www.mc2fsrl.com/
23.100.63.4301 Moved Permanently 0 B IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://mc2fsrl.com/default.aspx
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:37 GMT
Content-Length: 0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4611
Expires: Thu, 15 Sep 2022 17:40:57 GMT
Date: Thu, 15 Sep 2022 16:24:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 16:10:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: R3IbgydnpOaEWh6s1ZJEFQ5YAhiWQ8j46iF9MNjTCNiOj5Swds971g==
Age: 818
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8oHG-9zLjvu6EAV8oENayCvOV4CcTTIGgbW-cMrmDyFwluL1b3p_6Q==
age: 42531
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 16:24:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f525ba0211661b5c75336e84542140d6
f58f33a4a75cc0b758843edabd9a0baed50d09b4
faa8c5f91c52fa03442e3a050c65908902b523a4675871ba7e9e0ed54ee2a62b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAA8C5F91C52FA03442E3A050C65908902B523A4675871BA7E9E0ED54EE2A62B"
Last-Modified: Thu, 15 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Thu, 15 Sep 2022 22:23:09 GMT
Date: Thu, 15 Sep 2022 16:24:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 15 Sep 2022 16:03:22 GMT
Expires: Thu, 15 Sep 2022 16:03:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ugvi0nubPhuEDc5u9Q4HdvnKjo9S5F7F9UEqShw1PFJq4a_2w58C3A==
Age: 1245
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d597af1ab2f21a983bf0f0d105b94209
9d5dd938777abde094c89066b539141a02106b88
a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6020
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:24:07 GMT
Last-Modified: Thu, 15 Sep 2022 14:43:47 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
mc2fsrl.com/default.aspx
23.100.63.4200 OK 14 kB IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10684), with CRLF line terminators
Hash 0b0e9cd7f22c8a28f6e996e81e595b2d
5a032ca7b7a74f6ddade590205670527f8d8cc9c
4c6d2a351d64531141b39116f51f2d40da9ca2f67ee3ce1354cfe94319c4d1fe
Analyzer Verdict Alert fortinet Phishing
GET /default.aspx HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
Set-Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:37 GMT
Content-Length: 14258
mc2fsrl.com/styles/reset.css
23.100.63.4200 OK 1.0 kB URL HTTP/1.1 mc2fsrl.com/styles/reset.css
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 3e8ffc75704c4419e93f69d571fd2004
88e88a5c6ef65e0f2d374e90170e5527d8a6bf45
3e2fbbb427bbd3ec9d23a8d44d26c5c0fe87b02bc0b331aa21f5c824059325f8
GET /styles/reset.css HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "277faeeba057d31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 1037
push.services.mozilla.com/
44.236.232.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.236.232.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6YAUsiHS1Al5mNTO+yOPNw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9nInZ509XzfspvrWz8FQqM+MGOQ=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:24:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc2fsrl.com/scripts/modernizr.custom.2.6.2.js
23.100.63.4200 OK 7.5 kB URL HTTP/1.1 mc2fsrl.com/scripts/modernizr.custom.2.6.2.js
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with very long lines (14752), with CRLF line terminators
Hash 9ac49181f7b0937bfc63eff649211be2
109f35e8d39e2e17a2389faeed60f299c55ae97f
3ca97e78dc494669be0ff8809637b6edee49245d32cb53704a82da0aaabed818
Analyzer Verdict Alert fortinet Phishing
GET /scripts/modernizr.custom.2.6.2.js HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "c194adeba057d31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 7468
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 01721134027b8087fcaea01ae7470149
e3d82b3dd35d846d3bd662a0f9b7a51cba2ba864
a7aa0a8736af71aee8a545362876a784954dbb37cda1a2c184c7ef99e14f2b56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:24:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 56b4a90e8be043082aa30d490fe93e47
6c94d4b9610ec757d7e7851ac2e478edff1309f8
c59724a0ece262f497d3f09f4e90ae49a11a3a150134183cc10ef2c47f5fe9b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:24:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
142.250.74.106200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32038)
Hash 103708790db3586027df27ded660f8ef
d3f58fbe6e02cb4b8b34c6fd510e011cb325bc70
fdba876856bb6c2783df94cacb0f17b53fe33f1907135539272c0127b4270ffe
GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 19:09:20 GMT
expires: Wed, 13 Sep 2023 19:09:20 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 162887
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
consent.cookiebot.com/b64e16ba-d247-4610-8dfb-f3c9e7e97289/cd.js
104.69.222.104200 OK 3.0 kB URL HTTP/2 consent.cookiebot.com/b64e16ba-d247-4610-8dfb-f3c9e7e97289/cd.js
IP 104.69.222.104:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (11308)
Hash bbf29d5fa3fc9a95fae45e7e0eda0976
e105287fe120dd7d95b5bbf85910b36d5b2d783e
864d22b4eeea368220d777443c09bd64b017b04ed1648aa7bcae2b9c198aec20
GET /b64e16ba-d247-4610-8dfb-f3c9e7e97289/cd.js HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 07:31:36 GMT
accept-ranges: bytes
etag: "03c1f60c2b6d81:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 3038
expires: Thu, 15 Sep 2022 16:24:07 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 15 Sep 2022 16:24:07 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:24:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-KB2G9XN
142.250.74.72200 OK 47 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KB2G9XN
IP 142.250.74.72:0
File type ASCII text, with very long lines (1855)
Hash b0be2dbb4bec8f18a9a8f6e0ebd7de08
5aa3381b97dd648887976c49b9845a16d0ffadeb
bc14697b2b81a00412ec7a1e4231241a8e8c1d8a56e693ad24b803bd524d085a
GET /gtm.js?id=GTM-KB2G9XN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 15 Sep 2022 16:24:07 GMT
expires: Thu, 15 Sep 2022 16:24:07 GMT
cache-control: private, max-age=900
last-modified: Thu, 15 Sep 2022 16:04:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc2fsrl.com/scripts/function.js
23.100.63.4200 OK 627 B URL HTTP/1.1 mc2fsrl.com/scripts/function.js
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash fd0b83c1985b1146f63169e4bdd5d725
4b08caf45ebbec720fda1cf9c44f2fce29c53921
15c25541d14393b20895de62893a6931bcb5c456b212f4951fbfa68cfe18748a
Analyzer Verdict Alert fortinet Phishing
GET /scripts/function.js HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "a2d5aaeba057d31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 627
mc2fsrl.com/styles/slick.css
23.100.63.4200 OK 796 B URL HTTP/1.1 mc2fsrl.com/styles/slick.css
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 0af453fa3bac6250a1418345f8d672d7
d6f100e4cac78772c31919b6c31ee283a1ecce3a
cf2ce234207822b3e7dd90c04d184eda6cb5573d6bebed6a6a5a5cbc89a4645d
GET /styles/slick.css HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "3fcdaeeba057d31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 796
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2e8e3b8dcfc70035468cee19fa0ce164
8abd549de54a56c4d8866642803817e1d411ad88
9f8702221570464be855f0cf42d77a90b745fbf6c60d5d437218d45f9603fd19
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:24:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 56b4a90e8be043082aa30d490fe93e47
6c94d4b9610ec757d7e7851ac2e478edff1309f8
c59724a0ece262f497d3f09f4e90ae49a11a3a150134183cc10ef2c47f5fe9b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:24:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc2fsrl.com/styles/slick-theme.css
23.100.63.4200 OK 1.0 kB URL HTTP/1.1 mc2fsrl.com/styles/slick-theme.css
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash f691df16a20d954c42d18f0235fc9b5a
84d29e4b37ae78906fe8c28f7b38f01f70446994
afc825dcfba09b16f74a6d5d768d9499dd13431b39260996db2b4961533a616b
GET /styles/slick-theme.css HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "2ea6aeeba057d31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 1045
mc2fsrl.com/WebResource.axd?d=yb9Sfs-R6bS8KY301j3mtr7bVGASC0PYdsFWl8m65oqJIhaH4gLi72zk9Nwl7omZaE7-ZWJ1k-r7Lb7w7xIJbl_NYZc_NDsPyEufF0zzFJg1&t=637358748577751970
23.100.63.4200 OK 6.0 kB URL HTTP/1.1 mc2fsrl.com/WebResource.axd?d=yb9Sfs-R6bS8KY301j3mtr7bVGASC0PYdsFWl8m65oqJIhaH4gLi72zk9Nwl7omZaE7-ZWJ1k-r7Lb7w7xIJbl_NYZc_NDsPyEufF0zzFJg1&t=637358748577751970
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 06fd446079195e9866f38728a31b8416
bce7935598a51703a7077dd75e1d30882533c6e1
5466d19b6349cc09de47de356c3195b2fd367a5ab8f1c55e8aaf2f296915d46d
GET /WebResource.axd?d=yb9Sfs-R6bS8KY301j3mtr7bVGASC0PYdsFWl8m65oqJIhaH4gLi72zk9Nwl7omZaE7-ZWJ1k-r7Lb7w7xIJbl_NYZc_NDsPyEufF0zzFJg1&t=637358748577751970 HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Fri, 15 Sep 2023 05:56:59 GMT
Last-Modified: Wed, 16 Sep 2020 15:40:57 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 6007
mc2fsrl.com/styles/style.css
23.100.63.4200 OK 5.9 kB URL HTTP/1.1 mc2fsrl.com/styles/style.css
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type troff or preprocessor input, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 88920ba17072eac12c916af0c6e8adda
ef823a13d3e231363d9ed67685ba22150fb77ae5
61e531101bb3adeb9a682501e9773db7dd4e89a7963b65495653e9bc8d350e1c
GET /styles/style.css HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 10 Nov 2017 13:36:38 GMT
Accept-Ranges: bytes
ETag: "d0539bef285ad31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 5862
mc2fsrl.com/scripts/jquery.flexslider-min.js
23.100.63.4200 OK 6.6 kB URL HTTP/1.1 mc2fsrl.com/scripts/jquery.flexslider-min.js
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (528), with CRLF line terminators
Hash 61a2e400eedf71c99f946b51a1ea3cdb
c2d423e5e98670bc9e9e04168137c39999fad78c
f35da7bd4bc3a973519110847f9cef98860c026b74fda2494934022a0503df47
Analyzer Verdict Alert fortinet Phishing
GET /scripts/jquery.flexslider-min.js HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "a246adeba057d31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 6582
mc2fsrl.com/ScriptResource.axd?d=1uvZKUDu2Bny3lrcWzOQQTVxViUtwaudKNwSYaVTKkeU6cZtPXuso8sU-upQEPQmfGeEWU53esSlTZXi9RJLevbpzfov_dXarb8KxL5fCEsir7VkveiQQzdfk6wJCqt4ca6FypZRlOXhg1a2Wi3KMw2&t=ffffffffafdfa956
23.100.63.4200 OK 9.6 kB URL HTTP/1.1 mc2fsrl.com/ScriptResource.axd?d=1uvZKUDu2Bny3lrcWzOQQTVxViUtwaudKNwSYaVTKkeU6cZtPXuso8sU-upQEPQmfGeEWU53esSlTZXi9RJLevbpzfov_dXarb8KxL5fCEsir7VkveiQQzdfk6wJCqt4ca6FypZRlOXhg1a2Wi3KMw2&t=ffffffffafdfa956
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (37606), with CRLF line terminators
Hash d23a4f57b13f6f8716b4343404b4d530
d53e950a81e0d06398c22585fcb83b908c36e8dc
20bf53ba677cbf3988f21a587b5bf5bb858a183a7cdcc157ef87b4f3de54694f
GET /ScriptResource.axd?d=1uvZKUDu2Bny3lrcWzOQQTVxViUtwaudKNwSYaVTKkeU6cZtPXuso8sU-upQEPQmfGeEWU53esSlTZXi9RJLevbpzfov_dXarb8KxL5fCEsir7VkveiQQzdfk6wJCqt4ca6FypZRlOXhg1a2Wi3KMw2&t=ffffffffafdfa956 HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Fri, 15 Sep 2023 05:56:59 GMT
Last-Modified: Thu, 15 Sep 2022 05:56:59 GMT
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 9616
mc2fsrl.com/ScriptResource.axd?d=KM_IBQFkcjuf0R7h8P-aT-cAYUdZE0nEht8wlOJ2SuI5CeeMnz1jVf9aJ7KzyCbvBwIvh4DUCZJhyA-FtYmux7DCRPJw0_VqO96TLh_MzrD-f-jckOCFtc2Wl73T8T0g0&t=ffffffffafdfa956
23.100.63.4200 OK 27 kB URL HTTP/1.1 mc2fsrl.com/ScriptResource.axd?d=KM_IBQFkcjuf0R7h8P-aT-cAYUdZE0nEht8wlOJ2SuI5CeeMnz1jVf9aJ7KzyCbvBwIvh4DUCZJhyA-FtYmux7DCRPJw0_VqO96TLh_MzrD-f-jckOCFtc2Wl73T8T0g0&t=ffffffffafdfa956
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65496), with CRLF line terminators
Hash 7a5627bba92e4dc2a9b5eb586d556a91
e3f3d40d6ad0672a39d83e0e43a98632e17d18ce
4f1398ca91accf381ceb49acde6d481d6256a297a95338032c70db21d1261d5f
GET /ScriptResource.axd?d=KM_IBQFkcjuf0R7h8P-aT-cAYUdZE0nEht8wlOJ2SuI5CeeMnz1jVf9aJ7KzyCbvBwIvh4DUCZJhyA-FtYmux7DCRPJw0_VqO96TLh_MzrD-f-jckOCFtc2Wl73T8T0g0&t=ffffffffafdfa956 HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Fri, 15 Sep 2023 05:56:59 GMT
Last-Modified: Thu, 15 Sep 2022 05:56:59 GMT
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 27029
mc2fsrl.com/scripts/slick.min.js
23.100.63.4200 OK 13 kB URL HTTP/1.1 mc2fsrl.com/scripts/slick.min.js
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (32012), with CRLF line terminators
Hash ec9a0c3186bcebfb944845fdd889924c
d5839d576afa5fee56ce8bff8b4856a108e03062
9c9c91fd3275e363584eb5a127ca28c622f87b376aa94048775b9edb06502988
Analyzer Verdict Alert fortinet Phishing
GET /scripts/slick.min.js HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "f49aeeba057d31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 13411
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash df3166e6dcc8b81c61419d3927e2f13d
fb28086a586498421b2195b1d8d28ba8ddb0bb86
d0149bac781cc1543150e9d11998fca9205a03fbb0b0c58ae850396f92e30a02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D0149BAC781CC1543150E9D11998FCA9205A03FBB0B0C58AE850396F92E30A02"
Last-Modified: Thu, 15 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21544
Expires: Thu, 15 Sep 2022 22:23:11 GMT
Date: Thu, 15 Sep 2022 16:24:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1a59d47f02fdb66b5289958236ca3c0a
4abe7f4b4cfa2126cf0df88d99313ba1733fa061
d2fac08c7c1c3549db3d438ec69e1f9a50487dfab655530eb4e4bfa0c6da9c93
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2FAC08C7C1C3549DB3D438EC69E1F9A50487DFAB655530EB4E4BFA0C6DA9C93"
Last-Modified: Thu, 15 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21519
Expires: Thu, 15 Sep 2022 22:22:47 GMT
Date: Thu, 15 Sep 2022 16:24:08 GMT
Connection: keep-alive
mc2fsrl.com/img/common/it.png
23.100.63.4200 OK 16 kB URL HTTP/1.1 mc2fsrl.com/img/common/it.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 20 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 68090377814d42b48e25645db46933d6
3ee80dc69fa167b011ec8e7ecdcadc822e615acf
05fe21ae6da3b9557191b64e791dc4b758a6568aec6ec118d647ad398fdb144d
GET /img/common/it.png HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 09 Nov 2017 14:17:11 GMT
Accept-Ranges: bytes
ETag: "4fa6da6e6559d31:0"
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 15590
mc2fsrl.com/img/common/ico_arearivenditori.png
23.100.63.4200 OK 365 B URL HTTP/1.1 mc2fsrl.com/img/common/ico_arearivenditori.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 10 x 13, 8-bit/color RGBA, non-interlaced\012- data
Hash c12c00301098c09476e67b36ec4eeac2
435ac32c93daa0e0fdea97d835c4f4285a077d87
96173e6905c0f29830d85613ba7f5fa712871831847e3762751f559071ad15db
GET /img/common/ico_arearivenditori.png HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "fa1098eba057d31:0"
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 365
privacy.andytimes.it/privacy/privacy-cookie.min.js
23.100.63.4200 OK 2.4 kB URL HTTP/1.1 privacy.andytimes.it/privacy/privacy-cookie.min.js
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (5022), with no line terminators
Hash b064b1dc71d4a3733392e8a82bb869c9
18de12219a19fd03867cdf61830b0a3d5412ed49
449b0bae094611b89ae84269d5895b14accdfbee848704ae17afdc5955613dfa
GET /privacy/privacy-cookie.min.js HTTP/1.1
Host: privacy.andytimes.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 20 Nov 2018 07:13:44 GMT
Accept-Ranges: bytes
ETag: "5331db92a080d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 2428
mc2fsrl.com/img/common/logo.png
23.100.63.4200 OK 13 kB URL HTTP/1.1 mc2fsrl.com/img/common/logo.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 179 x 119, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e60ab50a474c6753dfbba1cca101f03
ceb97564df8b9a98af99075c56391335dfa10ce0
6b84c254077d125ef2526ef026e357a366c0857dd708b0cd048b06ac53948bd9
GET /img/common/logo.png HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "60d598eba057d31:0"
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 13118
mc2fsrl.com/img/common/en.png
23.100.63.4200 OK 16 kB URL HTTP/1.1 mc2fsrl.com/img/common/en.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 20 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 04e35ef8ce800693914e1654e6d7fe47
14967261504d740eab52d0692f3968a0da2b20b4
4782da6fa6427f3d1c8cafa7ab75a6488fc52da36fea7c2cb879f495cdac0efa
GET /img/common/en.png HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 09 Nov 2017 14:17:11 GMT
Accept-Ranges: bytes
ETag: "d41bdb6e6559d31:0"
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 16414
admin.mc2fsrl.com/writable/635884680275662628_carp_ico_gray.png
23.100.63.4200 OK 859 B URL HTTP/1.1 admin.mc2fsrl.com/writable/635884680275662628_carp_ico_gray.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 5a5f26edfb33e248b6c2ac7d8e7163fd
460c48d9f5c384fced574f7bbd72eb8584b64957
cb6978affa1514377b093cece638033d071f853e58c1ff73bbfc16b0f1ab0e3d
GET /writable/635884680275662628_carp_ico_gray.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 15 Jan 2016 14:28:32 GMT
Accept-Ranges: bytes
ETag: "239c922a14fd11:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 859
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e669093dc2c285ce41d74ad82e5c3d2
1e65ded94e2b8c575979da362ce8dc2e304c5d5f
5a3c12851ee84e69a6ff8f0707d036d36827c77011af12aeabc187220e0fc79c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:24:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Hash 7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mc2fsrl.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:26:57 GMT
expires: Thu, 14 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 75431
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12956, version 1.0\012- data
Hash 1c772d9d0531b187db80bcfc199c1786
c0c04fb334190e10dffed0dcc5c817c2a6041a15
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mc2fsrl.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12956
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:28:30 GMT
expires: Thu, 14 Sep 2023 19:28:30 GMT
cache-control: public, max-age=31536000
age: 75338
last-modified: Wed, 27 Apr 2022 16:54:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc2fsrl.com/img/pag_statiche/img_chisiamo.jpg
23.100.63.4200 OK 22 kB URL HTTP/1.1 mc2fsrl.com/img/pag_statiche/img_chisiamo.jpg
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 471x289, components 3\012- data
Hash 4fc7d2820136559848c4e3f2a4d1f487
b0b05debffdc8a07e6e35998709106e75fd8243c
bfcf786e55dfd1d9e4cd513ae3cadbfdabc2e92cba2c16deafab955b060645be
GET /img/pag_statiche/img_chisiamo.jpg HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "75dd9deba057d31:0"
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 22028
mc2fsrl.com/img/home/foto%2015.jpg
23.100.63.4200 OK 211 kB URL HTTP/1.1 mc2fsrl.com/img/home/foto%2015.jpg
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2016:01:20 12:55:58], progressive, precision 8, 960x480, components 3\012- data
Size 211 kB (211199 bytes)
Hash ea513f302bcaaf15dad98fa7ba99cf1a
08101d61efadd0b4668775903d3089f6df0a196d
4c9fbb43b68972ba6bb81e627a353b64b00853d7b578fe6c3a468cac21fd2252
GET /img/home/foto%2015.jpg HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "4c949beba057d31:0"
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 211199
privacy.andytimes.it/Privacy/Privacy.css
23.100.63.4200 OK 782 B URL HTTP/1.1 privacy.andytimes.it/Privacy/Privacy.css
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash aa09bc5e4d6fc2cd044c3e0b2e3dffca
89e04d03d12353e8a29688f6b95cafa33cf79ffa
eef160e7727514ccd1eef0f5881d81b06b640dcdece05364a8f7dbf7a1a453b0
GET /Privacy/Privacy.css HTTP/1.1
Host: privacy.andytimes.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 20 Jul 2016 13:17:51 GMT
Accept-Ranges: bytes
ETag: "8033131e89e2d11:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 782
mc2fsrl.com/img/home/foto%2014.jpg
23.100.63.4200 OK 187 kB URL HTTP/1.1 mc2fsrl.com/img/home/foto%2014.jpg
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2016:01:20 12:54:14], progressive, precision 8, 960x480, components 3\012- data
Size 187 kB (186708 bytes)
Hash 2ce75bca409d125641d4ab44baefb9e6
956c46fb1f4d5b21ff5a6867a40b4cae99627a47
0a2d80122446228412adb2d882c4fad8f096d95b61308141961a113471b09c71
GET /img/home/foto%2014.jpg HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "89459beba057d31:0"
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 186708
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e669093dc2c285ce41d74ad82e5c3d2
1e65ded94e2b8c575979da362ce8dc2e304c5d5f
5a3c12851ee84e69a6ff8f0707d036d36827c77011af12aeabc187220e0fc79c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:24:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:24:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc2fsrl.com/img/common/ico_fb.png
23.100.63.4200 OK 629 B URL HTTP/1.1 mc2fsrl.com/img/common/ico_fb.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 5dd0b4b72b910a7d3a62b78fc488c3f0
64adf868d226f482e9b8f075093eefd0be1237aa
c3ae0c95f0b557fcf2364760f55ec7d8aaa6b854ed3fadf9c8274c728a06aa50
GET /img/common/ico_fb.png HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/styles/style.css
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "195f98eba057d31:0"
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 629
mc2fsrl.com/img/common/bg_menu_ist.gif
23.100.63.4200 OK 47 B URL HTTP/1.1 mc2fsrl.com/img/common/bg_menu_ist.gif
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 50\012- data
Hash 384fd4f93a0fc9ef7bb708769d320727
3338e21d2732dd15d6f60e0abf87807bf03be7d4
6f74667cedac88ce9f705963577e001ffc5363bd437b7dfbb1f2f0320dd9aa41
GET /img/common/bg_menu_ist.gif HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/styles/style.css
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "d1c297eba057d31:0"
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 47
fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600
IP 142.250.74.10:0
Hash 95081143c5af6d01d4893cb2e7298cca
dc9825dd0c0769a85c691251918f829c78d0485c
d67d0a57377797d093a7aa359f1d4fd98f6a1721409b083d2e52db5081e99e43
GET /css?family=Source+Sans+Pro:300,400,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Sep 2022 16:24:07 GMT
date: Thu, 15 Sep 2022 16:24:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mc2fsrl.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:26:57 GMT
expires: Thu, 14 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 75431
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
admin.mc2fsrl.com/writable/635884679641607897_aria_ico_gray.png
23.100.63.4200 OK 2.0 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/635884679641607897_aria_ico_gray.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 318a0a102ff7265fbb8966e927ce0488
a9b9229c7100857189ed701bc9f153199a6af7f4
db0f67c65e2917e9f408d32d7bc0141920ba48901074f78343270005d0dd28e2
GET /writable/635884679641607897_aria_ico_gray.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 15 Jan 2016 14:27:28 GMT
Accept-Ranges: bytes
ETag: "d5e1c7dca04fd11:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 1972
consent.cookiebot.com/b64e16ba-d247-4610-8dfb-f3c9e7e97289/cdreport.js?referer=https%3A%2F%2Fmc2fsrl.com%2Fdefault.aspx
104.69.222.104200 OK 2.9 kB URL HTTP/2 consent.cookiebot.com/b64e16ba-d247-4610-8dfb-f3c9e7e97289/cdreport.js?referer=https%3A%2F%2Fmc2fsrl.com%2Fdefault.aspx
IP 104.69.222.104:0
ASN #20940 Akamai International B.V.
File type HTML document, Unicode text, UTF-8 text, with very long lines (10022), with CRLF line terminators
Hash 4b9be357186a34bcaad1e937d951f185
76d6674b02e83be0174c3f3bdec9bea6383c4cad
5922b8f0978788d6b0ccd401fd76316f6f240cae126f28b175c830df43e8d483
GET /b64e16ba-d247-4610-8dfb-f3c9e7e97289/cdreport.js?referer=https%3A%2F%2Fmc2fsrl.com%2Fdefault.aspx HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 16:24:08 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 2885
expires: Thu, 15 Sep 2022 16:24:08 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 15 Sep 2022 16:24:08 GMT
X-Firefox-Spdy: h2
mc2fsrl.com/img/home/btn_prev.png
23.100.63.4200 OK 1.3 kB URL HTTP/1.1 mc2fsrl.com/img/home/btn_prev.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 28 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c6fdb5ff0275eebdd63b1f25a4b1585
88a6eb82a334211b84d1cc23034b5be9d7281c4b
f8b10c1b995a7093f3651d60f1fffc6244ab588bf4777a6a05afcab69e86522a
GET /img/home/btn_prev.png HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/styles/flexslider.css
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "d1339aeba057d31:0"
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 1305
admin.mc2fsrl.com/writable/636104836083525118_Trattamento%20aria.jpg
23.100.63.4200 OK 27 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/636104836083525118_Trattamento%20aria.jpg
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2016:01:20 16:29:21], baseline, precision 8, 230x140, components 3\012- data
Hash 27f88df8e554cad27d22f0218a09850d
94828e32319e4f30ff1866cdaeb27c35aa028f57
46aa39846b95d3f621ce3f76d345b5053aaba67026675598ca538dc9cddae4d9
GET /writable/636104836083525118_Trattamento%20aria.jpg HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 26 Sep 2016 08:46:48 GMT
Accept-Ranges: bytes
ETag: "fed5aa84d217d21:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 26953
admin.mc2fsrl.com/writable/637321488461893777_RED%20I%2025-50%20open.png
23.100.63.4200 OK 53 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/637321488461893777_RED%20I%2025-50%20open.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 240 x 240, 8-bit/color RGB, non-interlaced\012- data
Hash 7d104d9a398c26f9ffbc5f7f88e6d618
0eaff2c59ed8b0e83989bb8b66ac1e817f10fd7f
b0ddf4da116ecf3b1b57ad02d91869d7425e37cf13fd50f9ab4310f753b6b40f
GET /writable/637321488461893777_RED%20I%2025-50%20open.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 04 Aug 2020 12:40:46 GMT
Accept-Ranges: bytes
ETag: "91c07e795c6ad61:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 52949
admin.mc2fsrl.com/writable/635884680041691543_ric_ico_gray.png
23.100.63.4200 OK 1.3 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/635884680041691543_ric_ico_gray.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash a90d1605207d3a27ec2fa05749c204a2
4afa5061ba00a63d7908f5fd8dbe15394e3c50ad
f56f34f6842cbbe2fc3c24e74b9dae19aa81d60cf63712ee5f093b38d6cbafdf
GET /writable/635884680041691543_ric_ico_gray.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 15 Jan 2016 14:28:08 GMT
Accept-Ranges: bytes
ETag: "464fa0f4a04fd11:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 1252
mc2fsrl.com/img/home/btn_next.png
23.100.63.4200 OK 1.3 kB URL HTTP/1.1 mc2fsrl.com/img/home/btn_next.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 28 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 027e15c7b659c454bd0ca22509987039
6cc6bc5b9096e911a22171dcdd6268258cf5e67a
706a068ce4123e079a5142d19a9f207875a52caa7cdb5f51463333d96cddf2f0
GET /img/home/btn_next.png HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/styles/flexslider.css
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "c0c9aeba057d31:0"
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 1324
mc2fsrl.com/img/home/btn_als_prev.gif
23.100.63.4200 OK 245 B URL HTTP/1.1 mc2fsrl.com/img/home/btn_als_prev.gif
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 28 x 28\012- data
Hash afd61ba24c860a0340fac8495d7fb7b3
0de1eae84dbacc70d0fae698390e8d7c347571a7
f1ff72e9277fdc1f9146cb74ef5c5bec5d19a963a46469b218532ea8e528f3ea
GET /img/home/btn_als_prev.gif HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/styles/slick-theme.css
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "afe599eba057d31:0"
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 245
admin.mc2fsrl.com/writable/636995824742332901_RED%20C%2015-30%20VERTICALE%20open%20SFb.png
23.100.63.4200 OK 42 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/636995824742332901_RED%20C%2015-30%20VERTICALE%20open%20SFb.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash 1df8b9908c664a6c6019d56ac3479506
d69ac4100a6fdf0c73db2c5e53b52ed5ff121b38
b1f631d29f651d81d1f702b388b0fb41790117ee20e24a67134897819b992d6f
GET /writable/636995824742332901_RED%20C%2015-30%20VERTICALE%20open%20SFb.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 24 Jul 2019 14:27:54 GMT
Accept-Ranges: bytes
ETag: "e5a92cfb2b42d51:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 42537
mc2fsrl.com/img/home/foto%2013.jpg
23.100.63.4200 OK 148 kB URL HTTP/1.1 mc2fsrl.com/img/home/foto%2013.jpg
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2016:01:20 12:52:16], progressive, precision 8, 960x480, components 3\012- data
Size 148 kB (147820 bytes)
Hash 62b55c7d6ed2688ef00bfd17c7af3518
a4dc395f29ff123861f95817aa8c5674c399a386
d101b4a197d208de48eb984b162f7e64cdb943b6923d392b4000bdd5c2f6112a
GET /img/home/foto%2013.jpg HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "23f79aeba057d31:0"
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 147820
consent.cookiebot.com/uc.js?cbid=b64e16ba-d247-4610-8dfb-f3c9e7e97289
104.69.222.104200 OK 31 kB URL HTTP/2 consent.cookiebot.com/uc.js?cbid=b64e16ba-d247-4610-8dfb-f3c9e7e97289
IP 104.69.222.104:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499)
Hash bfd5d0da3a9fa6771af0a51a693752ba
89714adfe7ccb0273694a820f1987ea9a64fdac8
25aef9f0356f966fa85489dc0252fc78179bf3900a654f0a2d521a651df1cd4a
GET /uc.js?cbid=b64e16ba-d247-4610-8dfb-f3c9e7e97289 HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 07:31:36 GMT
accept-ranges: bytes
etag: "aeea9f60c2b6d81:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 31207
cache-control: public, max-age=552
expires: Thu, 15 Sep 2022 16:33:20 GMT
date: Thu, 15 Sep 2022 16:24:08 GMT
X-Firefox-Spdy: h2
mc2fsrl.com/img/home/btn_als_next.gif
23.100.63.4200 OK 374 B URL HTTP/1.1 mc2fsrl.com/img/home/btn_als_next.gif
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 29 x 28\012- data
Hash dbb6f6e9ceeedef14e8d605fb8c7dc8f
5daf03adfdc08e9a7bfb3d1446ce55b1c7d6e804
5846065f60084175400cda8e6fe96e91e7a00a8de0380e2e9ad7c9024380d935
GET /img/home/btn_als_next.gif HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/styles/slick-theme.css
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "8c099eba057d31:0"
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 374
admin.mc2fsrl.com/writable/635889019047050854_distribaria.jpg
23.100.63.4200 OK 26 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/635889019047050854_distribaria.jpg
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2016:01:20 15:31:49], progressive, precision 8, 230x140, components 3\012- data
Hash 0ea77b79f00bd2d755499aa314a152ee
f0ae09daedd5e315ab1b9a8edae551900a93da84
93bbe5458bc988228796c0bde190cdcd4b9e9be1166d8eb9ecbfc5f917bfff69
GET /writable/635889019047050854_distribaria.jpg HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 20 Jan 2016 15:00:57 GMT
Accept-Ranges: bytes
ETag: "67c5365e9353d11:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 26427
admin.mc2fsrl.com/writable/637175233844865482_RED%20C%2025-50%20open.png
23.100.63.4200 OK 35 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/637175233844865482_RED%20C%2025-50%20open.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash ce14d8fa31ddcb2f4b44904537080da2
854508c6423672eff0941c20c996c2d9654f3ce1
0c2b75e570c6ab82aa3f6804892e1747046b451d127bffd1e06eac675f2110ae
GET /writable/637175233844865482_RED%20C%2025-50%20open.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 17 Feb 2020 07:03:04 GMT
Accept-Ranges: bytes
ETag: "ca81c44c60e5d51:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 35392
admin.mc2fsrl.com/writable/635889019153322852_carpleggera.jpg
23.100.63.4200 OK 25 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/635889019153322852_carpleggera.jpg
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2016:01:20 15:30:45], progressive, precision 8, 230x140, components 3\012- data
Hash 30cfe095d8ff98c969005682919da845
c0fac714f7245a0d850b2410cc87c07e88fd161e
840f4d51d6fbc7dfcc9bf126f9e9b243fdb3b191b17f8189ed389dbdb3b398a0
GET /writable/635889019153322852_carpleggera.jpg HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 20 Jan 2016 15:01:08 GMT
Accept-Ranges: bytes
ETag: "e04c8c649353d11:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 24877
admin.mc2fsrl.com/writable/636996407967571989_RED%20C%2025-50%20VERTICALE%20open%20SFb.png
23.100.63.4200 OK 44 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/636996407967571989_RED%20C%2025-50%20VERTICALE%20open%20SFb.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash 8ca482ab42b32a8caea5ceb965c74908
500ccf1b4f6aeaa9e392e3120e4915ba219ae0a9
59e74a833267a64dc3da99984d984b609e9c0ac2225922c2d4bdcde9ba9e4e9e
GET /writable/636996407967571989_RED%20C%2025-50%20VERTICALE%20open%20SFb.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 25 Jul 2019 06:39:56 GMT
Accept-Ranges: bytes
ETag: "15901bc6b342d51:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 43614
mc2fsrl.com/img/ajax-loader.gif
23.100.63.4200 OK 4.2 kB URL HTTP/1.1 mc2fsrl.com/img/ajax-loader.gif
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 32 x 32\012- data
Hash c5cd7f5300576ab4c88202b42f6ded62
7a1aa43614396382bb15e5fde574d9cdcd21698f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
GET /img/ajax-loader.gif HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/styles/slick-theme.css
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "db7597eba057d31:0"
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 4178
admin.mc2fsrl.com/writable/637907159233983263_RED%20I%2015-60%20open%20SFb.png
23.100.63.4200 OK 583 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/637907159233983263_RED%20I%2015-60%20open%20SFb.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1038 x 1038, 8-bit/color RGBA, non-interlaced\012- data
Size 583 kB (583324 bytes)
Hash 8ac9f43f1d576ef91cbe65ee03b0e8f4
0bcff245d101fc9145be5296627b16cf83d584f7
147f9e3e03deebccfc2128540421b17a9ce33d7dee94745a099f3bdd25ddb990
GET /writable/637907159233983263_RED%20I%2015-60%20open%20SFb.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 13 Jun 2022 09:18:43 GMT
Accept-Ranges: bytes
ETag: "1f23d29367fd81:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 583324
mc2fsrl.com/img/home/foto%2016.jpg
23.100.63.4200 OK 170 kB URL HTTP/1.1 mc2fsrl.com/img/home/foto%2016.jpg
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2016:01:20 12:59:01], progressive, precision 8, 960x480, components 3\012- data
Size 170 kB (170098 bytes)
Hash 134c2d28cbd7fa599065c0bb780433d0
86677d30d095ef60f542c91dad93b61e8550473e
00a71d063675f94ab58bf18469887044c84d012b1a2d80b25bbba5fb19f88242
GET /img/home/foto%2016.jpg HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 07 Nov 2017 08:17:58 GMT
Accept-Ranges: bytes
ETag: "7fe19beba057d31:0"
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 170098
admin.mc2fsrl.com/writable/636108195395325752_UVC%2080%20H%20SFb.png
23.100.63.4200 OK 29 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/636108195395325752_UVC%2080%20H%20SFb.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash ff4aca6da35c1e93d0d2dc43b60a30b4
2547a0e8bc4fd518fe19ed27c3ff0b64b3a7df98
414a7e386fb5dce3032ac6d75b13d3019294eaad750250fe7d6a9a500e5cc93a
GET /writable/636108195395325752_UVC%2080%20H%20SFb.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 30 Sep 2016 06:05:39 GMT
Accept-Ranges: bytes
ETag: "38ff40abe01ad21:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 29393
admin.mc2fsrl.com/writable/635889018783808045_acustica.jpg
23.100.63.4200 OK 24 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/635889018783808045_acustica.jpg
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2016:01:20 15:29:30], progressive, precision 8, 230x140, components 3\012- data
Hash 38c027a875d691c9d50ac44565601f07
7ec6f2beb28ddd8322d7f21eedafbf611a982097
1d6f0c90a35ebae79437bbba68b9cb69266aeb736c8b966dd7928dcae3caf4b7
GET /writable/635889018783808045_acustica.jpg HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 20 Jan 2016 15:00:31 GMT
Accept-Ranges: bytes
ETag: "652c894e9353d11:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 23515
admin.mc2fsrl.com/writable/637175239553261614_RED%20C%2015-30%20open.png
23.100.63.4200 OK 36 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/637175239553261614_RED%20C%2015-30%20open.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash 42ee7ec979b29261a3841f52ddea3526
60a16b81bf1013684ce35987f20c9d791ed57b3b
84df07337f21dedfe251b397052c9cd0aaeba2fb7e1c848cfb0ef888ad9c336d
GET /writable/637175239553261614_RED%20C%2015-30%20open.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 17 Feb 2020 07:12:35 GMT
Accept-Ranges: bytes
ETag: "7b1a6a161e5d51:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 36504
admin.mc2fsrl.com/writable/635884679868477823_aud_ico_gray.png
23.100.63.4200 OK 1.3 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/635884679868477823_aud_ico_gray.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 899dc40b4470e48a1872d96675f2fb2f
e5ade127bb161ab27694eb40a09e481b3a579923
2b7b41450b5214d0af392744a606f05cff07057969f64fb166373052e1509f82
GET /writable/635884679868477823_aud_ico_gray.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 15 Jan 2016 14:27:51 GMT
Accept-Ranges: bytes
ETag: "83b34deaa04fd11:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 1313
admin.mc2fsrl.com/writable/637522719909225863_UVC%2015%20H%20JOLLY%20ISP.%20FILTRI.png
23.100.63.4200 OK 29 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/637522719909225863_UVC%2015%20H%20JOLLY%20ISP.%20FILTRI.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash 65ece6a7d72df0071f76268d91fe9808
bd5403fa58bac464617f987c2811d21b5b9404e3
9597747638715ee45767e7c2636cc99dca67650ffd79fe37e319b9aa8e7779be
GET /writable/637522719909225863_UVC%2015%20H%20JOLLY%20ISP.%20FILTRI.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 25 Mar 2021 11:26:30 GMT
Accept-Ranges: bytes
ETag: "87bd32b46921d71:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 29029
consentcdn.cookiebot.com/sdk/bc-v4.min.html
104.110.3.72200 OK 392 B URL HTTP/2 consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP 104.110.3.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators
Hash e7268eccad39bd651697fa793a52cc5c
47299cefa2397b0c1d0c5bf232390a5cf1bcc4d3
907e16c84d35556e4ed841a3511915e6d4bb4e9d68cfca178a740e90b4d80e35
GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31175407
expires: Mon, 11 Sep 2023 12:14:15 GMT
date: Thu, 15 Sep 2022 16:24:08 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2
admin.mc2fsrl.com/writable/637527055157041770_IndoorBlock30_1.png
23.100.63.4200 OK 30 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/637527055157041770_IndoorBlock30_1.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash 381af30583371331ae21cce4090f96f7
e525f75aa65db36c29f534a18631acd39a774496
593de2334c76935383d608f633394b6b6f46328bde0d58fff641efd9d3f4080c
GET /writable/637527055157041770_IndoorBlock30_1.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 30 Mar 2021 10:51:55 GMT
Accept-Ranges: bytes
ETag: "6a4a56b35225d71:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 29956
admin.mc2fsrl.com/writable/636111077385384508_REC-D8%2050%20EC%20SFb.png
23.100.63.4200 OK 30 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/636111077385384508_REC-D8%2050%20EC%20SFb.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash 27f597c5c5c60158a094482ddd6a5495
e9e3b0f79565f322edeb1fbb23a90992d961b52b
57c697bb37b8879bfa899990101ddaf11cbf173a5c740244c2c818f3ae8f48d6
GET /writable/636111077385384508_REC-D8%2050%20EC%20SFb.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 03 Oct 2016 14:08:58 GMT
Accept-Ranges: bytes
ETag: "44c741af7f1dd21:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 29554
admin.mc2fsrl.com/writable/636111084766028408_REC-D8%2050%20AC%20SFb.png
23.100.63.4200 OK 35 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/636111084766028408_REC-D8%2050%20AC%20SFb.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e720483c1173cb7908cd1ebc21282dd0
3f70e46c2557959aedd1e6276bdb6103e3d0b84d
b5f27a08b01996a9448617c108b1052eb245d5f054d0764b52d95dd0b9880f02
GET /writable/636111084766028408_REC-D8%2050%20AC%20SFb.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 03 Oct 2016 14:21:16 GMT
Accept-Ranges: bytes
ETag: "78122b67811dd21:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 35028
consent.cookiebot.com/b64e16ba-d247-4610-8dfb-f3c9e7e97289/cc.js?renew=false&referer=mc2fsrl.com&dnt=false&init=false
104.69.222.104200 OK 59 kB URL HTTP/2 consent.cookiebot.com/b64e16ba-d247-4610-8dfb-f3c9e7e97289/cc.js?renew=false&referer=mc2fsrl.com&dnt=false&init=false
IP 104.69.222.104:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65499)
Hash 15bc9321b85a90e61c252aae6f9cf500
34aefd85bc0721504cd84d842ac83ead309732f2
31eba39a7693a451ec12103500108a17f23976ed9c42a91100377423e504487d
GET /b64e16ba-d247-4610-8dfb-f3c9e7e97289/cc.js?renew=false&referer=mc2fsrl.com&dnt=false&init=false HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=1200
content-type: application/x-javascript; charset=utf-8
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 16:24:08 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 59162
date: Thu, 15 Sep 2022 16:24:08 GMT
X-Firefox-Spdy: h2
admin.mc2fsrl.com/writable/635889042146759700_cassone1.jpg
23.100.63.4200 OK 58 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/635889042146759700_cassone1.jpg
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2016:01:20 16:27:06], progressive, precision 8, 390x390, components 3\012- data
Hash d457cd2a2a3d77b0db2ba37e1baab396
ef156507792df71235fae1a75098461a136f7494
19361152df3a9acff1d958f09e5a36f090358dea3592edace9f5b4fdeef2f84b
GET /writable/635889042146759700_cassone1.jpg HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 20 Jan 2016 15:39:27 GMT
Accept-Ranges: bytes
ETag: "fd731cbf9853d11:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 57563
admin.mc2fsrl.com/writable/636105644287121750_VCP.jpg
23.100.63.4200 OK 21 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/636105644287121750_VCP.jpg
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=0, manufacturer=SAMSUNG, model=GT-I9505, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=I9505XXUBMEA, datetime=2014:11:20 15:03:13, width=0], baseline, precision 8, 240x240, components 3\012- data
Hash 586d7b4285a4e38ebd3003fe481d2c57
0f3657be352efaf424a8d4747e181a525390aec9
1be3c3432b7e904e652b33edc5eb5de11256ccdccd194e015ff87379d2ee4965
GET /writable/636105644287121750_VCP.jpg HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 27 Sep 2016 07:13:48 GMT
Accept-Ranges: bytes
ETag: "5695bb18e18d21:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 21013
admin.mc2fsrl.com/writable/636120302700364357_URP%2010%20HS%20SFb.png
23.100.63.4200 OK 36 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/636120302700364357_URP%2010%20HS%20SFb.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash b618bea0b82643e31dd3d855a9185246
b022a3571430f460b7bbea598c69bac4abf7ee86
15bb286f96cad48168b77a2b1501c7ed1e5f8fbcf15cd6715ac467df5d6b0d14
GET /writable/636120302700364357_URP%2010%20HS%20SFb.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 14 Oct 2016 06:24:30 GMT
Accept-Ranges: bytes
ETag: "45b2de9ee325d21:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 35966
admin.mc2fsrl.com/writable/637100155889081323_REC-D8%20800%20EC%20chiusa.bmp
23.100.63.4200 OK 173 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/637100155889081323_REC-D8%20800%20EC%20chiusa.bmp
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PC bitmap, Windows 3.x format, 240 x 240 x 24, image size 172800, resolution 3780 x 3780 px/m, cbSize 172854, bits offset 54\012- data
Size 173 kB (172854 bytes)
Hash d1d2fc9add9adf11bb0d51ee69062daa
5166b07418dc0b7516b6ba2f3c23f07341c3328e
6250fa3bd3695dc9c46650cd933824146369af9a4d6baaa8c4644d57a82aed9a
Analyzer Verdict Alert fortinet Phishing
GET /writable/637100155889081323_REC-D8%20800%20EC%20chiusa.bmp HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/bmp
Last-Modified: Fri, 22 Nov 2019 09:33:08 GMT
Accept-Ranges: bytes
ETag: "ebf3e1d917a1d51:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 172854
admin.mc2fsrl.com/writable/637552815994640487_Immagine7.png
23.100.63.4200 OK 173 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/637552815994640487_Immagine7.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 750 x 750, 8-bit/color RGBA, non-interlaced\012- data
Size 173 kB (173310 bytes)
Hash 1a803b24af3d4ab914b450f80e0875f0
679fcf2948bb112201f1c28a168df5763dca9c08
46c813c3a1c6da55598ee4a199999cfc972473bb16662746ff3724e4b80c7391
GET /writable/637552815994640487_Immagine7.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Apr 2021 06:26:39 GMT
Accept-Ranges: bytes
ETag: "d19ee9cc03cd71:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 173310
admin.mc2fsrl.com/writable/635884680275722628_carp_ico_red.png
23.100.63.4200 OK 875 B URL HTTP/1.1 admin.mc2fsrl.com/writable/635884680275722628_carp_ico_red.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 6112506e8cdce0a40fcffec69a0f2288
1680fde7d36f22701996d3cc70ea6ba52c8bf062
8f0f2698ad4c890de4e1d5426e77a04e5531d45e4d65656b2b31d56da98bf0f6
GET /writable/635884680275722628_carp_ico_red.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 15 Jan 2016 14:28:32 GMT
Accept-Ranges: bytes
ETag: "da5a932a14fd11:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 875
admin.mc2fsrl.com/writable/635884679641607897_aria_ico_red.png
23.100.63.4200 OK 2.0 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/635884679641607897_aria_ico_red.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 48 x 48, 8-bit/color RGB, non-interlaced\012- data
Hash 3ae5d82a9419334929a6886564779f31
3f382ca17ca8427e5902c845b0f76131631ca4f6
0bb1e20759dee52b357c9c0970fbcb9c90a67afeebed5c30045a8e5817cfc2a6
GET /writable/635884679641607897_aria_ico_red.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 15 Jan 2016 14:27:28 GMT
Accept-Ranges: bytes
ETag: "1f86c8dca04fd11:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 2001
admin.mc2fsrl.com/writable/637026920225503942_VCD-EC_3.bmp
23.100.63.4200 OK 173 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/637026920225503942_VCD-EC_3.bmp
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PC bitmap, Windows 3.x format, 240 x 240 x 24, image size 172800, resolution 4331 x 4331 px/m, cbSize 172854, bits offset 54\012- data
Size 173 kB (172854 bytes)
Hash 27d535759dc38edda73cfa498327997d
d36b47948db3a586d0aee63345b6fd3d698e5da0
839c8aac19e3c48a8fba679ed42343f2189359a03e96905774e2e453941d2e32
Analyzer Verdict Alert fortinet Phishing
GET /writable/637026920225503942_VCD-EC_3.bmp HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/bmp
Last-Modified: Thu, 29 Aug 2019 14:13:42 GMT
Accept-Ranges: bytes
ETag: "c62a67f6735ed51:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 172854
admin.mc2fsrl.com/writable/637267929226877757_1.bmp
23.100.63.4200 OK 173 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/637267929226877757_1.bmp
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PC bitmap, Windows 3.x format, 240 x 240 x 24, image size 172800, resolution 3780 x 3780 px/m, cbSize 172854, bits offset 54\012- data
Size 173 kB (172854 bytes)
Hash 46961a31cda639c3562bf260e3f6c86f
c74418674955fd9160d548cc7a43e6433d9b0cc9
1083cc96682d828c06d619affdd100532fc4121de19bbede304ef45be77ae984
Analyzer Verdict Alert fortinet Phishing
GET /writable/637267929226877757_1.bmp HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/bmp
Last-Modified: Wed, 03 Jun 2020 12:55:22 GMT
Accept-Ranges: bytes
ETag: "3d4b513ea639d61:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 172854
admin.mc2fsrl.com/writable/635884679868477823_aud_ico_red.png
23.100.63.4200 OK 1.3 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/635884679868477823_aud_ico_red.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 413637652680446c5cd0dd44ec3b2fb0
25eee1641d8e66c140e18cf28325ecab985ddae8
d731bc7c84e19f9a499679bbb97f244f52508d033fcff6b4c4031a25d9b60651
GET /writable/635884679868477823_aud_ico_red.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 15 Jan 2016 14:27:51 GMT
Accept-Ranges: bytes
ETag: "ec6e4eeaa04fd11:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 1309
admin.mc2fsrl.com/writable/635884680041741557_ric_ico_red.png
23.100.63.4200 OK 1.3 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/635884680041741557_ric_ico_red.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c535a05d96d7f63b38c2d8fff0d50bc2
b0606d762acd56ef0ac448baea9356c165b3facb
00d2785748c4a6dfac779522cd57961ed2fa6589b25439a2f0f3c7f40d28c79e
GET /writable/635884680041741557_ric_ico_red.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 15 Jan 2016 14:28:08 GMT
Accept-Ranges: bytes
ETag: "d7ca1f4a04fd11:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 1313
mc2fsrl.com/favicon.ico
23.100.63.4404 Not Found 1.2 kB IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
GET /favicon.ico HTTP/1.1
Host: mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/default.aspx
Cookie: ASP.NET_SessionId=bndugiowcmkz0bbhc1bhdqba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/8.0
X-Powered-By: UrlRewriter.NET 1.7.0, ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 1245
privacy.andytimes.it/Privacy/privacy-cookie.ashx
23.100.63.4200 OK 0 B URL HTTP/1.1 privacy.andytimes.it/Privacy/privacy-cookie.ashx
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /Privacy/privacy-cookie.ashx HTTP/1.1
Host: privacy.andytimes.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 55
Origin: https://mc2fsrl.com
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/8.0
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:39 GMT
Content-Length: 0
admin.mc2fsrl.com/writable/637907158251463977_RED%20I%2015-30%20open%20SFb.png
23.100.63.4200 OK 301 kB URL HTTP/1.1 admin.mc2fsrl.com/writable/637907158251463977_RED%20I%2015-30%20open%20SFb.png
IP 23.100.63.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 736 x 736, 8-bit/color RGBA, non-interlaced\012- data
Size 301 kB (300811 bytes)
Hash 67070e22279e1cae2980888c20773126
817023e3444036f2bab47446695747a4b1fcd0b0
a56a394b83db349212f339079b0dcd6c32565d11c7ef48b1a1949ed3c94917e1
GET /writable/637907158251463977_RED%20I%2015-30%20open%20SFb.png HTTP/1.1
Host: admin.mc2fsrl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc2fsrl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 13 Jun 2022 09:17:05 GMT
Accept-Ranges: bytes
ETag: "2915425967fd81:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 15 Sep 2022 16:23:38 GMT
Content-Length: 300811
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3862
Expires: Thu, 15 Sep 2022 17:28:30 GMT
Date: Thu, 15 Sep 2022 16:24:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3862
Expires: Thu, 15 Sep 2022 17:28:30 GMT
Date: Thu, 15 Sep 2022 16:24:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1633672fad0b564108cf81ad711dc881
d37ad0f40bc1f3f0022467dd0af2478980bd858a
cc7176a297f6009f07074fb9af796132b4452833be675bf378cc950fe81a582a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9071
x-amzn-requestid: b450f7cf-6cc7-4d1f-aef3-4496f0971727
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeIxuEq6oAMF9jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632254d7-6912ef8731d81fa43b805e5b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:25:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6LDUuDX1W8-Q88pDJma0xCAd5QuJ0YV-VpJ_8LVyDHX9YN1k0fQZ8Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:25:28 GMT
etag: "d37ad0f40bc1f3f0022467dd0af2478980bd858a"
content-type: image/jpeg
age: 64720
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e5f57ba37fac4e6047a9a321a8ec084
f6b742549ea35a4b1345cffb937a8bbcceee08ef
f8c67c54806e47089b9ba297599e3e4cde1fd2e2e38b76acc9e8de0e99d7b77e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6770
x-amzn-requestid: b7c9513c-b8ba-41c7-9f9a-0a9d2266172d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEVRIAMFygA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7a4408363cdc46c9355a9f47;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fqj5PljprRruE1jwYAVwKoHkjys-RakUjzuV67_Ued6T4et99JPxPg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:42:04 GMT
age: 67324
etag: "f6b742549ea35a4b1345cffb937a8bbcceee08ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a6939786c9343412c9af87efd3f44e0
14131148fda4e8d85b582fd20e76bcc814341bf1
8412c50f0fdc131d9c4422f2d7307fc1ee062c3580a1d754ef71cf84f9727d49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8447
x-amzn-requestid: 6a307dbf-af18-4b40-a2c4-cda4a6e302d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLe84HUzIAMFkUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631adeb8-166dc8b954f4e5b50a0843de;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 06:35:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qQaQeJRgo5OcpjqbzgyZQCl-pYpvj6P_aoB07WGfV0YXyZqv4AQNCg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:42:17 GMT
age: 67311
etag: "14131148fda4e8d85b582fd20e76bcc814341bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f50c34bc30a732593e8fe465055a44ff
af100925cba1be716fd2200715d6136bd7f0c5bc
703049736ccc8815945d69634059c4cd39533417e0969107d460c36a6787c761
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5078
x-amzn-requestid: b6177371-a8ba-4541-a48d-21bd806e866e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0erUHT-IAMFWKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311ab15-157ed5b700e0aad5481f5c0f;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:04:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vlo8vCUrKDtvhAGHSYKMmPk-wVNgx9OlU3ZVrpgG0tgk8ZBllAtXNQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:58 GMT
age: 72130
etag: "af100925cba1be716fd2200715d6136bd7f0c5bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4833535b1650b0ac875704023b650e66
96ab8cd8e14350f730d26731f3445710324e24e2
d2b5a51e39a4890ba56e819d4d5d1d57d4d3cfc50dde42efdf23b8e9be17d1c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9400
x-amzn-requestid: 8cf35176-18a1-427b-870c-bdae465060c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYM18E-iIAMFcmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ff4f2-427bc0ff6593e71e25b91589;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 03:11:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0nTpbTo79RT78Sin1pTWaq4pRKWZyqnBkZCT2p66wWoW-A1OScJmIg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:09 GMT
age: 72179
etag: "96ab8cd8e14350f730d26731f3445710324e24e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ef9865421a37eae9a4df04083d27485
c7cf1f6a259cece60a34261ec83ee00736e1d72b
723b65ba660f22281f85d6caceea23e9cd932ee9084dc905a08a585746c4c4cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9922
x-amzn-requestid: de1e3e45-74ff-41b2-986f-e78473cb6d98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YVc1SGM7IAMFw0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631edb54-2099524d6f2c338b41eea101;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 07:10:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: g4LYoK2-sx5QTvWPxwsh8yhHjOswmtzMB6d4N9YAvQOvspuvSFbJOA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:17:07 GMT
age: 65221
etag: "c7cf1f6a259cece60a34261ec83ee00736e1d72b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f42b72c3fd66a6758ebcf0ca8cc1a046
13d42d455f5131b7b861b97eb3f0e91236d4d222
4a07fcacde77dc890164fda9f295b61af6947b2d7f3f84f64749d93e3a1e5b99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10633
x-amzn-requestid: 2a8ec7f2-8704-440e-9966-ae4643d6aa5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YdyhcF6RIAMFTEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322313c-4d1bfab72580e62231978193;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 19:53:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Dr0K5GobFSc2ooWzPsbe6tfoTbF_NglaVuT8z-cM-B0AufMh_PohhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:13 GMT
age: 72182
etag: "13d42d455f5131b7b861b97eb3f0e91236d4d222"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2