d6626cb7b9"
Content-Type: text/javascript
weatherfor.us/sentry
172.67.149.103200 OK 2 B IP 172.67.149.103:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /sentry HTTP/1.1
Host: weatherfor.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://weatherfor.us/
Content-Type: text/plain;charset=UTF-8
Origin: http://weatherfor.us
Content-Length: 493
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:52:09 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://premium.weatherfor.us
Vary: Origin
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gW%2FgOcP67L3EkqreLETO2vCZbONU8jIoOoVYVq5FK09hf96oj%2BfGEgaWerAM6LIrHLvO6rKqs6wgqloSbtCaZm4hNBywGkto1TsGsAQGd8kfBhvxCEH639UK0bk%2FR%2FmI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da7c2f8833b500-OSL
alt-svc: h2=":443"; ma=60
weatherfor.us/api
172.67.149.103200 OK 509 B IP 172.67.149.103:0
File type JSON data\012- , ASCII text, with very long lines (2587), with no line terminators
Hash 80014de083bbc8c4e5cc5863ba1ea015
84ad37282ba18e53d4fb74101a740ccb2adcc3c1
05d750d49965054412c5e213bba73704c0a8d287f12ae95679f8cd0d87350222
POST /api HTTP/1.1
Host: weatherfor.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 151
Origin: http://weatherfor.us
Connection: keep-alive
Referer: http://weatherfor.us/widget?skin=mini&location=san%20giovanni%20valdarno%2C%20italy&bg_color=%23FAFAFA&txt_color=%23000000&unit=metric&ref=http%3A%2F%2Fnews.prolocosangiovannivaldarno.it%2F
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:52:10 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://premium.weatherfor.us
Vary: Origin
ETag: W/"a1b-qFj7zkjPBwVEMGWvWJ2Svynam/o"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CysM63nPcA0CEMHzblXSRXxyTptQ%2F%2FhzbgLqGF5fdjVg9gg0XBGulQfxTS5oxlWsi7X0sETJ5%2BoriYnyt5Z5Ohq3W%2B2nrOn03VMBV4Rj%2BYxGSffEma%2FTjI5jyZr9l%2FOH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da7c31ca98b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
news.prolocosangiovannivaldarno.it/?wordfence_lh=1&hid=11FDB28A1D6A65A174F97BE5DBDC0CC9&r=0.5509162093778421
89.46.105.68200 OK 0 B URL HTTP/1.1 news.prolocosangiovannivaldarno.it/?wordfence_lh=1&hid=11FDB28A1D6A65A174F97BE5DBDC0CC9&r=0.5509162093778421
IP 89.46.105.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?wordfence_lh=1&hid=11FDB28A1D6A65A174F97BE5DBDC0CC9&r=0.5509162093778421 HTTP/1.1
Host: news.prolocosangiovannivaldarno.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Cookie: PHPSESSID=b9h805cnnjlrrnijvtd0vjmro7; _ga=GA1.2.1547824331.1674413528; _gid=GA1.2.1075433822.1674413528; _gat=1
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Sun, 22 Jan 2023 18:52:10 GMT
Content-Type: text/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://news.prolocosangiovannivaldarno.it/xmlrpc.php
Link: <http://news.prolocosangiovannivaldarno.it/wp-json/>; rel="https://api.w.org/", <http://news.prolocosangiovannivaldarno.it/>; rel=shortlink
X-Robots-Tag: noindex
X-ServerName: ipvsproxy49.ad.aruba.it
weatherfor.us/static/cask?f=W3gF.js
172.67.149.103200 OK 114 kB URL HTTP/1.1 weatherfor.us/static/cask?f=W3gF.js
IP 172.67.149.103:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 114 kB (113798 bytes)
Hash 13f04a7eb2ef0a286018e75de60df8e1
e54dc3ff59bf5515a845eda8ab647f530a98ed62
6851a90ef3cabd05acf2a38571138b2e54cc163f55b25eee915b64402b018110
GET /static/cask?f=W3gF.js HTTP/1.1
Host: weatherfor.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://weatherfor.us/widget?skin=mini&location=san%20giovanni%20valdarno%2C%20italy&bg_color=%23FAFAFA&txt_color=%23000000&unit=metric&ref=http%3A%2F%2Fnews.prolocosangiovannivaldarno.it%2F
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:52:10 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://premium.weatherfor.us
Vary: Origin, Accept-Encoding
Cache-Control: max-age=7200
ETag: W/"29a61-qFVfoLD7kaXKePMsz/6k6M13+oE"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJQRFxIWLiZR%2BxtGclwe0fwc6KbHNshgXsNL8IBWQvgsHCrxkDkFNp6I2FYqxQtkWEFM0hqC6SayW03dD%2BD%2FuCmU00FR0wfJtg59RXgzL9LwEO7lEKs1JVREXwamY75N"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da7c2fd934b4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
a.mailmunch.co/forms-cache/321883/settings-1674352248.json
143.204.55.29200 OK 838 B URL HTTP/1.1 a.mailmunch.co/forms-cache/321883/settings-1674352248.json
IP 143.204.55.29:0
File type JSON data\012- , ASCII text, with very long lines (1548), with no line terminators
Hash 61d7860d942e3ac5c2f0af444a850a12
34fbc6f2b75a9695981d14f9836044f37ffbc138
5c528bbdbf0fbd64154347eb776727074a8f87784bc1b5eec4ce6b64b68047d4
GET /forms-cache/321883/settings-1674352248.json HTTP/1.1
Host: a.mailmunch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://news.prolocosangiovannivaldarno.it
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 22 Jan 2023 06:54:14 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, POST, PUT, DELETE
Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 3000
Last-Modified: Sun, 22 Jan 2023 01:50:56 GMT
ETag: W/"2406f92a8979ca2a1b27f741b24970c0"
Cache-Control: max-age=31556952
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Hk_t4yooopwctlVqejm9BKD-LpKWgaXB7XgQXGugSdCwy-LPgc3FCQ==
Age: 43078
fonts.gstatic.com/s/arvo/v20/tDbD2oWUg0MKqScQ7Q.woff2
216.58.207.227200 OK 17 kB URL HTTP/1.1 fonts.gstatic.com/s/arvo/v20/tDbD2oWUg0MKqScQ7Q.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17300, version 1.0\012- data
Hash 2bb7eeed159db804f2e7a9ca64871661
d4aa569d336599b0c8a61ddbc2f5151627d0dbe1
6a444f75e21c8b900953619df3cbc2ecf9e2227416e07d774709adf722bcb415
GET /s/arvo/v20/tDbD2oWUg0MKqScQ7Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://weatherfor.us
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 17300
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 19 Jan 2023 06:12:08 GMT
Expires: Fri, 19 Jan 2024 06:12:08 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 19 Apr 2022 18:36:19 GMT
Content-Type: font/woff2
Age: 304803
weatherfor.us/static/style/font/weathericons-regular-webfont.woff2
172.67.149.103200 OK 45 kB URL HTTP/1.1 weatherfor.us/static/style/font/weathericons-regular-webfont.woff2
IP 172.67.149.103:0
File type Web Open Font Format (Version 2), TrueType, length 44720, version 1.6553\012- data
Hash 1cd48d78f06d33973d9d761d426e69bf
718dd740e8340888352129e592fed085409e891e
9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5
GET /static/style/font/weathericons-regular-webfont.woff2 HTTP/1.1
Host: weatherfor.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://weatherfor.us/static/style/weather-icons/weather-icons-wind.css
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:52:11 GMT
Content-Type: font/woff2
Content-Length: 44720
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://premium.weatherfor.us
Vary: Origin, Accept-Encoding
Cache-Control: public, max-age=86400
Last-Modified: Tue, 26 Jul 2022 03:02:48 GMT
ETag: W/"aeb0-1823874ffc0"
CF-Cache-Status: HIT
Age: 30923
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQSUqYkJB3KQEidLIKPXOmsOM47H2wp6OosRI%2BP5FfH4wja%2FKqDOq7%2BCKqES03dnpqo%2FXYPy%2FCldiM6sDg2xDxf46K6uVS1AekVkQ3nOmI%2FM9AAOPxsP3MHrFU8Ahh7q"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da7c3b1ac5b4f1-OSL
alt-svc: h2=":443"; ma=60
a.mailmunch.co/app/v1/popover.js
143.204.55.29200 OK 2.3 kB URL HTTP/1.1 a.mailmunch.co/app/v1/popover.js
IP 143.204.55.29:0
File type ASCII text, with very long lines (9035), with no line terminators
Hash 92f47ced4b953f3bff1676a4747417b6
ad670f81baef17c948577602a20794e981e51a99
3a97a56846ab166d44db6cf395fc9c0abb896a5d887f5c8a3164e01a1dfdc867
GET /app/v1/popover.js HTTP/1.1
Host: a.mailmunch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 2274
Connection: keep-alive
Date: Fri, 20 Jan 2023 19:10:52 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, POST, PUT, DELETE
Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 3000
Last-Modified: Tue, 17 Jan 2023 11:52:53 GMT
ETag: "92f47ced4b953f3bff1676a4747417b6"
Cache-Control: max-age=172800
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qdIakNlMEVGcTQ1R4VC8TlwnWfYJ9uVIOUI4AdMCAVI7ORawkWIV7Q==
Age: 171680
a.mailmunch.co/forms-cache/321883/423920/index-1659437032.html
143.204.55.29200 OK 39 kB URL HTTP/1.1 a.mailmunch.co/forms-cache/321883/423920/index-1659437032.html
IP 143.204.55.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32798)
Hash f6d84efe24761a68603e85c231053b10
63fd9ba56398a876f299d350655404f4a9c0359b
0b4afdc4a53a8d4ede190cc962d9a1c1f8f247b4f844a105c806470bb4c65c47
GET /forms-cache/321883/423920/index-1659437032.html HTTP/1.1
Host: a.mailmunch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://news.prolocosangiovannivaldarno.it
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 20 Jan 2023 10:28:24 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, POST, PUT, DELETE
Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 3000
Last-Modified: Tue, 02 Aug 2022 10:44:01 GMT
ETag: W/"2e5f0ac90225a1ef1c0e23f1b8606d65"
Cache-Control: max-age=31556952
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EQgTYOoGZDqml3xZwnzmhPYbxkt3NHc8Ks-ESofYV-y1YUk0MBOwXw==
Age: 203028
a.mailmunch.co/v2/themes/mailmunch/postman/popover/index.css
143.204.55.29200 OK 74 kB URL HTTP/1.1 a.mailmunch.co/v2/themes/mailmunch/postman/popover/index.css
IP 143.204.55.29:0
File type ASCII text, with very long lines (57930)
Hash 9b367c10302b952ffd72256392e1d89f
95cd21b0f0f372033ca41b9e5338b957f416d828
d75380dcff569a38c591caf138b6d8d1fdb9742706f865040411fce67f03848d
GET /v2/themes/mailmunch/postman/popover/index.css HTTP/1.1
Host: a.mailmunch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, POST, PUT, DELETE
Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 3000
Last-Modified: Wed, 08 Jan 2020 12:09:20 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 22 Jan 2023 05:52:46 GMT
Cache-Control: max-age=172800
ETag: W/"d481a0d1e0fc73b9a1a61665e1e49a27"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PiTwq5JkBz21fbRcL3USZ-1wa8svLNC8GOJSmlQYjtsjhCxmRgG2mA==
Age: 89787
scontent-arn2-2.xx.fbcdn.net/v/t39.30808-6/325612414_1155994921745215_4492418272180217540_n.jpg?stp=dst-jpg_p75x225&_nc_cat=108&ccb=1-7&_nc_sid=110474&_nc_ohc=qa0a0x1KMpIAX8k-RYX&_nc_ht=scontent-arn2-2.xx&oh=00_AfDYg6eYAc73swa99--7Prgv9kpTyVPTG97eSoZ_SAlVog&oe=63D2DBB9
157.240.194.27200 OK 10 kB URL HTTP/2 scontent-arn2-2.xx.fbcdn.net/v/t39.30808-6/325612414_1155994921745215_4492418272180217540_n.jpg?stp=dst-jpg_p75x225&_nc_cat=108&ccb=1-7&_nc_sid=110474&_nc_ohc=qa0a0x1KMpIAX8k-RYX&_nc_ht=scontent-arn2-2.xx&oh=00_AfDYg6eYAc73swa99--7Prgv9kpTyVPTG97eSoZ_SAlVog&oe=63D2DBB9
IP 157.240.194.27:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 339x225, components 3\012- data
Hash b77c5311c332bf5e7963a35ce90fbd3b
e2e5f8432fc62fb6a68f024648a8905aa316469f
19a9024c916921e22e1377c7b7dbd689f4844bbb61fd5e54b9e69b04c7813b23
GET /v/t39.30808-6/325612414_1155994921745215_4492418272180217540_n.jpg?stp=dst-jpg_p75x225&_nc_cat=108&ccb=1-7&_nc_sid=110474&_nc_ohc=qa0a0x1KMpIAX8k-RYX&_nc_ht=scontent-arn2-2.xx&oh=00_AfDYg6eYAc73swa99--7Prgv9kpTyVPTG97eSoZ_SAlVog&oe=63D2DBB9 HTTP/1.1
Host: scontent-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 16 Jan 2023 07:42:12 GMT
x-haystack-needlechecksum: 1242456219
x-needle-checksum: 2410368585
content-type: image/jpeg
content-length: 10282
content-digest: adler32=1239977998
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1904183273
date: Sun, 22 Jan 2023 18:52:11 GMT
x-fb-edge-debug: jcPyo9z0goswLe1KKhgNm24rb544zH36bmO2Dbb3Ed5lCpYL65D5xU_480Pu-addJIyaivKFni-hAgE8rBdHWZz8k5IO-f6qgM8E8MSiLB4
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:52:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:52:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2
216.58.207.227200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 32900, version 1.0\012- data
Hash fda3323314d895ae39de612559f6fad9
644dbb14f599920fdc8f8260b6e67bd1f8770e89
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
GET /s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news.prolocosangiovannivaldarno.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 13:04:07 GMT
expires: Fri, 19 Jan 2024 13:04:07 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 15:44:11 GMT
content-type: font/woff2
age: 280084
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news.prolocosangiovannivaldarno.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 18:52:41 GMT
expires: Tue, 16 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 518370
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 1.2 kB IP 142.250.74.163:0
File type gzip compressed data, max compression\012- data
Hash 9ca210e319d3a33e9516fb9f6dcf7534
6468e8daa1b8651288f27eea565d84abfa632077
f0d8809f6f40939bb970ab8c12862fc89e557e1f083745900c34aad35ed8af6d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:52:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.mailmunch.co/event/?site_id=321883&widget_id=423920&event_name=views&cache=1674413530888&referrer=http%3A%2F%2Fnews.prolocosangiovannivaldarno.it%2F&visitor_id=680fd4e7-0715-4b29-a0c9-dedb73e403a8
3.232.242.170200 OK 35 B URL HTTP/1.1 analytics.mailmunch.co/event/?site_id=321883&widget_id=423920&event_name=views&cache=1674413530888&referrer=http%3A%2F%2Fnews.prolocosangiovannivaldarno.it%2F&visitor_id=680fd4e7-0715-4b29-a0c9-dedb73e403a8
IP 3.232.242.170:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /event/?site_id=321883&widget_id=423920&event_name=views&cache=1674413530888&referrer=http%3A%2F%2Fnews.prolocosangiovannivaldarno.it%2F&visitor_id=680fd4e7-0715-4b29-a0c9-dedb73e403a8 HTTP/1.1
Host: analytics.mailmunch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Type: image/gif
Date: Sun, 22 Jan 2023 18:52:12 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur
weatherfor.us/sentry
172.67.149.103200 OK 41 B IP 172.67.149.103:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 98d01bcbbb5f896d596073494312cddf
367c0384fee1ac61ecfd6485e99e81f5aafe2b0e
30c7783afd179c17415722436a2ceb5155ca160e9c848eab46628e0ac67391aa
POST /sentry HTTP/1.1
Host: weatherfor.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://weatherfor.us/
Content-Type: text/plain;charset=UTF-8
Origin: http://weatherfor.us
Content-Length: 1524
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:52:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 41
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://premium.weatherfor.us
Vary: Origin
ETag: W/"29-NnwDhP7hrGHs/WSF6Z6B9ar+Kw4"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4JjgBOeUg1qCYP20jMzJUwpFmL0kSBGS3QXVO4lLPRp0CAeYyOONYgJFGXJ1V0OsiMafSN2P7kCpiiJ6nVvAInMW4AUHEQgG4wQutg0SDBQXrWuAtOG9KnqP6mutdth"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da7c402b6eb500-OSL
alt-svc: h2=":443"; ma=60
weatherfor.us/sentry
172.67.149.103200 OK 2 B IP 172.67.149.103:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /sentry HTTP/1.1
Host: weatherfor.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://weatherfor.us/
Content-Type: text/plain;charset=UTF-8
Origin: http://weatherfor.us
Content-Length: 499
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:52:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://premium.weatherfor.us
Vary: Origin
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfQLTVxQCoaUHQydub2dTO5p2meZ4L9cGNABMLJ5lmls8qvZP%2F9XDvTRZixRYrgZ0f7el5zoO%2FNlvTcpGhBc57kYiVICMofMlH%2BBSxkUyhKF7fWIQLp%2F883H4KQ%2FSldU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da7c402b88b4f1-OSL
alt-svc: h2=":443"; ma=60
weatherfor.us/static/cask?f=0XmCUu4G.wasm
172.67.149.103200 OK 14 kB URL HTTP/2 weatherfor.us/static/cask?f=0XmCUu4G.wasm
IP 172.67.149.103:0
Hash 78a49af3af61d244f268abb4c3044c74
55bb24cb01b11794b3ec16382b86da49460c532a
859cb6fcab9e326a75820ff0c6a59f50e869f38b630727a5f4f8f31db2ab0817
GET /static/cask?f=0XmCUu4G.wasm HTTP/1.1
Host: weatherfor.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://weatherfor.us/
Origin: http://weatherfor.us
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 18:52:12 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 59667
x-powered-by: Express
access-control-allow-origin: https://premium.weatherfor.us
vary: Origin
cache-control: max-age=7200
etag: W/"e913-icEjrACi4aksr2hNknaNfuY2u14"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4uJ9nejTpO2aPP9nGzHIOhT8dtjp1vK4pQQrTqpuWHBR3T4UWqyKvrJBlLah8DSv4fjNtWXRSQUCEeo%2FgRWhOanJEWl0BA3YMFuQGDEIKwzB9oTMlEjuM6zHiMPXs7K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78da7c413926b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api-js.mixpanel.com/track/?verbose=1&ip=1&_=1674413533652
35.186.241.51200 OK 25 B URL HTTP/2 api-js.mixpanel.com/track/?verbose=1&ip=1&_=1674413533652
IP 35.186.241.51:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fa4859df2aaba80141861afa205fe74e
d486b5a249527d022cc009bdc9c197efb66f23a2
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
POST /track/?verbose=1&ip=1&_=1674413533652 HTTP/1.1
Host: api-js.mixpanel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3922
Origin: http://weatherfor.us
Connection: keep-alive
Referer: http://weatherfor.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://weatherfor.us
access-control-expose-headers: X-MP-CE-Backoff
access-control-max-age: 1728000
cache-control: no-cache, no-store
content-type: application/json
strict-transport-security: max-age=604800; includeSubDomains
date: Sun, 22 Jan 2023 18:52:14 GMT
content-length: 25
x-envoy-upstream-service-time: 11
server: envoy
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 0 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
GET /rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 11 Jan 2024 21:58:10 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 1joCzofAf/z6hp/vf8XyMw==
x-fb-debug: wbTCyJ5zF9v4ZXKTX58G1LddTUuZxnVvYZG0r4beHb8GTGUqOQXaYgxSfRe39U+Vt3olDDyBXe25dDtK4gk3QQ==
priority: u=3,i
content-length: 830
x-fb-trip-id: 1904183273
date: Sun, 22 Jan 2023 18:52:09 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yu/r/6y4CCZM5a8v.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 0 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yu/r/6y4CCZM5a8v.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
GET /rsrc.php/v3/yu/r/6y4CCZM5a8v.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 19 Jan 2024 01:28:44 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: lzSgJnsApQyOt2FL7pxlRQ==
x-fb-debug: BATlYcVLyIBAh541jV8XRa/NqEaHn3WQGt3RJRnKe0WYnKUDqLS7mpP91ewWz+Bld/HQmmQ7jMcCHUn4AnACjA==
content-length: 16276
x-fb-trip-id: 1904183273
date: Sun, 22 Jan 2023 18:52:09 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.weatherfor.us/static/js/minion/minion.js
104.21.29.149200 OK 0 B URL HTTP/2 www.weatherfor.us/static/js/minion/minion.js
IP 104.21.29.149:0
GET /static/js/minion/minion.js HTTP/1.1
Host: www.weatherfor.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 18:52:08 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://premium.weatherfor.us
cache-control: public, max-age=86400
cf-bgj: minify
etag: W/"de7-1827f16d8e0"
last-modified: Mon, 08 Aug 2022 20:13:00 GMT
vary: Origin, Accept-Encoding
x-powered-by: Express
cf-cache-status: HIT
age: 2756
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9WDeZkpdLFwW7S1jyo%2F6YpNk8JPnvHfr2YIlgg5Y%2Bh3m%2FLE7X5vRWrrJlnjYNnEnTTGnZ9tLPeWh4TCWTgHggTpqht88VNCPUKW7QgiWeFv4zoHsn6K5H7G2ftkAiPwYklQBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78da7c274a8fb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FProlocoSGV&tabs=timeline&width=350&height=500&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=false&appId=1054970627866987
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FProlocoSGV&tabs=timeline&width=350&height=500&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=false&appId=1054970627866987
IP 31.13.72.36:0
GET /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FProlocoSGV&tabs=timeline&width=350&height=500&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=false&appId=1054970627866987 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news.prolocosangiovannivaldarno.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 6kARt1YucUJW/jSHRfHcpUVVHO2XEoHqmPVBM4PKtBS/Bsz1EASkQzG90Un0Y08LBhZdO2T9FnbCinVcr0pemw==
date: Sun, 22 Jan 2023 18:52:08 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
weatherfor.us/static/cask?f=0XmCUu4G.wasm
172.67.149.103200 OK 0 B URL HTTP/2 weatherfor.us/static/cask?f=0XmCUu4G.wasm
IP 172.67.149.103:0
GET /static/cask?f=0XmCUu4G.wasm HTTP/1.1
Host: weatherfor.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://weatherfor.us/
Origin: http://weatherfor.us
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 18:52:12 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 59667
x-powered-by: Express
access-control-allow-origin: https://premium.weatherfor.us
vary: Origin
cache-control: max-age=7200
etag: W/"e913-icEjrACi4aksr2hNknaNfuY2u14"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=az4U8pkNsxLo93NcN4ZWkeoIfJgHamZRfeAfj6IZJZD%2FqBWvhzz%2FlGs046iMIl5a0is3%2B5khlnqXqPUoIM%2FrqeI54Z3MWQLCZGwrLfnwDSrqwbXVQ%2BVhJz3X3Q3CMaFF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78da7c3b0f91b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2