r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11264
Expires: Mon, 14 Nov 2022 15:46:52 GMT
Date: Mon, 14 Nov 2022 12:39:08 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 832aecaba9f06ee2d39d4d4bea65f13c
7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc
a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5295
Cache-Control: max-age=170424
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:08 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 11:59:32 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.lmlenzitrasporti.com/page1/rola/posten/
62.149.140.201200 OK 311 kB URL HTTP/1.1 www.lmlenzitrasporti.com/page1/rola/posten/
IP 62.149.140.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (13785)
Size 311 kB (311417 bytes)
Hash 504601642f169a3af366d64b51f6dfa1
5cd8b2af1eeab2c6e7f0d25687f0dae82b158fae
e05e1a1624dccd5d3b039752357693ff3dde1d6fbb9b00b8c24197d792ab2de2
Analyzer Verdict Alert openphish Posten Norge
fortinet Phishing
GET /page1/rola/posten/ HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 12:39:08 GMT
Server: Apache
Last-Modified: Mon, 01 Mar 2021 06:26:11 GMT
ETag: "e418da5b-4c079-5bc73b1a7c2e9"
Accept-Ranges: bytes
Content-Length: 311417
X-Aruba-Cache: NA
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 14 Nov 2022 11:44:34 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3274
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c88bc06741ab9fb81c2544acfcc34aa2
362cab19cff5aba27f472cc00071d5dfa38192e4
314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7142
Expires: Mon, 14 Nov 2022 14:38:10 GMT
Date: Mon, 14 Nov 2022 12:39:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: lEeMslWk8hOJ8ph5V43u2iYkDJNhAH4hT62iFC20H3oL4WcOq9VtgZAOQd9dGZ6O8PU0c2b91Q4=
x-amz-request-id: KF44A1EHJ77VXDER
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 14 Nov 2022 12:13:51 GMT
age: 1517
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 14 Nov 2022 12:39:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=49775
date: Mon, 14 Nov 2022 12:39:08 GMT
X-Firefox-Spdy: h2
www.lmlenzitrasporti.com/page1/rola/posten/file/new-style.css
62.149.140.201200 OK 70 kB URL HTTP/1.1 www.lmlenzitrasporti.com/page1/rola/posten/file/new-style.css
IP 62.149.140.201:0
File type ASCII text, with very long lines (306), with CRLF line terminators
Hash 73a653cde1e623ed4821fc349af9acd4
ebe859b1e01486b5b0f891c189b7dd6f5e5e0acb
c114ac82e20a42a83b74b5cc501010ee1e43f8fd4ef83a79421fd6677891ea7d
GET /page1/rola/posten/file/new-style.css HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 12:39:08 GMT
Server: Apache
Last-Modified: Mon, 01 Mar 2021 06:20:12 GMT
ETag: "e7837a69-11366-5bc739c3ce643"
Accept-Ranges: bytes
Content-Length: 70502
X-Aruba-Cache: NA
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/css
cdn.mycomandia.com/static/shop/common/fonts/flaticon/flaticon.css?v=2019.12.17
176.31.232.62200 OK 1.2 kB URL HTTP/2 cdn.mycomandia.com/static/shop/common/fonts/flaticon/flaticon.css?v=2019.12.17
IP 176.31.232.62:0
Hash e8b5e4d5eb0df11eb339ba959520b978
24777a5efa576aec4026ff30bcf4fd6ecd81b003
2650ffdcb2bf4147d062825fee353bd86e80c1f1c22c0b29ea856fdd3213e0a3
GET /static/shop/common/fonts/flaticon/flaticon.css?v=2019.12.17 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 12:39:08 GMT
content-type: text/css
content-length: 1210
last-modified: Mon, 02 Sep 2019 15:03:52 GMT
etag: "5d6d2f58-4ba"
server: rebelio-n1
expires: Tue, 14 Nov 2023 12:39:08 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.mycomandia.com/static/shop/common/css/validationEngine.jquery.css?v=2019.12.17
176.31.232.62200 OK 3.3 kB URL HTTP/2 cdn.mycomandia.com/static/shop/common/css/validationEngine.jquery.css?v=2019.12.17
IP 176.31.232.62:0
File type ASCII text, with CRLF line terminators
Hash a8935f51f8ca663bf3a18d4b1da31bf7
6f2e6f9c21ced7020e6d8c73c2e8ad71d797aa9d
cd363d0f8425d6b271c14ee5d6a8d693c3aa1323b64979b69c69d26661927303
GET /static/shop/common/css/validationEngine.jquery.css?v=2019.12.17 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 12:39:08 GMT
content-type: text/css
content-length: 3334
last-modified: Fri, 14 Aug 2015 20:41:08 GMT
etag: "55ce5264-d06"
server: rebelio-n1
expires: Tue, 14 Nov 2023 12:39:08 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b2d6aeeb303eaefc4cc6900e30da3b1b
4c3c027013211aa1b987006d0eb6c72f18c6a657
f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tienda.correos.es/css/common-dynamic.css
94.23.87.92200 OK 717 B URL HTTP/1.1 tienda.correos.es/css/common-dynamic.css
IP 94.23.87.92:0
File type ASCII text, with CRLF line terminators
Hash 45bca144e962bb998d9d807e54e521c3
63beb9c869ed56068010f501fde069d8e02164d7
31dda737e3779db2e9efd81ab860e724f61738acce5b10558cb6c56c76daf544
GET /css/common-dynamic.css HTTP/1.1
Host: tienda.correos.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: server
Date: Mon, 14 Nov 2022 12:39:09 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Backend: 3
Content-Encoding: gzip
X-IPLB-Request-ID: 5B5A2A9A:86EB_5E17575C:01BB_637236EC_15B8A:23F71
X-IPLB-Instance: 35326
Set-Cookie: SERVERID139651=8b65149d|Y3I28|Y3I28; path=/; HttpOnly
Cache-control: private
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b2d6aeeb303eaefc4cc6900e30da3b1b
4c3c027013211aa1b987006d0eb6c72f18c6a657
f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.lmlenzitrasporti.com/page1/rola/posten/file/f.txt
62.149.140.201200 OK 30 kB URL HTTP/1.1 www.lmlenzitrasporti.com/page1/rola/posten/file/f.txt
IP 62.149.140.201:0
File type ASCII text, with very long lines (1994), with CRLF line terminators
Hash de7af9d1087edf65499fa8ce40a3c986
1596691629bae9f57063992bdf1af732d447559a
324573528cdc2d00cee54159016323477090223630c684b4cc46b9e437cb13c8
Analyzer Verdict Alert fortinet Phishing
GET /page1/rola/posten/file/f.txt HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Last-Modified: Mon, 01 Mar 2021 06:20:12 GMT
ETag: "e695ff40-742e-5bc739c3c711f"
Accept-Ranges: bytes
Content-Length: 29742
X-Aruba-Cache: NA
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: text/plain
tienda.correos.es/css/common-dynamic.css
94.23.87.92200 OK 717 B URL HTTP/1.1 tienda.correos.es/css/common-dynamic.css
IP 94.23.87.92:0
File type ASCII text, with CRLF line terminators
Hash 45bca144e962bb998d9d807e54e521c3
63beb9c869ed56068010f501fde069d8e02164d7
31dda737e3779db2e9efd81ab860e724f61738acce5b10558cb6c56c76daf544
GET /css/common-dynamic.css HTTP/1.1
Host: tienda.correos.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: server
Date: Mon, 14 Nov 2022 12:39:09 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Backend: 1
Content-Encoding: gzip
X-IPLB-Request-ID: 5B5A2A9A:86EB_5E17575C:01BB_637236ED_15B8B:23F71
X-IPLB-Instance: 35326
Set-Cookie: SERVERID139651=c80001a3|Y3I28|Y3I28; path=/; HttpOnly
Cache-control: private
cdn.mycomandia.com/static/logos/correos-paq-72-mini.png
176.31.232.62200 OK 2.4 kB URL HTTP/2 cdn.mycomandia.com/static/logos/correos-paq-72-mini.png
IP 176.31.232.62:0
File type PNG image data, 175 x 30, 8-bit/color RGBA, interlaced\012- data
Hash ad8f5552abb3d774a9c23cf3b0c9272b
4fc71ddac34c0b7438effc6883956ba2149a6a0c
984461e2d55896f29bb79d75b8ab42c1f8c4111bd2fb0c5f03dbc50d1b24b894
GET /static/logos/correos-paq-72-mini.png HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 12:39:09 GMT
content-type: image/png
content-length: 2373
last-modified: Mon, 03 May 2021 17:05:44 GMT
etag: "60902d68-945"
server: rebelio-n1
expires: Tue, 14 Nov 2023 12:39:09 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.mycomandia.com/static/logos/correos-paq72.png
176.31.232.62200 OK 2.0 kB URL HTTP/2 cdn.mycomandia.com/static/logos/correos-paq72.png
IP 176.31.232.62:0
File type PNG image data, 128 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 567c7f32c85fe6ca5625f95403eb05e9
ef5da723f8b205d4f75bcb2b63b6e948fa25f330
5d2fb215dbbcbfd1bd663a0cdeaf31c63abde8c6f20aa63551733ebc498bf605
GET /static/logos/correos-paq72.png HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 12:39:09 GMT
content-type: image/png
content-length: 1976
last-modified: Mon, 07 Sep 2020 20:01:44 GMT
etag: "5f5691a8-7b8"
server: rebelio-n1
expires: Tue, 14 Nov 2023 12:39:09 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.lmlenzitrasporti.com/page1/rola/posten/file/1(1).txt
62.149.140.201200 OK 1.5 kB URL HTTP/1.1 www.lmlenzitrasporti.com/page1/rola/posten/file/1(1).txt
IP 62.149.140.201:0
File type ASCII text, with very long lines (1529), with no line terminators
Hash f63ac3d276b7077a987675d6006a39dd
a226c5e9acbafd79dab86c1018c274a879cdb5a1
ea0ff8a36f44af31d5379e7c0a28551018e697d4d424f9f31cdd37ed8891616d
Analyzer Verdict Alert fortinet Phishing
GET /page1/rola/posten/file/1(1).txt HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Last-Modified: Mon, 01 Mar 2021 06:20:11 GMT
ETag: "e695ff38-5f9-5bc739c3bdcc3"
Accept-Ranges: bytes
Content-Length: 1529
X-Aruba-Cache: NA
Keep-Alive: timeout=15, max=97
Connection: Keep-Alive
Content-Type: text/plain
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1af800aa2b326e8af0f2640db68a7a0d
4c617814f5c705737bf4bf111c53bf40bb932af5
594f573b6e73b1d385ae75a518c18a0bb833ac4a3f894fcea377096c756f8cc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/css/postenstyle.css
62.149.140.201404 Not Found 254 B URL HTTP/1.1 www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/css/postenstyle.css
IP 62.149.140.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8877e598a6957ca70e7b238164b24a68
b2fda5b285d164fb3e1a5dbb593973f4b15718ce
644f34ea4ea6eaafc581645e50be26e8d08ba87224fea1d13f5d1b1ff438033d
GET /_/asset/no.posten.website:1594301215/css/postenstyle.css HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Content-Length: 254
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/bundle.js
62.149.140.201404 Not Found 247 B URL HTTP/1.1 www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/bundle.js
IP 62.149.140.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5b19b643f388e39168fb9924cc50f99b
eb13aa00e08744f4066de55dc2c59c1960c99110
34a5b64299a36157c0a5f7cbe970243aa1fc0113e8e5c74b0c5731ea3134ce39
Analyzer Verdict Alert fortinet Phishing
GET /_/asset/no.posten.website:1594301215/js/bundle.js HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Content-Length: 247
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/chatbot.js
62.149.140.201404 Not Found 248 B URL HTTP/1.1 www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/chatbot.js
IP 62.149.140.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f795cb471edbaa7817880a2e73a1a73b
8adf12001d4b11a01c996a2ff375ae87b6b23aa4
36c6bb8da9872370e4a4cf828514100ccdc3cca6bebb81feb6647bbd989b80f5
Analyzer Verdict Alert fortinet Phishing
GET /_/asset/no.posten.website:1594301215/js/chatbot.js HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Content-Length: 248
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
siteimproveanalytics.com/js/siteanalyze_6015663.js
172.64.143.34200 OK 13 kB URL HTTP/1.1 siteimproveanalytics.com/js/siteanalyze_6015663.js
IP 172.64.143.34:0
File type Unicode text, UTF-8 text, with very long lines (46126), with no line terminators
Hash 8d34b09483a348aee12efa3ac53237d1
7da6ecc2b915b04cffaa8cce4729f045b14928fa
3eaff7010e8f409a2c3eb1bb86608c66191110f22d6d9ae427fbae37c028db07
GET /js/siteanalyze_6015663.js HTTP/1.1
Host: siteimproveanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 12:39:09 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 13074
Connection: keep-alive
x-amz-id-2: gENEtPecMLe26Bw56WSHM6K1yBzstMaGLkVRxxRyIVzzfBEVpseztVVHJAyrnUV8xdp8Nw5EYTU=
x-amz-request-id: YHZKZRSAQ69HVXGV
Cache-Control: max-age=86400, no-transform
Content-Encoding: gzip
Last-Modified: Fri, 11 Nov 2022 10:21:56 GMT
ETag: "8d34b09483a348aee12efa3ac53237d1"
CF-Cache-Status: HIT
Age: 6446
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BI4S8BtzErIZcZA8NLouVv0bYw6ZvuTGyFqsttD72NV0kyRHWdA5yWR%2BunlAMgQzbUmJiUZk4E%2BEPPRrm0CrXS1Vt1FMRNYIO5htTWGuhQrBX3AKP9D%2F82Gi5%2F%2BnFuvemBq1ClyjOHSVnVA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769fceeb8c747743-LHR
alt-svc: h2=":443"; ma=60
www.lmlenzitrasporti.com/page1/rola/posten/file/1.txt
62.149.140.201200 OK 263 B URL HTTP/1.1 www.lmlenzitrasporti.com/page1/rola/posten/file/1.txt
IP 62.149.140.201:0
File type ASCII text, with no line terminators
Hash 628aab205fc5a86c455467f9ebcf5e9c
90d8bf119e9c1c3b36d12b96669093bf31575625
c941476875f1024e95df21890a7eb5eddc4acd304a54a8c3b0b033f3356bdaf1
Analyzer Verdict Alert fortinet Phishing
GET /page1/rola/posten/file/1.txt HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Last-Modified: Mon, 01 Mar 2021 06:20:11 GMT
ETag: "e695ff39-107-5bc739c3be862"
Accept-Ranges: bytes
Content-Length: 263
X-Aruba-Cache: NA
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/plain
in.taskanalytics.com/00012/tm.js?r=&1595299259690
54.216.252.255403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595299259690
IP 54.216.252.255:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
GET /00012/tm.js?r=&1595299259690 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1595299259698
54.216.252.255403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595299259698
IP 54.216.252.255:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
GET /00012/tm.js?r=&1595299259698 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur
cdn.mycomandia.com/static/shop/common/bundle/bootstrap-4.1.0/css/bootstrap.min.css?v=2019.12.17
176.31.232.62200 OK 28 kB URL HTTP/2 cdn.mycomandia.com/static/shop/common/bundle/bootstrap-4.1.0/css/bootstrap.min.css?v=2019.12.17
IP 176.31.232.62:0
Hash a2bc347b69d7b237cce7a105b7db1dab
afeb04a7547ceca59dc386fc1aa6a847c951aabe
163779b58018ea27b0a57fe68432c446e138edd5a8d2cecf1836f031798e4888
GET /static/shop/common/bundle/bootstrap-4.1.0/css/bootstrap.min.css?v=2019.12.17 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 12:39:08 GMT
content-type: text/css
last-modified: Mon, 23 Apr 2018 19:31:08 GMT
vary: Accept-Encoding
etag: W/"5ade347c-22485"
server: rebelio-n1
expires: Tue, 14 Nov 2023 12:39:08 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
142.250.74.168302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1373afd5f63dc37d3b1e0cd4a9857230
c6f8ae3f09ce337c9e491f0946bdfe8eab86188a
989490b30a61855760b9f74412798e09385461c1f5f07e630d5fa943bc27a47e
GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-M83DX4
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 14 Nov 2022 12:39:09 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
in.taskanalytics.com/00012/tm.js?r=&1595285185398
54.216.252.255403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595285185398
IP 54.216.252.255:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
GET /00012/tm.js?r=&1595285185398 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur
cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/posten.css
151.101.85.229200 OK 29 kB URL HTTP/2 cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/posten.css
IP 151.101.85.229:0
File type Unicode text, UTF-8 text, with very long lines (54670)
Hash cab4a25d88a7f23bbe46846ffc169ace
d470188177492d7ce663c298301c852a9cfbde59
6971be30d85421291f18493ae6d84494f4fc9cd42d194aefd7197031f730cbe7
GET /npm/@posten/hedwig@11/dist/posten.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 11.9.5
x-jsd-version-type: version
etag: W/"35ae7-VIUJ2giFc9+RlRgcbyfbUh4mbO8"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 14 Nov 2022 12:39:09 GMT
age: 10205
x-served-by: cache-fra-eddf8230074-FRA, cache-bma1635-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29077
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@posten/hedwig@11/assets/fonts.css
151.101.85.229200 OK 542 B URL HTTP/2 cdn.jsdelivr.net/npm/@posten/hedwig@11/assets/fonts.css
IP 151.101.85.229:0
Hash b24719d55767c669113336d8c684644d
24067e2371e11e36586528918e5c7adb7356edb9
ff84dceacce38a1a37e28e25757da04eec677c08070213f46fa0384c375ca2e7
GET /npm/@posten/hedwig@11/assets/fonts.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 11.9.5
x-jsd-version-type: version
etag: W/"855-mRW2/GJzwxRji+sy+ksrjfYsJnE"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 14 Nov 2022 12:39:09 GMT
age: 12338
x-served-by: cache-fra19167-FRA, cache-bma1635-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 542
X-Firefox-Spdy: h2
cdn.mycomandia.com/static/shop/common/bundle/font-awesome-5/web-fonts-with-css/css/fontawesome-all.min.css?v=2019.12.17
176.31.232.62200 OK 9.2 kB URL HTTP/2 cdn.mycomandia.com/static/shop/common/bundle/font-awesome-5/web-fonts-with-css/css/fontawesome-all.min.css?v=2019.12.17
IP 176.31.232.62:0
Hash c7d3dfd8ea11238d97b3ede57bbe49e9
3a7f52605ee388f2b24187be4e71fd16165250c0
39e34be53eaf460fe801e758eb6b754a0e493e00e9e1b9828741d9dde7139f4e
GET /static/shop/common/bundle/font-awesome-5/web-fonts-with-css/css/fontawesome-all.min.css?v=2019.12.17 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 12:39:08 GMT
content-type: text/css
last-modified: Mon, 23 Apr 2018 19:31:08 GMT
vary: Accept-Encoding
etag: W/"5ade347c-8ef7"
server: rebelio-n1
expires: Tue, 14 Nov 2023 12:39:08 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/icons.min.js
151.101.85.229200 OK 325 B URL HTTP/2 cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/icons.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (484)
Hash 3cf89faabd93e7347ff136ce46273e50
11e620a5bdd6f53f699c1117f6abfd368275df67
162897c7f4536145c8f704320004aa5b68d7d08c9e080065657fd1dcee4979f8
GET /npm/@posten/hedwig@11/dist/icons.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.9.5
x-jsd-version-type: version
etag: W/"1e5-WAbOTOVCBaDeieReJgLvn/XKjp4"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 14 Nov 2022 12:39:09 GMT
age: 18759
x-served-by: cache-fra19147-FRA, cache-bma1635-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 325
X-Firefox-Spdy: h2
in.taskanalytics.com/00012/tm.js?r=&1595299259862
54.216.252.255403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595299259862
IP 54.216.252.255:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
GET /00012/tm.js?r=&1595299259862 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur
cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/main.js
151.101.85.229200 OK 55 kB URL HTTP/2 cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/main.js
IP 151.101.85.229:0
File type Unicode text, UTF-8 text, with very long lines (33341), with NEL line terminators
Hash 85b6190fdaeadf4eefe23d56a6dd737c
94336301dde68a895e3f126fbb30613a7825390b
53492ed7b06c0b33cddf8f28f2321e747aa37cbfbe81992ae4aafee469c5677f
GET /npm/@posten/hedwig@11/dist/main.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.9.5
x-jsd-version-type: version
etag: W/"28181-2EKNrg/BGxLC+Dxm4axLofxXAq8"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 14 Nov 2022 12:39:09 GMT
age: 18759
x-served-by: cache-fra19165-FRA, cache-bma1635-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 55029
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=DC-9852050&l=dataLayer&cx=c
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-9852050&l=dataLayer&cx=c
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 4cad29d74725714e61a37c3ac8f117c9
7ef22110b2617054b394b0c75ea00bc285df5db9
22f888610503da841e478e40d54f48f115e51b8e42f57fc8d2ee8fc65bc7516b
GET /gtag/js?id=DC-9852050&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 14 Nov 2022 12:39:09 GMT
expires: Mon, 14 Nov 2022 12:39:09 GMT
cache-control: private, max-age=900
last-modified: Mon, 14 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44242
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 14 Nov 2022 12:25:01 GMT
cache-control: public,max-age=3600
age: 848
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (23428)
Hash 9686503b7d5642e78fee39152a52dedd
e6eb6dbe08d010ea29c6f763cfdb1bc38f6dd207
cf21b8c8ffdda6fed07c2fb390b532008a13e6dd083f286082c21a1fac5a306c
GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.lmlenzitrasporti.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 14 Nov 2022 12:39:09 GMT
expires: Mon, 14 Nov 2022 12:39:09 GMT
cache-control: private, max-age=900
last-modified: Mon, 14 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76521
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 8af3a150c8d71c52aa93e553ab576bf5
53537ee37ecc5ac396e4df09d18f6899fdfa1078
53159401f00d7839a26ddb25ba4925e051fef2b3cfac155e272a8f34722f6a31
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 12:39:09 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "68C54179ECC307DDC05641606269A20E45F7FD8D"
Expires: Mon, 14 Nov 2022 23:00:00 GMT
Last-Modified: Mon, 14 Nov 2022 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 820
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769fceec6a50b51d-OSL
www.lmlenzitrasporti.com/page1/rola/posten/file/js
62.149.140.201200 OK 86 kB URL HTTP/1.1 www.lmlenzitrasporti.com/page1/rola/posten/file/js
IP 62.149.140.201:0
File type ASCII text, with very long lines (1578), with CRLF line terminators
Hash 3bc2dba628f72e4cb686cabe461d5817
2e462c205994b0b805bdb67c5270493d4767bbfc
a0244e6ec83e84391c2f82f729629fb848a1d480816753b46e0ab1eed258e516
Analyzer Verdict Alert fortinet Phishing
GET /page1/rola/posten/file/js HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Last-Modified: Mon, 01 Mar 2021 06:20:12 GMT
ETag: "e7837a67-150db-5bc739c3cc338"
Accept-Ranges: bytes
Content-Length: 86235
X-Aruba-Cache: NA
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/plain
in.taskanalytics.com/00012/tm.js?r=&1595299259862
54.216.252.255403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595299259862
IP 54.216.252.255:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
GET /00012/tm.js?r=&1595299259862 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1595299259690
54.216.252.255403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595299259690
IP 54.216.252.255:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
GET /00012/tm.js?r=&1595299259690 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1af800aa2b326e8af0f2640db68a7a0d
4c617814f5c705737bf4bf111c53bf40bb932af5
594f573b6e73b1d385ae75a518c18a0bb833ac4a3f894fcea377096c756f8cc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
in.taskanalytics.com/00012/tm.js?r=&1595299259698
54.216.252.255403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595299259698
IP 54.216.252.255:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
GET /00012/tm.js?r=&1595299259698 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 71ce511016c35873398f6ef07fcc93d1
7938922f1a045429a9ff860b4c4687884db180b1
84ba6efae37e39f1aa5b0f9d829a7115a8f0f0c0678e386e95ffad63732160e1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158613
Date: Mon, 14 Nov 2022 12:39:09 GMT
Etag: "6371fcc8-1d7"
Expires: Wed, 16 Nov 2022 08:42:42 GMT
Last-Modified: Mon, 14 Nov 2022 08:31:04 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: u-de9ruaTafUgSDlKTHXs37Uwy-g1dZdwGu7c22gOscTFhdf_li7HA==
Age: 698
www.lmlenzitrasporti.com/page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement
62.149.140.201404 Not Found 250 B URL HTTP/1.1 www.lmlenzitrasporti.com/page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement
IP 62.149.140.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 4d7d6ba9558b7a14f557bf20672314e0
4f10a42b4073bb897a8452e544b01f81901a657e
633140f227d704ab90634132a6544edf1bcee713564f3487d3f8db388cea644c
Analyzer Verdict Alert fortinet Phishing
GET /page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Content-Length: 250
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3200044057cb585f1a435c0efece61c8
8305d5b5891288aa9996b4b4ca6fce2265413194
df45704534a24928e7659a6d8cd1b5ac9ffa9b224b02b34a2d6aed5ef69fd586
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3331
Cache-Control: max-age=163403
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:09 GMT
Etag: "63720535-1d7"
Expires: Wed, 16 Nov 2022 10:02:32 GMT
Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
142.250.74.168302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1373afd5f63dc37d3b1e0cd4a9857230
c6f8ae3f09ce337c9e491f0946bdfe8eab86188a
989490b30a61855760b9f74412798e09385461c1f5f07e630d5fa943bc27a47e
GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-M83DX4
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 14 Nov 2022 12:39:09 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
in.taskanalytics.com/00012/tm.js?r=&1595293061872
54.216.252.255403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595293061872
IP 54.216.252.255:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
GET /00012/tm.js?r=&1595293061872 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1595293061723
54.216.252.255403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595293061723
IP 54.216.252.255:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
GET /00012/tm.js?r=&1595293061723 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur
www.lmlenzitrasporti.com/page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement
62.149.140.201404 Not Found 250 B URL HTTP/1.1 www.lmlenzitrasporti.com/page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement
IP 62.149.140.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 4d7d6ba9558b7a14f557bf20672314e0
4f10a42b4073bb897a8452e544b01f81901a657e
633140f227d704ab90634132a6544edf1bcee713564f3487d3f8db388cea644c
Analyzer Verdict Alert fortinet Phishing
GET /page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Content-Length: 250
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
142.250.74.168302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1373afd5f63dc37d3b1e0cd4a9857230
c6f8ae3f09ce337c9e491f0946bdfe8eab86188a
989490b30a61855760b9f74412798e09385461c1f5f07e630d5fa943bc27a47e
GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-M83DX4
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 14 Nov 2022 12:39:09 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
in.taskanalytics.com/00012/tm.js?r=&1595285185398
54.216.252.255403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595285185398
IP 54.216.252.255:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
GET /00012/tm.js?r=&1595285185398 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
142.250.74.168302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1373afd5f63dc37d3b1e0cd4a9857230
c6f8ae3f09ce337c9e491f0946bdfe8eab86188a
989490b30a61855760b9f74412798e09385461c1f5f07e630d5fa943bc27a47e
GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-M83DX4
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 14 Nov 2022 12:39:09 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/bundle.js
62.149.140.201404 Not Found 247 B URL HTTP/1.1 www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/bundle.js
IP 62.149.140.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5b19b643f388e39168fb9924cc50f99b
eb13aa00e08744f4066de55dc2c59c1960c99110
34a5b64299a36157c0a5f7cbe970243aa1fc0113e8e5c74b0c5731ea3134ce39
Analyzer Verdict Alert fortinet Phishing
GET /_/asset/no.posten.website:1594301215/js/bundle.js HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
Cookie: _gcl_au=1.1.998631713.1668429548
HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Content-Length: 247
Keep-Alive: timeout=15, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c032f30e41c8a71a7610a7be9f7b6255
01daaa4dbbb0e2d2402e4796c37843f01464c813
bcefb7ad2179e9704c340d8cefc2de63aac8e9e35c10433090127cd7e323bb7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.mycomandia.com/static/shop/common/fonts/flaticon/Flaticon.woff2
176.31.232.62200 OK 2.0 kB URL HTTP/2 cdn.mycomandia.com/static/shop/common/fonts/flaticon/Flaticon.woff2
IP 176.31.232.62:0
File type Web Open Font Format (Version 2), TrueType, length 2024, version 1.0\012- data
Hash c1b7ca92614b5e76d59b8b467f1d8dd9
6ada3f43e5b4ec1a77383f2af00dd2b3c990af5c
a92c73eb3e53032a9846ca27c2c579b424b45a893ac814288954762e878b5e1b
GET /static/shop/common/fonts/flaticon/Flaticon.woff2 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.lmlenzitrasporti.com
Connection: keep-alive
Referer: https://cdn.mycomandia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 12:39:10 GMT
content-type: application/octet-stream
content-length: 2024
last-modified: Mon, 02 Sep 2019 15:03:52 GMT
etag: "5d6d2f58-7e8"
server: rebelio-n1
expires: Tue, 14 Nov 2023 12:39:10 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=4057822662770;gtm=2wgb90;auiddc=998631713.1668429548;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F?
142.250.74.70200 OK 272 B URL HTTP/2 8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=4057822662770;gtm=2wgb90;auiddc=998631713.1668429548;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (588), with no line terminators
Hash 585e85202fa6ac353710aa60d3a12c35
5e6c245db4f669a885b34d18783346086d2ad998
db086210f191aa5caeaebec22a281d23489227776cec2f01809a3d8b146944a6
GET /activityi;src=8260928;type=global;cat=postengl;ord=4057822662770;gtm=2wgb90;auiddc=998631713.1668429548;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F? HTTP/1.1
Host: 8260928.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 272
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 14-Nov-2022 12:54:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.89.181.160101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.181.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6YOIaPK43rEBMTe7ZeyE2Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qL8VPAvdng/gckWkUqSFgmXGZps=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c032f30e41c8a71a7610a7be9f7b6255
01daaa4dbbb0e2d2402e4796c37843f01464c813
bcefb7ad2179e9704c340d8cefc2de63aac8e9e35c10433090127cd7e323bb7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/chatbot.js
62.149.140.201404 Not Found 248 B URL HTTP/1.1 www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/chatbot.js
IP 62.149.140.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f795cb471edbaa7817880a2e73a1a73b
8adf12001d4b11a01c996a2ff375ae87b6b23aa4
36c6bb8da9872370e4a4cf828514100ccdc3cca6bebb81feb6647bbd989b80f5
Analyzer Verdict Alert fortinet Phishing
GET /_/asset/no.posten.website:1594301215/js/chatbot.js HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
Cookie: _gcl_au=1.1.998631713.1668429548
HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 12:39:10 GMT
Server: Apache
Content-Length: 248
Keep-Alive: timeout=15, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D?
142.250.74.70200 OK 427 B URL HTTP/1.1 8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (636), with no line terminators
Hash 7894f56de7efa41c42aab98bd8cd19ba
4a3a8110cc5a2e6deccedda3ac6d00bed188ff10
34c3b01b8c469b58e9933b67e4a12c9dd98ec4daefd4324f0aceb92cf8dd6d44
GET /activityi;src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D? HTTP/1.1
Host: 8260928.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 14 Nov 2022 12:39:10 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 427
X-XSS-Protection: 0
8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F?
142.250.74.70200 OK 379 B URL HTTP/1.1 8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (514), with no line terminators
Hash b0d6eab9eab3a20438b0bd13da342a70
134028116c2bead7b536a69aff5cdffbe7cef66c
a10b560c3b8f69897480622085a0ab5675665bff0b3e3f8ead749b3f2535c7dc
GET /activityi;src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F? HTTP/1.1
Host: 8260928.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 14 Nov 2022 12:39:10 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 379
X-XSS-Protection: 0
8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D?
142.250.74.70200 OK 427 B URL HTTP/1.1 8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (636), with no line terminators
Hash 78b225543f9ea122bf259d94fd379b4b
cbe260dd69e0791c6479bf8c214f28aa09a41286
e2e8bdcba10a07de068f0c41f8f0c7dd6bfed0b8b0f4aaedae5b263cd70e0362
GET /activityi;src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D? HTTP/1.1
Host: 8260928.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 14 Nov 2022 12:39:10 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 427
X-XSS-Protection: 0
in.taskanalytics.com/00012/tm.js?r=&1668429548609
54.216.252.255403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1668429548609
IP 54.216.252.255:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
GET /00012/tm.js?r=&1668429548609 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:10 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1668429548612
54.216.252.255403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1668429548612
IP 54.216.252.255:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
GET /00012/tm.js?r=&1668429548612 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:10 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1668429548611
54.216.252.255403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1668429548611
IP 54.216.252.255:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
GET /00012/tm.js?r=&1668429548611 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:10 GMT
Via: 1.1 vegur
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 96c9e6a333b1f0fddf32f24e7b965151
647fee1eb0d6839e30115edebe8d0840e6152cdb
a2ac4ddc863a9d641d91d504db389e0116cf1699322d2391f17d5785bf5bc538
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4057822662770;gtm=2wgb90;auiddc=998631713.1668429548;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F
142.250.74.66200 OK 272 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4057822662770;gtm=2wgb90;auiddc=998631713.1668429548;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (587), with no line terminators
Hash 0e5d866a890390344a419fc9dcff8406
6c351b3350936edecbe405694703324e2a45ba9b
8600605b779bf5c2d30faac5e356904819b2633ae25114b883422524a55c37d6
GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4057822662770;gtm=2wgb90;auiddc=998631713.1668429548;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8260928.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 272
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F
142.250.74.66200 OK 251 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (513), with no line terminators
Hash 66bab8b407292b70d4f0f305ec9acacd
4acdd7d1e3e07355322ca7aaf74899a6e67a64a8
fffcc1ee1d9daaab2e3396862ae8e5913226f7da9049f41dad4a15604fc939c9
GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://8260928.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D
142.250.74.66200 OK 297 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (635), with no line terminators
Hash bc6d6c3a1c420799472640b0a824691d
a5386ff8c52d713dc16ee1630746b76ee6a0c37a
c077749c0272ef956823be09fc24bb8b28c91397ece025c16b8ddfddce8b8806
GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://8260928.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 297
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D
142.250.74.66200 OK 299 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (635), with no line terminators
Hash 73fbf7971c5c280fa659ce0ac803c7ab
15baa8bc86051abe9c8da4d47720b403004d4ec0
5171ae2d45af40b0aa0c09c444ff33f7322ca5d258a1be8e2f00f795d32ef652
GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://8260928.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 299
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vars.hotjar.com/box-XMRheight:%201px%20!important;%20opacity:%200%20!important;%20pointer-events:%20none%20!important;
54.230.111.85403 Forbidden 243 B URL HTTP/2 vars.hotjar.com/box-XMRheight:%201px%20!important;%20opacity:%200%20!important;%20pointer-events:%20none%20!important;
IP 54.230.111.85:0
Hash 91837704cb39cce11910686e21f366de
68a8d78a42570c446a6f5c31669eb6da6167561e
4bccada4eab6cc22fb89b250369d2996feccf0be22173b5cfb2c780c748a7c32
GET /box-XMRheight:%201px%20!important;%20opacity:%200%20!important;%20pointer-events:%20none%20!important; HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/xml
content-length: 243
date: Mon, 14 Nov 2022 12:39:10 GMT
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YBHDsk-scqw-bAmqJAoSc2TiW27mD2vBPWB20OW60EdhvRBtRjFaYw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 96c9e6a333b1f0fddf32f24e7b965151
647fee1eb0d6839e30115edebe8d0840e6152cdb
a2ac4ddc863a9d641d91d504db389e0116cf1699322d2391f17d5785bf5bc538
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3ed64b41b0a432ed6f8763fb24643390
a706034f8eaca414f20e2bde40ff84dde5509515
f5486847b03849b009bebe64683cd107ac2427ffbf109786938be5e06e620aea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3ed64b41b0a432ed6f8763fb24643390
a706034f8eaca414f20e2bde40ff84dde5509515
f5486847b03849b009bebe64683cd107ac2427ffbf109786938be5e06e620aea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3ed64b41b0a432ed6f8763fb24643390
a706034f8eaca414f20e2bde40ff84dde5509515
f5486847b03849b009bebe64683cd107ac2427ffbf109786938be5e06e620aea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3ed64b41b0a432ed6f8763fb24643390
a706034f8eaca414f20e2bde40ff84dde5509515
f5486847b03849b009bebe64683cd107ac2427ffbf109786938be5e06e620aea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
in.taskanalytics.com/00012/tm.js?r=&1668429548819
54.216.252.255403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1668429548819
IP 54.216.252.255:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
GET /00012/tm.js?r=&1668429548819 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:10 GMT
Via: 1.1 vegur
adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4057822662770;gtm=2wgb90;auiddc=998631713.1668429548;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F
142.250.74.162200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4057822662770;gtm=2wgb90;auiddc=998631713.1668429548;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4057822662770;gtm=2wgb90;auiddc=998631713.1668429548;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Mon, 14 Nov 2022 12:39:10 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D
142.250.74.162200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Mon, 14 Nov 2022 12:39:10 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D
142.250.74.162200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Mon, 14 Nov 2022 12:39:10 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F
142.250.74.162200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Mon, 14 Nov 2022 12:39:10 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3ed64b41b0a432ed6f8763fb24643390
a706034f8eaca414f20e2bde40ff84dde5509515
f5486847b03849b009bebe64683cd107ac2427ffbf109786938be5e06e620aea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 2b8683209feb823e1ec2a35199ab8e59
df3e2ff43415b59aa05b9da3a916339585417e2e
522f970372008500095b0a891a3880bd7d4ef689f137dd7ba16049d2177f47f5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=127459
Date: Mon, 14 Nov 2022 12:39:10 GMT
Etag: "6371743c-1d7"
Expires: Wed, 16 Nov 2022 00:03:29 GMT
Last-Modified: Sun, 13 Nov 2022 22:48:28 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Q3WlDAkjGKl9FWK_xpnDjf0QSwAvsN0blceZboaHQ1j65xLA1Dq-tQ==
Age: 4501
6015663.global.siteimproveanalytics.io/image.aspx?url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&title=Posten.no&res=1280x1024&accountid=6015663&rt=1259&prev=4e38ae71-4730-465b-e391-719e48102403&luid=12e400e0-9f2d-2f20-d71d-d3af4050d9bf&rnd=41015
18.158.237.5200 OK 34 B URL HTTP/2 6015663.global.siteimproveanalytics.io/image.aspx?url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&title=Posten.no&res=1280x1024&accountid=6015663&rt=1259&prev=4e38ae71-4730-465b-e391-719e48102403&luid=12e400e0-9f2d-2f20-d71d-d3af4050d9bf&rnd=41015
IP 18.158.237.5:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash a82ba3a9d42148e9cf209df13d8c3f3d
dba80835d31175bdcf0bcad1abafefb06d86e304
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
GET /image.aspx?url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&title=Posten.no&res=1280x1024&accountid=6015663&rt=1259&prev=4e38ae71-4730-465b-e391-719e48102403&luid=12e400e0-9f2d-2f20-d71d-d3af4050d9bf&rnd=41015 HTTP/1.1
Host: 6015663.global.siteimproveanalytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 12:39:10 GMT
content-type: image/gif
content-length: 34
set-cookie: AWSALB=PGt4Xu/UxFxGCFK6FWjjxtsKrap7AIBABR/KSz3PEjOU7pBDVEf2adbFIrt8SdlaS9g08XiNIA1EedF6pBwKxvNvWH70yxcP0MTRvonlPMuv1eijx2YQW8jeR2tl; Expires=Mon, 21 Nov 2022 12:39:10 GMT; Path=/
AWSALBCORS=PGt4Xu/UxFxGCFK6FWjjxtsKrap7AIBABR/KSz3PEjOU7pBDVEf2adbFIrt8SdlaS9g08XiNIA1EedF6pBwKxvNvWH70yxcP0MTRvonlPMuv1eijx2YQW8jeR2tl; Expires=Mon, 21 Nov 2022 12:39:10 GMT; Path=/; SameSite=None; Secure
cache-control: max-age=0
expires: Mon, 14 Nov 2022 12:39:10 UTC
X-Firefox-Spdy: h2
b.scorecardresearch.com/beacon.js
54.230.111.125200 OK 1.9 kB URL HTTP/1.1 b.scorecardresearch.com/beacon.js
IP 54.230.111.125:0
File type ASCII text, with very long lines (3936)
Hash 95ead88a8555078b6f6bb9f697a8a4ec
1fbbfb3a67372b6b034d295a717e6601344e7216
4e0f7c7a56fc7a7bfc3d73b3ea4b4981c676efaaa126b6576e2b4f21eba78a88
GET /beacon.js HTTP/1.1
Host: b.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 14 Nov 2022 01:57:23 GMT
Cache-Control: max-age=86400
ETag: W/"eaf85c1c6758e84acfe134efd70e9373"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gvM5r6AVe0M7r-ENHiJUCXuf5HtE1DARjy0CrwCbGhftN-uXc2LrmQ==
Age: 38510
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/1.1 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 0ac10debd3a9ea8147a26d045bb93e6e
ff45f3442508e8695f2303701682ebdb6e016464
5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
Pragma: public
Cache-Control: public, max-age=1200
Expires: Sat, 01 Jan 2000 00:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
X-FB-Debug: vvGitSgqFZ1d3nZBfEMt28NCGStUmzQb1XI1vtY5q/r7r/Sw3SxCw3gInxO9O7OVAz2cXHlxd2V8NBHMbntKmQ==
X-FB-TRIP-ID: 1904183273
Date: Mon, 14 Nov 2022 12:39:10 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 27337
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/1.1 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 15375
Last-Modified: Thu, 27 Oct 2022 18:55:37 GMT
Cache-Control: no-cache
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
Accept-Ranges: bytes
Date: Mon, 14 Nov 2022 12:39:10 GMT
X-Served-By: cache-iad-kjyo7100147-IAD, cache-bma1631-BMA
X-Cache: HIT, HIT
Vary: Accept-Encoding,Host
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
www.lmlenzitrasporti.com/_/image/60b33711-0a7f-40bc-974b-0209e50dae4a:91dbc5bf28c5fb069b0219ca5856e5da19efea66/square-192/posten-logo.png
62.149.140.201404 Not Found 310 B URL HTTP/1.1 www.lmlenzitrasporti.com/_/image/60b33711-0a7f-40bc-974b-0209e50dae4a:91dbc5bf28c5fb069b0219ca5856e5da19efea66/square-192/posten-logo.png
IP 62.149.140.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9352f0210a326d4c8efdee61bf8dbb2e
cc254f948eac14e8c985dd2422fa4efa68726580
def264931a1bf02ca3887a87992ff6e1c9c4bc3eefe9d7de1d5b30cd8e20657f
GET /_/image/60b33711-0a7f-40bc-974b-0209e50dae4a:91dbc5bf28c5fb069b0219ca5856e5da19efea66/square-192/posten-logo.png HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
Cookie: _gcl_au=1.1.998631713.1668429548; nmstat=4e38ae71-4730-465b-e391-719e48102403
HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 12:39:10 GMT
Server: Apache
Content-Length: 310
Keep-Alive: timeout=15, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
script.hotjar.com/modules.a1fbf755044ca8f629ba.js
54.230.111.44200 OK 89 kB URL HTTP/2 script.hotjar.com/modules.a1fbf755044ca8f629ba.js
IP 54.230.111.44:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash db69fc2480d3485a988c1628d311d0c0
82abdfda4d399e9e8032a71f1f962e91ad80860f
7517e0f2be2260c0cd09514fb51ac73f72751caa5e58e4fa5267732f3862b318
GET /modules.a1fbf755044ca8f629ba.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 88758
date: Tue, 04 Oct 2022 09:53:15 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "db69fc2480d3485a988c1628d311d0c0"
last-modified: Wed, 22 Jul 2020 09:42:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YerKTIxaauHihEn_CRX1kLT0zGHqUlesc453uz6krLcBGD4SM2vXAQ==
age: 3552355
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5e80da4d7eecb711fd30395a80a40107
3051e29b919e705dc29bfa4dcf943adfe4f9efb6
f31820520fcfcc11ff412c986d56213def98f4452d47061237cfdc85fa18c2cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4917
Cache-Control: max-age=170769
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Etag: "63721bca-1d7"
Expires: Wed, 16 Nov 2022 12:05:19 GMT
Last-Modified: Mon, 14 Nov 2022 10:43:22 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/1.1 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
HTTP/1.1 304 Not Modified
Connection: keep-alive
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: no-cache
ETag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
X-Served-By: cache-bma1631-BMA
X-Cache: HIT
Vary: Accept-Encoding,Host
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
acdn.adnxs.com/dmp/up/pixie.js
151.101.85.108200 OK 3.3 kB URL HTTP/1.1 acdn.adnxs.com/dmp/up/pixie.js
IP 151.101.85.108:0
File type ASCII text, with very long lines (9139), with no line terminators
Hash 75b9af81e30e45403e6856566e888545
d013e9a47331447f32c2bdf6f35b286e711788f0
dd26e2e55783f6174ceea7c7a3b10e5af1c7fca56fc2543956a38b848f32a151
GET /dmp/up/pixie.js HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3340
Server: nginx/1.18.0 (Ubuntu)
Content-Type: application/javascript
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
ETag: W/"60b79de0-23b3"
Expires: Mon, 31 Oct 2022 05:58:51 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 14 Nov 2022 12:39:10 GMT
Age: 23991
X-Served-By: cache-lga21930-LGA, cache-bma1626-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 4652
X-Timer: S1668429551.828038,VS0,VE0
Vary: Accept-Encoding
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 4.5 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12826)
Hash 806d185619a4ef5951ab91810117e4ba
f40031c0ea5718f6d9a0a35e8ca60262daedc440
06489a801966cb9e7b467aed4edb63aa10bc2e588d259054ef696ade54e4b19f
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 19:27:04 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=68071
date: Mon, 14 Nov 2022 12:39:10 GMT
content-length: 4530
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5ad435294061dbdaf662a3169c556d25
df00f159cc18b79d03cb15ee6cbe00c7e86339f2
6da35ce76e5ed3bfd884fa7fba9999890342a83316c051696eb623fe5640f8e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.5 kB URL HTTP/1.1 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash 2b153cb2287eac49566b32fce9c385f8
206074b038daff8bc66d86bca0c5ff35f9f72655
7398435bd3f0dae8206173dd66954ae029dc8787962d5f089bcb548f53409869
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
HTTP/1.1 200 OK
date: Mon, 14 Nov 2022 12:37:30 GMT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 21497985
etag: W/"-375139978"
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4547
x-iplb-request-id: 5B5A2A9A:335C_2E69C9F0:0050_637236EE_C7CB2:88CB
x-iplb-instance: 42305
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/1.1 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
HTTP/1.1 304 Not Modified
Connection: keep-alive
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: no-cache
ETag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
X-Served-By: cache-bma1631-BMA
X-Cache: HIT
Vary: Accept-Encoding,Host
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/plugins/ua/linkid.js
142.250.74.174200 OK 859 B URL HTTP/2 www.google-analytics.com/plugins/ua/linkid.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1335)
Hash 904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237
GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 12:29:39 GMT
expires: Mon, 14 Nov 2022 13:29:39 GMT
cache-control: public, max-age=3600
age: 571
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion_async.js
142.250.74.162200 OK 15 kB URL HTTP/2 www.googleadservices.com/pagead/conversion_async.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (1654)
Hash 43554e104968194aa58c92a60f87b85f
83b93428a7de45e05dee9935cd267ded8fbe3047
761e05cdcb9af97e1de328b96155b9c5595111aadeb3de62c28a07bfb4c68c71
GET /pagead/conversion_async.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Mon, 14 Nov 2022 12:39:10 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 2264052217849554208
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15191
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-507531.js?sv=7
54.230.111.66200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-507531.js?sv=7
IP 54.230.111.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/hotjar-507531.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 14 Nov 2022 12:39:10 GMT
cache-control: max-age=60
etag: W/d41d8cd98f00b204e9800998ecf8427e
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8uDbMzmzd8IlDnpRGx1fIspWrI_1WvGEkuy5g7LL4jPZGOsizzIY3A==
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 14 Nov 2022 10:41:09 GMT
expires: Mon, 14 Nov 2022 12:41:09 GMT
cache-control: public, max-age=7200
age: 7081
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8094f6d66cd067b92b99cc3c1ec916c6
cdb6d27ace38846e7a770dafce189f90a30db886
f07248933eddbab19c1153daaece5a2c3bcb421598bfab2c4b0f4c547d75e817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c1abc90e3b0a3418b27aa617d9e6f6eb
ec09eabd2f48a4013c6ae13d0145d5cd5823aa96
57905b7c1951f7340d51107297e02bd848abecfcf701ea8bc1befa105ee0178f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.163200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.163:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 11:57:41 GMT
expires: Tue, 14 Nov 2023 11:57:41 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 2489
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
encrypted-tbn0.gstatic.com/images?q=tbn%3AANd9GcQTrX8MP4pA-vzwCA0DiAM71Fj69Cm9CP7aY7NITLF99rsGcwM9
142.250.74.78200 OK 6.2 kB URL HTTP/2 encrypted-tbn0.gstatic.com/images?q=tbn%3AANd9GcQTrX8MP4pA-vzwCA0DiAM71Fj69Cm9CP7aY7NITLF99rsGcwM9
IP 142.250.74.78:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash 2063951383d22405d0663550e2ed3762
6a256b7cdec8d0e0aaf2c86c17e7cc34693a609e
0fb41ab8877699782e17566fafad17e01b8d04b840db658583cb0d3b9508fff4
GET /images?q=tbn%3AANd9GcQTrX8MP4pA-vzwCA0DiAM71Fj69Cm9CP7aY7NITLF99rsGcwM9 HTTP/1.1
Host: encrypted-tbn0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 6238
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 07:43:46 GMT
expires: Tue, 14 Nov 2023 07:43:46 GMT
cache-control: public, max-age=31536000
age: 17724
last-modified: Thu, 28 Dec 2017 03:23:06 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.163200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.163:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 11:25:58 GMT
expires: Tue, 14 Nov 2023 11:25:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 4392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&ct_cookie_present=1
216.58.211.2200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&ct_cookie_present=1
IP 216.58.211.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 14-Nov-2022 12:54:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5e80da4d7eecb711fd30395a80a40107
3051e29b919e705dc29bfa4dcf943adfe4f9efb6
f31820520fcfcc11ff412c986d56213def98f4452d47061237cfdc85fa18c2cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4917
Cache-Control: max-age=170769
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Etag: "63721bca-1d7"
Expires: Wed, 16 Nov 2022 12:05:19 GMT
Last-Modified: Mon, 14 Nov 2022 10:43:22 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.google.com/pagead/1p-conversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f155cafc1dce1994f8c5a9c7b43ffcd
53668173c273daf9540e7c5a0aadc11ef246a01e
05a8dd620eac5d494de75b51fc371fb86959551edfcaf87b4eb8ef15df563ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c1abc90e3b0a3418b27aa617d9e6f6eb
ec09eabd2f48a4013c6ae13d0145d5cd5823aa96
57905b7c1951f7340d51107297e02bd848abecfcf701ea8bc1befa105ee0178f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5238
Expires: Mon, 14 Nov 2022 14:06:29 GMT
Date: Mon, 14 Nov 2022 12:39:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5238
Expires: Mon, 14 Nov 2022 14:06:29 GMT
Date: Mon, 14 Nov 2022 12:39:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f1e763f44800e4de06d69a3b2af74da
35afe48832221fe42de30260b9bcb15867109031
5f234c025d1f586b4364d2ef8c2818d3d4d441691444bb885e89f4c150b3d2a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9322
x-amzn-requestid: 0becd817-a29e-46bf-b9d6-2d18e12f5fe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDvE8DoAMFsiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-5b4bf1674c4edf80458cf53f;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6eUvvtJ48e5eRUJffmsuc9-blgv2dHt-Lsemnf-i8mLQ9CpY0Y94sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:13:29 GMT
age: 51942
etag: "35afe48832221fe42de30260b9bcb15867109031"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5238
Expires: Mon, 14 Nov 2022 14:06:29 GMT
Date: Mon, 14 Nov 2022 12:39:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0db3498954921b58948ad8a4e7fd49f
6b618c3ff6e589f9e01650bd0a619acb70d8004e
fa3baa9e32e455ab2eeefab0c76714bf0ff5f67a5ccd7c10b3f5c21d8138c5cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6535
x-amzn-requestid: 3333aa65-c0c7-4704-9af1-fb0a49f830fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDtHbhoAMFSsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-51c3e4513240b7e5662b8e6e;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6dTOcWIKFuo-Thf3zUH_1WY70yFyQkj3w2xPrb6Ntjf8TUFPVG-_lA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:01:14 GMT
age: 52677
etag: "6b618c3ff6e589f9e01650bd0a619acb70d8004e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfc7286992b2cebdf1ebb58f85576e61
a49a1bf9716e32979810931d04d1f84216d096c1
7c5288d4ae39202e00c7fd482faa10b5610d31edf0bba9fc69fa4fc1f422b837
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7494
x-amzn-requestid: b07e424a-c11e-442f-8636-e0670cb6f864
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bd8heGBtoAMFYQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f0e09-7dcda14e5077563d726752ae;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 03:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VXu3wEUmBJjK6YiXRFYVAuZ3h-ApKkvK1miRBXpo6faKsx8OOXu0JQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 03:14:47 GMT
age: 33864
etag: "a49a1bf9716e32979810931d04d1f84216d096c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
posten.boost.ai/chatPanel/chatPanel.js
34.243.197.63200 OK 503 B URL HTTP/2 posten.boost.ai/chatPanel/chatPanel.js
IP 34.243.197.63:0
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
GET /chatPanel/chatPanel.js HTTP/1.1
Host: posten.boost.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 12:39:09 GMT
content-type: application/javascript
server: Apache
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=94608000; includeSubDomains
access-control-allow-credentials: true
vary: Origin,Accept-Encoding
last-modified: Mon, 14 Nov 2022 08:38:48 GMT
etag: "b2b60-5ed6a2b0ce7b5-gzip"
accept-ranges: bytes
cache-control: max-age=600
expires: Mon, 14 Nov 2022 12:49:09 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
access-control-allow-headers: content-type, X-Requested-With, accept, Origin, Access-Control-Request-Method, Access-Control-Request-Headers, X-CSRF-TOKEN, X-XSRF-TOKEN, X-XHR-Logon, x-ms-client-application-name, x-ms-client-request-id, x-ms-client-session-id, x-ms-effective-locale
access-control-max-age: 600
x-robots-tag: noindex
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3659f1b-dbbe-487d-af32-218abe7ac972.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3659f1b-dbbe-487d-af32-218abe7ac972.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 082b39a895ac8ac7bf914d71d71b9dfb
183dd713ee74ac0556c7deebde16a4ccf95d1253
5713277b54fe722f7d6ec72b38e648d7c9efab3223f37ba4bc3a71f3b1eded87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3659f1b-dbbe-487d-af32-218abe7ac972.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10361
x-amzn-requestid: adb2ad3c-fd60-4751-8cd1-7a45055da065
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bUQppG9RIAMFrEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636b2e3d-7cc68ec108c88af51d358860;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 04:36:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pMrFZg6_xA2Q9vb1tgyV8GyfIoA70aROalMHUmOUxL5vfEQgKVZ2cw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 18:02:03 GMT
age: 67028
etag: "183dd713ee74ac0556c7deebde16a4ccf95d1253"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5238
Expires: Mon, 14 Nov 2022 14:06:29 GMT
Date: Mon, 14 Nov 2022 12:39:11 GMT
Connection: keep-alive
www.facebook.com/tr/?id=843920095719058&ev=PageView&dl=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&rl=&if=false&ts=1668429549439&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668429549437.1741899964&it=1668429549223&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=843920095719058&ev=PageView&dl=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&rl=&if=false&ts=1668429549439&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668429549437.1741899964&it=1668429549223&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=843920095719058&ev=PageView&dl=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&rl=&if=false&ts=1668429549439&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668429549437.1741899964&it=1668429549223&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Nov 2022 12:39:11 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:52:43 GMT
age: 53188
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.3200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.3:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.lmlenzitrasporti.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa95e3362-3324-487e-af72-a8801904975f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa95e3362-3324-487e-af72-a8801904975f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ceefde63fac8b44410baa7054cbbf39d
bc5a776a90f9ff1c5bd6e3dad0a542d3b73bad88
6e55d25f544d934550970c70a8325886471550d1d4f757610b13800985896ba1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa95e3362-3324-487e-af72-a8801904975f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9663
x-amzn-requestid: ef07bc3a-4907-484b-9113-f00e08442f33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyFUHz6IAMFrXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163bb-1c1a2d0d4aeae314494e4b33;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:38:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fWVjU2p0gxiXvlch1JwzoAc7RHvtGt0jTQqb99ERvCfVw7ZUPJz2XQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:04:26 GMT
etag: "bc5a776a90f9ff1c5bd6e3dad0a542d3b73bad88"
content-type: image/jpeg
age: 52485
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ib.adnxs.com/pixie?e=PageView&pi=9c3f7c51-769b-4487-8db5-bef9b5c66993&it=1668429549336&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1668429549334&et=1668429549336&if=0
185.89.210.244200 OK 42 B URL HTTP/1.1 ib.adnxs.com/pixie?e=PageView&pi=9c3f7c51-769b-4487-8db5-bef9b5c66993&it=1668429549336&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1668429549334&et=1668429549336&if=0
IP 185.89.210.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixie?e=PageView&pi=9c3f7c51-769b-4487-8db5-bef9b5c66993&it=1668429549336&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1668429549334&et=1668429549336&if=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 14 Nov 2022 12:39:11 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1668429549334&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1668429549334&et=1668429549336&if=0
185.89.210.244200 OK 42 B URL HTTP/1.1 ib.adnxs.com/pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1668429549334&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1668429549334&et=1668429549336&if=0
IP 185.89.210.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1668429549334&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1668429549334&et=1668429549336&if=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 14 Nov 2022 12:39:11 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1668429549334&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1668429549334&et=1668429549334&if=0
185.89.210.244200 OK 42 B URL HTTP/1.1 ib.adnxs.com/pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1668429549334&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1668429549334&et=1668429549334&if=0
IP 185.89.210.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1668429549334&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1668429549334&et=1668429549334&if=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 14 Nov 2022 12:39:11 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1668429549338&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1668429549338&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=&time=1668429549338&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&e2e2a7f5-11dd-4dbc-8c74-964dc8d957ac"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 14-Nov-2023 12:39:11 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2430:u=1:x=1:i=1668429551:t=1668515951:v=2:sig=AQHkI4HskKabI8-vUXuGz6eeJ5YhC9ZJ"; Expires=Tue, 15 Nov 2022 12:39:11 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXtbYa8EwJCURTRvyMR5A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 91D4A9AFDC1D4994BD9BBD04304423AD Ref B: OSL30EDGE0312 Ref C: 2022-11-14T12:39:11Z
date: Mon, 14 Nov 2022 12:39:11 GMT
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03459ddef8d88ae62546b7794c0f6e93
6d5e07a88581ae3649a2612d762f3ec271cc6084
d09e0a08be0dc4ddbda6aae4b57626afe1bc1410b15af8db9304340a3629d600
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D09E0A08BE0DC4DDBDA6AAE4B57626AFE1BC1410B15AF8DB9304340A3629D600"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8066
Expires: Mon, 14 Nov 2022 14:53:37 GMT
Date: Mon, 14 Nov 2022 12:39:11 GMT
Connection: keep-alive
s4.histats.com/stats/0.php?4203309&@f16&@g1&@h1&@i1&@j1668429549353&@k0&@l1&@mPosten.no&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-53686740&@b3:1668429549&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&@w
192.99.8.34200 OK 50 B URL HTTP/1.1 s4.histats.com/stats/0.php?4203309&@f16&@g1&@h1&@i1&@j1668429549353&@k0&@l1&@mPosten.no&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-53686740&@b3:1668429549&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&@w
IP 192.99.8.34:0
File type ASCII text, with no line terminators
Hash 972e5bb98802869ee27a144bf2edf6ff
1a32bb73c3d61540606971d2091dd50d428c8c80
7651715a161dc69f2f9de3a68a8b71bc7a9b8cde16119ccb427ae172be512bb6
GET /stats/0.php?4203309&@f16&@g1&@h1&@i1&@j1668429549353&@k0&@l1&@mPosten.no&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-53686740&@b3:1668429549&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 12:39:11 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 50
Connection: close
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 0 B URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: /EbSbCgZx9/deSF4q9L7K2hyw7ibh1M3iv06NbOLXRhYzLTkM+WOLkkVwS78hk+xjGbp+GoGO+y9E2hTy6vp7Q==
content-length: 27337
x-fb-trip-id: 1904183273
date: Mon, 14 Nov 2022 12:39:10 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=PT+Sans:400,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=PT+Sans:400,700
IP 142.250.74.10:0
GET /css?family=PT+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 14 Nov 2022 12:39:09 GMT
date: Mon, 14 Nov 2022 12:39:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2