Report - www.lmlenzitrasporti.com/page1/rola/posten/

Report Overview

Submitted URL
www.lmlenzitrasporti.com/page1/rola/posten/
IP
62.149.140.201
ASN
#31034 Aruba S.p.A.
Submitted
2022-11-14 12:39:20
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
s4.histats.com	12782	2012-05-21T19:14:14Z	2023-03-10T14:01:06Z	598 B	182 B	192.99.8.34
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	404 B	746 B	142.250.74.10
z.moatads.com	374	2014-02-11T17:19:47Z	2023-03-10T05:50:44Z	398 B	1.4 kB	23.38.201.146
acdn.adnxs.com	573	2015-11-11T14:40:40Z	2023-03-10T15:22:50Z	292 B	3.9 kB	151.101.85.108
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-10T12:47:01Z	851 B	4.3 kB	142.250.74.163
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-10T16:21:16Z	737 B	873 B	216.58.211.2
8260928.fls.doubleclick.net	unknown	2017-12-01T13:39:49Z	2023-03-11T10:19:56Z	2.8 kB	4.2 kB	142.250.74.70
encrypted-tbn0.gstatic.com	unknown	2013-05-31T04:32:18Z	2023-03-10T06:12:59Z	462 B	7.2 kB	142.250.74.78
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	61 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
tienda.correos.es	unknown	2018-12-13T09:45:01Z	2023-03-10T15:56:38Z	794 B	2.1 kB	94.23.87.92
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-10T13:03:15Z	2.0 kB	124 kB	142.250.74.168
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-10T05:11:21Z	368 B	1.9 kB	104.18.21.226
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
vars.hotjar.com	1014	2020-11-05T11:13:14Z	2023-03-09T18:15:23Z	574 B	788 B	54.230.111.85
script.hotjar.com	887	2020-11-05T17:23:46Z	2023-03-10T15:35:05Z	392 B	90 kB	54.230.111.44
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-10T11:13:22Z	1.6 kB	88 kB	151.101.85.229
static.ads-twitter.com	614	2018-06-24T00:08:39Z	2023-03-10T09:31:28Z	1.1 kB	17 kB	151.101.84.157
www.google.com	7	2015-05-10T13:11:19Z	2023-03-10T12:19:40Z	710 B	1.3 kB	142.250.74.164
adservice.google.com	76	2021-02-20T17:10:48Z	2023-03-10T15:48:12Z	3.1 kB	3.8 kB	142.250.74.66
adservice.google.no	96969	2018-06-20T01:38:38Z	2023-03-10T05:19:42Z	3.0 kB	4.3 kB	142.250.74.162
6015663.global.siteimproveanalytics.io	unknown	2019-07-01T12:06:58Z	2023-03-10T18:21:32Z	632 B	615 B	18.158.237.5
snap.licdn.com	1044	2014-10-06T10:43:45Z	2023-03-10T10:16:19Z	389 B	4.8 kB	23.36.76.121
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.4 kB	6.2 kB	23.36.76.226
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.4 kB	3.2 kB	93.184.220.29
www.lmlenzitrasporti.com	unknown	2017-04-19T19:52:40Z	2023-02-18T16:35:06Z	5.2 kB	505 kB	62.149.140.201
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	52.89.181.160
ib.adnxs.com	241	2012-05-20T21:01:49Z	2023-03-10T08:25:07Z	1.7 kB	1.0 kB	185.89.210.244
www.googleadservices.com	107	2012-06-26T16:53:06Z	2023-03-10T16:05:03Z	394 B	16 kB	142.250.74.162
static.hotjar.com	641	2014-11-01T06:14:27Z	2023-03-10T09:34:35Z	384 B	627 B	54.230.111.66
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	626 B	349 B	31.13.72.36
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-10T07:09:08Z	722 B	874 B	142.250.74.3
s10.histats.com	15211	2012-05-21T19:14:14Z	2023-03-10T07:32:48Z	288 B	5.0 kB	46.105.201.240
posten.boost.ai	unknown	2018-11-15T11:19:37Z	2023-03-11T07:25:55Z	381 B	1.4 kB	34.243.197.63
cdn.mycomandia.com	unknown	2017-02-08T17:30:34Z	2023-03-10T15:56:38Z	3.2 kB	51 kB	176.31.232.62
in.taskanalytics.com	unknown	2016-02-05T07:44:24Z	2023-03-11T09:33:55Z	4.4 kB	4.1 kB	54.216.252.255
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	700 B	2.0 kB	54.230.245.39
b.scorecardresearch.com	3959	2012-06-26T16:32:10Z	2023-03-10T18:36:04Z	295 B	2.5 kB	54.230.111.125
px.ads.linkedin.com	522	2018-06-15T13:29:56Z	2023-03-10T11:11:31Z	495 B	824 B	13.107.42.14
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
siteimproveanalytics.com	3559	2014-12-11T11:13:11Z	2023-03-10T18:15:44Z	312 B	14 kB	172.64.143.34
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-10T05:15:22Z	681 B	30 kB	31.13.72.12
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	768 B	22 kB	142.250.74.174
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	7.5 kB	15 kB	142.250.74.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-11-13	medium	www.lmlenzitrasporti.com/page1/rola/posten/	Posten Norge

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-14	medium	www.lmlenzitrasporti.com/page1/rola/posten/	Phishing
2022-11-14	medium	www.lmlenzitrasporti.com/page1/rola/posten/file/f.txt	Phishing
2022-11-14	medium	www.lmlenzitrasporti.com/page1/rola/posten/file/1(1).txt	Phishing
2022-11-14	medium	www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/bundle.js	Phishing
2022-11-14	medium	www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/chatbot.js	Phishing
2022-11-14	medium	www.lmlenzitrasporti.com/page1/rola/posten/file/1.txt	Phishing
2022-11-14	medium	www.lmlenzitrasporti.com/page1/rola/posten/file/js	Phishing
2022-11-14	medium	www.lmlenzitrasporti.com/page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement	Phishing
2022-11-14	medium	www.lmlenzitrasporti.com/page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement	Phishing
2022-11-14	medium	www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/bundle.js	Phishing
2022-11-14	medium	www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/chatbot.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (36)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-10 03:26:57 Times Seen37487973 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	posten.boost.ai/chatPanel/chatPanel.js	732 kB	2023-03-08	2023-03-25
Pretty URL posten.boost.ai/chatPanel/chatPanel.js IP 34.243.197.63 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:26:36 Last Seen2023-03-25 22:10:49 Times Seen4 Hash ee18d80ec572c17030c705e2e73d643a a7287d7f1112e03266c0a9a7a84c116547f54872 ba706e29fffd5b9b2fd9099253bafe335fa92821cce1a34368662c486ae8196f Loading...

	www.lmlenzitrasporti.com/page1/rola/posten/	349 B	2023-03-07	2023-12-19
Pretty URL www.lmlenzitrasporti.com/page1/rola/posten/ IP 62.149.140.201 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:33:11 Last Seen2023-12-19 03:50:04 Times Seen4 Hash 4bb3a2c40cca89845dbdacbfa0bfdcfa 61244453ec6976eeda02cd8c45045dbd4c77da17 093c1594dce6c71fb46527c29c2a76b05219ea1ff0e757b9261030bd1dd0a810 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-05-08
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-05-08 17:53:08 Times Seen1644 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	www.lmlenzitrasporti.com/page1/rola/posten/file/f.txt	30 kB	2023-03-10	2024-02-10
Pretty URL www.lmlenzitrasporti.com/page1/rola/posten/file/f.txt IP 62.149.140.201 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 08:45:48 Last Seen2024-02-10 15:41:36 Times Seen13 Hash de7af9d1087edf65499fa8ce40a3c986 1596691629bae9f57063992bdf1af732d447559a 324573528cdc2d00cee54159016323477090223630c684b4cc46b9e437cb13c8 Loading...

	www.lmlenzitrasporti.com/page1/rola/posten/file/1(1).txt	1.5 kB	2023-03-07	2024-02-10
Pretty URL www.lmlenzitrasporti.com/page1/rola/posten/file/1(1).txt IP 62.149.140.201 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:33:11 Last Seen2024-02-10 15:41:36 Times Seen37 Hash f63ac3d276b7077a987675d6006a39dd a226c5e9acbafd79dab86c1018c274a879cdb5a1 ea0ff8a36f44af31d5379e7c0a28551018e697d4d424f9f31cdd37ed8891616d Loading...

	www.googletagmanager.com/gtm.js?id=GTM-M83DX4	231 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-M83DX4 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:52:14 Last Seen2023-03-11 11:53:28 Times Seen1 Hash 610ef547ea4c3b4106071d3552464546 2abaaf1aa5c73eba4b041226e3942cbf57f790d7 82433f103a3bf92c7753dfdfa371be82b6c987e7455d72d060de67680e4ba08f Loading...

	www.lmlenzitrasporti.com/page1/rola/posten/	395 B	2023-03-07	2024-02-10
Pretty URL www.lmlenzitrasporti.com/page1/rola/posten/ IP 62.149.140.201 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:33:11 Last Seen2024-02-10 15:41:34 Times Seen10 Hash c5d733f815a28785992cefae3fa1d60f 8122aff7bbcb2a1956c03398d99e10e664ec71e0 730dac7ab9f3041646ba8e024bdd12e626dfa26a5ec64f651871e46492c8364e Loading...

	www.lmlenzitrasporti.com/page1/rola/posten/	416 B	2023-03-07	2024-02-10
Pretty URL www.lmlenzitrasporti.com/page1/rola/posten/ IP 62.149.140.201 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:33:11 Last Seen2024-02-10 15:41:34 Times Seen10 Hash 86e5f08705d17f53f803a1a255ada213 0e9770da8d5473f50cf3b25afb6d482b53583f25 05e43a4d8cf191ebd68225b1c4140e8f18cd4004e18a83d7b2f32c8fe3f00e08 Loading...

	www.googletagmanager.com/gtag/js?id=DC-9852050&l=dataLayer&cx=c	113 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=DC-9852050&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:53:28 Last Seen2023-03-11 11:53:28 Times Seen1 Hash f4b5ae35048a4ef578285922292ca1eb fdcc4248c390720114f784d0d2c984e0766055b6 5177180d8fc6d7fa3816285cee4b75a494534afe12d803dc7c2862597a30794f Loading...

	siteimproveanalytics.com/js/siteanalyze_6015663.js	46 kB	2023-03-08	2023-03-11
Pretty URL siteimproveanalytics.com/js/siteanalyze_6015663.js IP 172.64.143.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:56:33 Last Seen2023-03-11 23:10:19 Times Seen1 Hash 1390d5c1085a4c807a7a6010f5663265 7f027ee5dd11ed781ffc2d9d208713145137877a cf729fff537f69a0291ee7d2236f2ce8d134c7019d8247436039876a11650bc4 Loading...

	www.lmlenzitrasporti.com/page1/rola/posten/	424 B	2023-03-10	2024-02-10
Pretty URL www.lmlenzitrasporti.com/page1/rola/posten/ IP 62.149.140.201 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 08:45:48 Last Seen2024-02-10 15:41:34 Times Seen15 Hash d9460ce5ca9bdee68e99f6c3b7efa6ab fbdfc1af4d841cddfefc182716768d31923d8c5d 6a92012432fcb021cc48a9daf8c727415b526284bbb1ad6351064ecfcabd3cda Loading...

	connect.facebook.net/signals/config/843920095719058?v=2.9.89&r=stable	300 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/signals/config/843920095719058?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:53:28 Last Seen2023-03-11 11:53:28 Times Seen1 Hash 7c40063a3403850d0f89feb9822a9999 b4513c70a50dcb8d7f3d22c431a7248b486046f5 d6d08015169ed45796d80b04eb6e3023fe70dce8964ced489fb66f74a7adb5c3 Loading...

	s4.histats.com/stats/0.php?4203309&@f16&@g1&@h1&@i1&@j1668429549353&@k0&@l1&@mPosten.no&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-53686740&@b3:1668429549&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&@w	50 B	2023-03-11	2023-03-13
Pretty URL s4.histats.com/stats/0.php?4203309&@f16&@g1&@h1&@i1&@j1668429549353&@k0&@l1&@mPosten.no&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-53686740&@b3:1668429549&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&@w IP 192.99.8.34 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:53:28 Last Seen2023-03-13 21:05:31 Times Seen1 Hash 972e5bb98802869ee27a144bf2edf6ff 1a32bb73c3d61540606971d2091dd50d428c8c80 7651715a161dc69f2f9de3a68a8b71bc7a9b8cde16119ccb427ae172be512bb6 Loading...

	www.lmlenzitrasporti.com/page1/rola/posten/file/1.txt	263 B	2023-03-07	2024-02-10
Pretty URL www.lmlenzitrasporti.com/page1/rola/posten/file/1.txt IP 62.149.140.201 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:33:11 Last Seen2024-02-10 15:41:36 Times Seen36 Hash 628aab205fc5a86c455467f9ebcf5e9c 90d8bf119e9c1c3b36d12b96669093bf31575625 c941476875f1024e95df21890a7eb5eddc4acd304a54a8c3b0b033f3356bdaf1 Loading...

	www.lmlenzitrasporti.com/page1/rola/posten/	388 B	2023-03-07	2024-02-10
Pretty URL www.lmlenzitrasporti.com/page1/rola/posten/ IP 62.149.140.201 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:33:11 Last Seen2024-02-10 15:41:34 Times Seen10 Hash 5dff850e6b367601ba25831d730aef28 fc0b38495d75ca512063fae5ab20c5f449e8de7c a86be6d3ee819a76df13fb3f24d98fcab7e90730a3883f09ade59ccc063ca21f Loading...

	www.lmlenzitrasporti.com/page1/rola/posten/	26 B	2023-03-07	2024-05-09
Pretty URL www.lmlenzitrasporti.com/page1/rola/posten/ IP 62.149.140.201 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:05 Last Seen2024-05-09 22:16:43 Times Seen682 Hash eb7a24ef1bd1aec83ac360dcc088ba45 ec5f90396a524b12f0c07a53394a1b1b45d6b95c 2cc26ff044a57e2085fbda562947b3f955f2bd9758ad3f9f710dc4a6ce173f24 Loading...

	snap.licdn.com/li.lms-analytics/insight.min.js	13 kB	2023-03-08	2023-03-13
Pretty URL snap.licdn.com/li.lms-analytics/insight.min.js IP 23.36.76.121 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:42 Last Seen2023-03-13 04:47:26 Times Seen1 Hash ccebe282ded746fbb6ea21ac6a200a36 75bb7beb33754f5a6fc3bee95674aef319613501 9549e9deeeab6d3a9f6ab1347e1b859fd5791cec82ff1a4175757c28b3df78e7 Loading...

	www.google-analytics.com/plugins/ua/linkid.js	1.6 kB	2023-03-07	2024-05-06
Pretty URL www.google-analytics.com/plugins/ua/linkid.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-06 13:19:47 Times Seen1993 Hash 0cc3a63fe10060af4a349e5df666eefe 3e8d3925b550345123f2cab26568221fd4154f9c 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Loading...

	www.googleadservices.com/pagead/conversion_async.js	42 kB	2023-03-11	2023-03-11
Pretty URL www.googleadservices.com/pagead/conversion_async.js IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:40:21 Last Seen2023-03-11 12:47:19 Times Seen1 Hash 3082362cb51bc5b1cb99a36fd7970bcb d2323010cba61818f0fdb6dd20729340ea3a2fff e62a3a7c03feb2938265c69ed5a0da7d6b1a2bbdaf39e9ad0ff355818049964c Loading...

	cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/icons.min.js	485 B	2023-03-07	2024-02-10
Pretty URL cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/icons.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:33:11 Last Seen2024-02-10 15:41:35 Times Seen31 Hash d1c15763ff2e6116a9a24bed1e3e5e45 5806ce4ce54205a0de89e45e2602ef9ff5ca8e9e f660ca0badb23ddca91dd3b86c7a538d64c5acab3327a981942f792484ef631f Loading...

	www.lmlenzitrasporti.com/page1/rola/posten/	349 B	2023-03-07	2023-12-19
Pretty URL www.lmlenzitrasporti.com/page1/rola/posten/ IP 62.149.140.201 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:33:11 Last Seen2023-12-19 03:50:04 Times Seen4 Hash 6465f9741b3b1d267cae0273cdaaf3b9 67face847fbc1110c4d2cb034210b6bd7889c3ca f1e391b47cb63e79dcff31b4eaeb01f1cbdcdf86800be1c980c50aa0819c6313 Loading...

	acdn.adnxs.com/dmp/up/pixie.js	9.1 kB	2023-03-07	2024-01-23
Pretty URL acdn.adnxs.com/dmp/up/pixie.js IP 151.101.85.108 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:42 Last Seen2024-01-23 08:30:01 Times Seen221 Hash e286c68ac0ac089b297abd8a3d9832a7 08a5e998ea0b980201d11b0282861c4efaeea396 f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-10	2023-10-31
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 17:19:33 Last Seen2023-10-31 18:18:05 Times Seen6 Hash 8938d4fc65afd3422bf533482ca33a53 2d92351d88fc6fd59cdac7d801753ac64ba52277 f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143 Loading...

	b.scorecardresearch.com/beacon.js	3.9 kB	2023-03-07	2024-01-14
Pretty URL b.scorecardresearch.com/beacon.js IP 54.230.111.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-01-14 12:48:16 Times Seen58 Hash eaf85c1c6758e84acfe134efd70e9373 5caec39b3ce7c2ec9912aff8ae6fa05aa9fb757e ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117 Loading...

	static.ads-twitter.com/uwt.js	58 kB	2023-03-08	2024-05-02
Pretty URL static.ads-twitter.com/uwt.js IP 151.101.84.157 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:46 Last Seen2024-05-02 22:13:05 Times Seen4333 Hash 32ad004436155ec972bc50e6238b5b67 9b2cdb645c2fa5b98a9d05dcdca521fed4a17b7b cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Loading...

	s10.histats.com/js15_as.js	11 kB	2023-03-07	2024-05-03
Pretty URL s10.histats.com/js15_as.js IP 46.105.201.240 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-03 06:50:30 Times Seen1983 Hash e959fbdd13def4b9a9d0a5fc9a7de4d4 1e39712307e3673b40c0bdb8c7d3e86a3e8b60a0 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Loading...

	www.google.com/pagead/1p-conversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4	43 B	2023-03-07	2024-04-28
Pretty URL www.google.com/pagead/1p-conversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:30 Last Seen2024-04-28 19:11:07 Times Seen63971 Hash ad8b6f08655797587cdec719a94efe59 182adf5a140796f81e930649d05654dbf22fd5b7 77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6 Loading...

	z.moatads.com/addthismoatframe568911941483/moatframe.js	1.7 kB	2023-03-07	2023-11-01
Pretty URL z.moatads.com/addthismoatframe568911941483/moatframe.js IP 23.38.201.146 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-11-01 14:42:28 Times Seen4278 Hash dd1a19cb8d13e4571d2b293c0a0d2ccf 18070dd5c894930a8aef7117bf8d49bd4922a723 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd Loading...

	www.lmlenzitrasporti.com/page1/rola/posten/file/js	86 kB	2023-03-10	2024-02-10
Pretty URL www.lmlenzitrasporti.com/page1/rola/posten/file/js IP 62.149.140.201 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 08:45:48 Last Seen2024-02-10 15:41:36 Times Seen13 Hash 3bc2dba628f72e4cb686cabe461d5817 2e462c205994b0b805bdb67c5270493d4767bbfc a0244e6ec83e84391c2f82f729629fb848a1d480816753b46e0ab1eed258e516 Loading...

	www.lmlenzitrasporti.com/page1/rola/posten/	323 B	2023-03-07	2024-02-10
Pretty URL www.lmlenzitrasporti.com/page1/rola/posten/ IP 62.149.140.201 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:33:11 Last Seen2024-02-10 15:41:34 Times Seen12 Hash c50e511eeaa71ac73fa8c00e28615b88 9317098f9e34e984c8351d7cba137629866b6e0f 1980c6e6d0bb39a0c1db0c4afe331ff50270c0cbe80876098b961fedacad95b3 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6c2b481ed8522d2217940e1553317555	873 B	2023-03-07	2023-03-14
Pretty Observations First Seen2023-03-07 14:33:11 Last Seen2023-03-14 02:13:36 Times Seen1 Hash 6c2b481ed8522d2217940e1553317555 0b9b34a1f90e545f70f32cd6d3dc86fb4e72d144 afdb6c824fa50b49f1ad290a4c94fd53f39f598902460805804cc0c1775e6720 Loading...

	#2 Eval - fd474c68b715a71665cb3de47e348c28	873 B	2023-03-07	2023-03-14
Pretty Observations First Seen2023-03-07 14:33:11 Last Seen2023-03-14 02:13:36 Times Seen1 Hash fd474c68b715a71665cb3de47e348c28 a3a8ea817f62ddbf860adeb42223c75a02bc97c3 ed04fe40f9d557c156a53678bc2ebda259efb1c1b4c42215b1cd57a590ab3db2 Loading...

	#3 Eval - fb5cb7b246e69034e02cb9a126ea18af	38 B	2023-03-07	2024-05-09
Pretty Observations First Seen2023-03-07 12:06:54 Last Seen2024-05-09 03:30:21 Times Seen735 Hash fb5cb7b246e69034e02cb9a126ea18af 59691e84cdc7797ab899b6828d78fe0e59015c64 21e1463f2dbdf773d27eb5b59524062b4aedb68414d396e65bb440516cdeae44 Loading...

	#4 Eval - 959103c20b8c7e7c16d3470987d47023	87 B	2023-03-07	2023-03-14
Pretty Observations First Seen2023-03-07 14:33:11 Last Seen2023-03-14 02:13:36 Times Seen1 Hash 959103c20b8c7e7c16d3470987d47023 5d1746f4d0296b85788e4a8a3f2043bd0586dd28 57417104a96d1a427e8d15e07d2d7ee0cf0cc28b9c5c4b6cc5b69d94b15d3175 Loading...

	#5 Eval - 1429e32594860bab89900f5932d918c3	132 B	2023-03-07	2023-03-14
Pretty Observations First Seen2023-03-07 14:33:11 Last Seen2023-03-14 02:13:36 Times Seen1 Hash 1429e32594860bab89900f5932d918c3 21624360ff680994575b5713a678fa68ca5109b9 cefd82456250e4101fa38516ce1c37e1414218788d6106605297abce42788e69 Loading...

HTTP Transactions (138)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11264
Expires: Mon, 14 Nov 2022 15:46:52 GMT
Date: Mon, 14 Nov 2022 12:39:08 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
832aecaba9f06ee2d39d4d4bea65f13c
7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc
a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5295
Cache-Control: max-age=170424
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:08 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 11:59:32 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

www.lmlenzitrasporti.com/page1/rola/posten/

62.149.140.201

200 OK

311 kB

URL HTTP/1.1
www.lmlenzitrasporti.com/page1/rola/posten/
IP
62.149.140.201:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (13785)
Size
311 kB (311417 bytes)
Hash
504601642f169a3af366d64b51f6dfa1
5cd8b2af1eeab2c6e7f0d25687f0dae82b158fae
e05e1a1624dccd5d3b039752357693ff3dde1d6fbb9b00b8c24197d792ab2de2

Detections

Analyzer	Verdict	Alert
openphish	Posten Norge
fortinet	Phishing

HTTP Headers

GET /page1/rola/posten/ HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 12:39:08 GMT
Server: Apache
Last-Modified: Mon, 01 Mar 2021 06:26:11 GMT
ETag: "e418da5b-4c079-5bc73b1a7c2e9"
Accept-Ranges: bytes
Content-Length: 311417
X-Aruba-Cache: NA
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 14 Nov 2022 11:44:34 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3274
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c88bc06741ab9fb81c2544acfcc34aa2
362cab19cff5aba27f472cc00071d5dfa38192e4
314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7142
Expires: Mon, 14 Nov 2022 14:38:10 GMT
Date: Mon, 14 Nov 2022 12:39:08 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: lEeMslWk8hOJ8ph5V43u2iYkDJNhAH4hT62iFC20H3oL4WcOq9VtgZAOQd9dGZ6O8PU0c2b91Q4=
x-amz-request-id: KF44A1EHJ77VXDER
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 14 Nov 2022 12:13:51 GMT
age: 1517
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 14 Nov 2022 12:39:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

z.moatads.com/addthismoatframe568911941483/moatframe.js

23.38.201.146

200 OK

948 B

URL HTTP/2
z.moatads.com/addthismoatframe568911941483/moatframe.js
IP
23.38.201.146:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (523)
Size
948 B (948 bytes)
Hash
f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac

HTTP Headers

GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=49775
date: Mon, 14 Nov 2022 12:39:08 GMT
X-Firefox-Spdy: h2

www.lmlenzitrasporti.com/page1/rola/posten/file/new-style.css

62.149.140.201

200 OK

70 kB

URL HTTP/1.1
www.lmlenzitrasporti.com/page1/rola/posten/file/new-style.css
IP
62.149.140.201:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (306), with CRLF line terminators
Size
70 kB (70502 bytes)
Hash
73a653cde1e623ed4821fc349af9acd4
ebe859b1e01486b5b0f891c189b7dd6f5e5e0acb
c114ac82e20a42a83b74b5cc501010ee1e43f8fd4ef83a79421fd6677891ea7d

HTTP Headers

GET /page1/rola/posten/file/new-style.css HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/

HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 12:39:08 GMT
Server: Apache
Last-Modified: Mon, 01 Mar 2021 06:20:12 GMT
ETag: "e7837a69-11366-5bc739c3ce643"
Accept-Ranges: bytes
Content-Length: 70502
X-Aruba-Cache: NA
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/css

cdn.mycomandia.com/static/shop/common/fonts/flaticon/flaticon.css?v=2019.12.17

176.31.232.62

200 OK

1.2 kB

URL HTTP/2
cdn.mycomandia.com/static/shop/common/fonts/flaticon/flaticon.css?v=2019.12.17
IP
176.31.232.62:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
1.2 kB (1210 bytes)
Hash
e8b5e4d5eb0df11eb339ba959520b978
24777a5efa576aec4026ff30bcf4fd6ecd81b003
2650ffdcb2bf4147d062825fee353bd86e80c1f1c22c0b29ea856fdd3213e0a3

HTTP Headers

GET /static/shop/common/fonts/flaticon/flaticon.css?v=2019.12.17 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 14 Nov 2022 12:39:08 GMT
content-type: text/css
content-length: 1210
last-modified: Mon, 02 Sep 2019 15:03:52 GMT
etag: "5d6d2f58-4ba"
server: rebelio-n1
expires: Tue, 14 Nov 2023 12:39:08 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.mycomandia.com/static/shop/common/css/validationEngine.jquery.css?v=2019.12.17

176.31.232.62

200 OK

3.3 kB

URL HTTP/2
cdn.mycomandia.com/static/shop/common/css/validationEngine.jquery.css?v=2019.12.17
IP
176.31.232.62:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
3.3 kB (3334 bytes)
Hash
a8935f51f8ca663bf3a18d4b1da31bf7
6f2e6f9c21ced7020e6d8c73c2e8ad71d797aa9d
cd363d0f8425d6b271c14ee5d6a8d693c3aa1323b64979b69c69d26661927303

HTTP Headers

GET /static/shop/common/css/validationEngine.jquery.css?v=2019.12.17 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 14 Nov 2022 12:39:08 GMT
content-type: text/css
content-length: 3334
last-modified: Fri, 14 Aug 2015 20:41:08 GMT
etag: "55ce5264-d06"
server: rebelio-n1
expires: Tue, 14 Nov 2023 12:39:08 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b2d6aeeb303eaefc4cc6900e30da3b1b
4c3c027013211aa1b987006d0eb6c72f18c6a657
f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tienda.correos.es/css/common-dynamic.css

94.23.87.92

200 OK

717 B

URL HTTP/1.1
tienda.correos.es/css/common-dynamic.css
IP
94.23.87.92:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
717 B (717 bytes)
Hash
45bca144e962bb998d9d807e54e521c3
63beb9c869ed56068010f501fde069d8e02164d7
31dda737e3779db2e9efd81ab860e724f61738acce5b10558cb6c56c76daf544

HTTP Headers

GET /css/common-dynamic.css HTTP/1.1
Host: tienda.correos.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: server
Date: Mon, 14 Nov 2022 12:39:09 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Backend: 3
Content-Encoding: gzip
X-IPLB-Request-ID: 5B5A2A9A:86EB_5E17575C:01BB_637236EC_15B8A:23F71
X-IPLB-Instance: 35326
Set-Cookie: SERVERID139651=8b65149d|Y3I28|Y3I28; path=/; HttpOnly
Cache-control: private

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b2d6aeeb303eaefc4cc6900e30da3b1b
4c3c027013211aa1b987006d0eb6c72f18c6a657
f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.lmlenzitrasporti.com/page1/rola/posten/file/f.txt

62.149.140.201

200 OK

30 kB

URL HTTP/1.1
www.lmlenzitrasporti.com/page1/rola/posten/file/f.txt
IP
62.149.140.201:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (1994), with CRLF line terminators
Size
30 kB (29742 bytes)
Hash
de7af9d1087edf65499fa8ce40a3c986
1596691629bae9f57063992bdf1af732d447559a
324573528cdc2d00cee54159016323477090223630c684b4cc46b9e437cb13c8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page1/rola/posten/file/f.txt HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/

HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Last-Modified: Mon, 01 Mar 2021 06:20:12 GMT
ETag: "e695ff40-742e-5bc739c3c711f"
Accept-Ranges: bytes
Content-Length: 29742
X-Aruba-Cache: NA
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: text/plain

tienda.correos.es/css/common-dynamic.css

94.23.87.92

200 OK

717 B

URL HTTP/1.1
tienda.correos.es/css/common-dynamic.css
IP
94.23.87.92:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
717 B (717 bytes)
Hash
45bca144e962bb998d9d807e54e521c3
63beb9c869ed56068010f501fde069d8e02164d7
31dda737e3779db2e9efd81ab860e724f61738acce5b10558cb6c56c76daf544

HTTP Headers

GET /css/common-dynamic.css HTTP/1.1
Host: tienda.correos.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: server
Date: Mon, 14 Nov 2022 12:39:09 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Backend: 1
Content-Encoding: gzip
X-IPLB-Request-ID: 5B5A2A9A:86EB_5E17575C:01BB_637236ED_15B8B:23F71
X-IPLB-Instance: 35326
Set-Cookie: SERVERID139651=c80001a3|Y3I28|Y3I28; path=/; HttpOnly
Cache-control: private

cdn.mycomandia.com/static/logos/correos-paq-72-mini.png

176.31.232.62

200 OK

2.4 kB

URL HTTP/2
cdn.mycomandia.com/static/logos/correos-paq-72-mini.png
IP
176.31.232.62:0
ASN
#16276 OVH SAS

File type
PNG image data, 175 x 30, 8-bit/color RGBA, interlaced\012- data
Size
2.4 kB (2373 bytes)
Hash
ad8f5552abb3d774a9c23cf3b0c9272b
4fc71ddac34c0b7438effc6883956ba2149a6a0c
984461e2d55896f29bb79d75b8ab42c1f8c4111bd2fb0c5f03dbc50d1b24b894

HTTP Headers

GET /static/logos/correos-paq-72-mini.png HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 14 Nov 2022 12:39:09 GMT
content-type: image/png
content-length: 2373
last-modified: Mon, 03 May 2021 17:05:44 GMT
etag: "60902d68-945"
server: rebelio-n1
expires: Tue, 14 Nov 2023 12:39:09 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.mycomandia.com/static/logos/correos-paq72.png

176.31.232.62

200 OK

2.0 kB

URL HTTP/2
cdn.mycomandia.com/static/logos/correos-paq72.png
IP
176.31.232.62:0
ASN
#16276 OVH SAS

File type
PNG image data, 128 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (1976 bytes)
Hash
567c7f32c85fe6ca5625f95403eb05e9
ef5da723f8b205d4f75bcb2b63b6e948fa25f330
5d2fb215dbbcbfd1bd663a0cdeaf31c63abde8c6f20aa63551733ebc498bf605

HTTP Headers

GET /static/logos/correos-paq72.png HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 14 Nov 2022 12:39:09 GMT
content-type: image/png
content-length: 1976
last-modified: Mon, 07 Sep 2020 20:01:44 GMT
etag: "5f5691a8-7b8"
server: rebelio-n1
expires: Tue, 14 Nov 2023 12:39:09 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

www.lmlenzitrasporti.com/page1/rola/posten/file/1(1).txt

62.149.140.201

200 OK

1.5 kB

URL HTTP/1.1
www.lmlenzitrasporti.com/page1/rola/posten/file/1(1).txt
IP
62.149.140.201:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (1529), with no line terminators
Size
1.5 kB (1529 bytes)
Hash
f63ac3d276b7077a987675d6006a39dd
a226c5e9acbafd79dab86c1018c274a879cdb5a1
ea0ff8a36f44af31d5379e7c0a28551018e697d4d424f9f31cdd37ed8891616d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page1/rola/posten/file/1(1).txt HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/

HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Last-Modified: Mon, 01 Mar 2021 06:20:11 GMT
ETag: "e695ff38-5f9-5bc739c3bdcc3"
Accept-Ranges: bytes
Content-Length: 1529
X-Aruba-Cache: NA
Keep-Alive: timeout=15, max=97
Connection: Keep-Alive
Content-Type: text/plain

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1af800aa2b326e8af0f2640db68a7a0d
4c617814f5c705737bf4bf111c53bf40bb932af5
594f573b6e73b1d385ae75a518c18a0bb833ac4a3f894fcea377096c756f8cc1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/css/postenstyle.css

62.149.140.201

404 Not Found

254 B

URL HTTP/1.1
www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/css/postenstyle.css
IP
62.149.140.201:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
254 B (254 bytes)
Hash
8877e598a6957ca70e7b238164b24a68
b2fda5b285d164fb3e1a5dbb593973f4b15718ce
644f34ea4ea6eaafc581645e50be26e8d08ba87224fea1d13f5d1b1ff438033d

HTTP Headers

GET /_/asset/no.posten.website:1594301215/css/postenstyle.css HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/

HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Content-Length: 254
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/bundle.js

62.149.140.201

404 Not Found

247 B

URL HTTP/1.1
www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/bundle.js
IP
62.149.140.201:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
247 B (247 bytes)
Hash
5b19b643f388e39168fb9924cc50f99b
eb13aa00e08744f4066de55dc2c59c1960c99110
34a5b64299a36157c0a5f7cbe970243aa1fc0113e8e5c74b0c5731ea3134ce39

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_/asset/no.posten.website:1594301215/js/bundle.js HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/

HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Content-Length: 247
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/chatbot.js

62.149.140.201

404 Not Found

248 B

URL HTTP/1.1
www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/chatbot.js
IP
62.149.140.201:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
248 B (248 bytes)
Hash
f795cb471edbaa7817880a2e73a1a73b
8adf12001d4b11a01c996a2ff375ae87b6b23aa4
36c6bb8da9872370e4a4cf828514100ccdc3cca6bebb81feb6647bbd989b80f5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_/asset/no.posten.website:1594301215/js/chatbot.js HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/

HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Content-Length: 248
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

siteimproveanalytics.com/js/siteanalyze_6015663.js

172.64.143.34

200 OK

13 kB

URL HTTP/1.1
siteimproveanalytics.com/js/siteanalyze_6015663.js
IP
172.64.143.34:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (46126), with no line terminators
Size
13 kB (13074 bytes)
Hash
8d34b09483a348aee12efa3ac53237d1
7da6ecc2b915b04cffaa8cce4729f045b14928fa
3eaff7010e8f409a2c3eb1bb86608c66191110f22d6d9ae427fbae37c028db07

HTTP Headers

GET /js/siteanalyze_6015663.js HTTP/1.1
Host: siteimproveanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 12:39:09 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 13074
Connection: keep-alive
x-amz-id-2: gENEtPecMLe26Bw56WSHM6K1yBzstMaGLkVRxxRyIVzzfBEVpseztVVHJAyrnUV8xdp8Nw5EYTU=
x-amz-request-id: YHZKZRSAQ69HVXGV
Cache-Control: max-age=86400, no-transform
Content-Encoding: gzip
Last-Modified: Fri, 11 Nov 2022 10:21:56 GMT
ETag: "8d34b09483a348aee12efa3ac53237d1"
CF-Cache-Status: HIT
Age: 6446
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BI4S8BtzErIZcZA8NLouVv0bYw6ZvuTGyFqsttD72NV0kyRHWdA5yWR%2BunlAMgQzbUmJiUZk4E%2BEPPRrm0CrXS1Vt1FMRNYIO5htTWGuhQrBX3AKP9D%2F82Gi5%2F%2BnFuvemBq1ClyjOHSVnVA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769fceeb8c747743-LHR
alt-svc: h2=":443"; ma=60

www.lmlenzitrasporti.com/page1/rola/posten/file/1.txt

62.149.140.201

200 OK

263 B

URL HTTP/1.1
www.lmlenzitrasporti.com/page1/rola/posten/file/1.txt
IP
62.149.140.201:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with no line terminators
Size
263 B (263 bytes)
Hash
628aab205fc5a86c455467f9ebcf5e9c
90d8bf119e9c1c3b36d12b96669093bf31575625
c941476875f1024e95df21890a7eb5eddc4acd304a54a8c3b0b033f3356bdaf1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page1/rola/posten/file/1.txt HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/

HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Last-Modified: Mon, 01 Mar 2021 06:20:11 GMT
ETag: "e695ff39-107-5bc739c3be862"
Accept-Ranges: bytes
Content-Length: 263
X-Aruba-Cache: NA
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/plain

in.taskanalytics.com/00012/tm.js?r=&1595299259690

54.216.252.255

403 Forbidden

7 B

URL HTTP/1.1
in.taskanalytics.com/00012/tm.js?r=&1595299259690
IP
54.216.252.255:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536

HTTP Headers

GET /00012/tm.js?r=&1595299259690 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur

in.taskanalytics.com/00012/tm.js?r=&1595299259698

54.216.252.255

403 Forbidden

7 B

URL HTTP/1.1
in.taskanalytics.com/00012/tm.js?r=&1595299259698
IP
54.216.252.255:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536

HTTP Headers

GET /00012/tm.js?r=&1595299259698 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur

cdn.mycomandia.com/static/shop/common/bundle/bootstrap-4.1.0/css/bootstrap.min.css?v=2019.12.17

176.31.232.62

200 OK

28 kB

URL HTTP/2
cdn.mycomandia.com/static/shop/common/bundle/bootstrap-4.1.0/css/bootstrap.min.css?v=2019.12.17
IP
176.31.232.62:0
ASN
#16276 OVH SAS

File type
data
Size
28 kB (28178 bytes)
Hash
a2bc347b69d7b237cce7a105b7db1dab
afeb04a7547ceca59dc386fc1aa6a847c951aabe
163779b58018ea27b0a57fe68432c446e138edd5a8d2cecf1836f031798e4888

HTTP Headers

GET /static/shop/common/bundle/bootstrap-4.1.0/css/bootstrap.min.css?v=2019.12.17 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 14 Nov 2022 12:39:08 GMT
content-type: text/css
last-modified: Mon, 23 Apr 2018 19:31:08 GMT
vary: Accept-Encoding
etag: W/"5ade347c-22485"
server: rebelio-n1
expires: Tue, 14 Nov 2023 12:39:08 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-M83DX4

142.250.74.168

302 Found

250 B

URL HTTP/1.1
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
250 B (250 bytes)
Hash
1373afd5f63dc37d3b1e0cd4a9857230
c6f8ae3f09ce337c9e491f0946bdfe8eab86188a
989490b30a61855760b9f74412798e09385461c1f5f07e630d5fa943bc27a47e

HTTP Headers

GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-M83DX4
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 14 Nov 2022 12:39:09 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0

in.taskanalytics.com/00012/tm.js?r=&1595285185398

54.216.252.255

403 Forbidden

7 B

URL HTTP/1.1
in.taskanalytics.com/00012/tm.js?r=&1595285185398
IP
54.216.252.255:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536

HTTP Headers

GET /00012/tm.js?r=&1595285185398 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur

cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/posten.css

151.101.85.229

200 OK

29 kB

URL HTTP/2
cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/posten.css
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (54670)
Size
29 kB (29077 bytes)
Hash
cab4a25d88a7f23bbe46846ffc169ace
d470188177492d7ce663c298301c852a9cfbde59
6971be30d85421291f18493ae6d84494f4fc9cd42d194aefd7197031f730cbe7

HTTP Headers

GET /npm/@posten/hedwig@11/dist/posten.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 11.9.5
x-jsd-version-type: version
etag: W/"35ae7-VIUJ2giFc9+RlRgcbyfbUh4mbO8"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 14 Nov 2022 12:39:09 GMT
age: 10205
x-served-by: cache-fra-eddf8230074-FRA, cache-bma1635-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29077
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/@posten/hedwig@11/assets/fonts.css

151.101.85.229

200 OK

542 B

URL HTTP/2
cdn.jsdelivr.net/npm/@posten/hedwig@11/assets/fonts.css
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text
Size
542 B (542 bytes)
Hash
b24719d55767c669113336d8c684644d
24067e2371e11e36586528918e5c7adb7356edb9
ff84dceacce38a1a37e28e25757da04eec677c08070213f46fa0384c375ca2e7

HTTP Headers

GET /npm/@posten/hedwig@11/assets/fonts.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 11.9.5
x-jsd-version-type: version
etag: W/"855-mRW2/GJzwxRji+sy+ksrjfYsJnE"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 14 Nov 2022 12:39:09 GMT
age: 12338
x-served-by: cache-fra19167-FRA, cache-bma1635-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 542
X-Firefox-Spdy: h2

cdn.mycomandia.com/static/shop/common/bundle/font-awesome-5/web-fonts-with-css/css/fontawesome-all.min.css?v=2019.12.17

176.31.232.62

200 OK

9.2 kB

URL HTTP/2
cdn.mycomandia.com/static/shop/common/bundle/font-awesome-5/web-fonts-with-css/css/fontawesome-all.min.css?v=2019.12.17
IP
176.31.232.62:0
ASN
#16276 OVH SAS

File type
data
Size
9.2 kB (9223 bytes)
Hash
c7d3dfd8ea11238d97b3ede57bbe49e9
3a7f52605ee388f2b24187be4e71fd16165250c0
39e34be53eaf460fe801e758eb6b754a0e493e00e9e1b9828741d9dde7139f4e

HTTP Headers

GET /static/shop/common/bundle/font-awesome-5/web-fonts-with-css/css/fontawesome-all.min.css?v=2019.12.17 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 14 Nov 2022 12:39:08 GMT
content-type: text/css
last-modified: Mon, 23 Apr 2018 19:31:08 GMT
vary: Accept-Encoding
etag: W/"5ade347c-8ef7"
server: rebelio-n1
expires: Tue, 14 Nov 2023 12:39:08 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/icons.min.js

151.101.85.229

200 OK

325 B

URL HTTP/2
cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/icons.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (484)
Size
325 B (325 bytes)
Hash
3cf89faabd93e7347ff136ce46273e50
11e620a5bdd6f53f699c1117f6abfd368275df67
162897c7f4536145c8f704320004aa5b68d7d08c9e080065657fd1dcee4979f8

HTTP Headers

GET /npm/@posten/hedwig@11/dist/icons.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.9.5
x-jsd-version-type: version
etag: W/"1e5-WAbOTOVCBaDeieReJgLvn/XKjp4"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 14 Nov 2022 12:39:09 GMT
age: 18759
x-served-by: cache-fra19147-FRA, cache-bma1635-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 325
X-Firefox-Spdy: h2

in.taskanalytics.com/00012/tm.js?r=&1595299259862

54.216.252.255

403 Forbidden

7 B

URL HTTP/1.1
in.taskanalytics.com/00012/tm.js?r=&1595299259862
IP
54.216.252.255:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536

HTTP Headers

GET /00012/tm.js?r=&1595299259862 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur

cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/main.js

151.101.85.229

200 OK

55 kB

URL HTTP/2
cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/main.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (33341), with NEL line terminators
Size
55 kB (55029 bytes)
Hash
85b6190fdaeadf4eefe23d56a6dd737c
94336301dde68a895e3f126fbb30613a7825390b
53492ed7b06c0b33cddf8f28f2321e747aa37cbfbe81992ae4aafee469c5677f

HTTP Headers

GET /npm/@posten/hedwig@11/dist/main.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.9.5
x-jsd-version-type: version
etag: W/"28181-2EKNrg/BGxLC+Dxm4axLofxXAq8"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 14 Nov 2022 12:39:09 GMT
age: 18759
x-served-by: cache-fra19165-FRA, cache-bma1635-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 55029
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=DC-9852050&l=dataLayer&cx=c

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=DC-9852050&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (44242 bytes)
Hash
4cad29d74725714e61a37c3ac8f117c9
7ef22110b2617054b394b0c75ea00bc285df5db9
22f888610503da841e478e40d54f48f115e51b8e42f57fc8d2ee8fc65bc7516b

HTTP Headers

GET /gtag/js?id=DC-9852050&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 14 Nov 2022 12:39:09 GMT
expires: Mon, 14 Nov 2022 12:39:09 GMT
cache-control: private, max-age=900
last-modified: Mon, 14 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44242
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 14 Nov 2022 12:25:01 GMT
cache-control: public,max-age=3600
age: 848
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-M83DX4

142.250.74.168

200 OK

76 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (23428)
Size
76 kB (76521 bytes)
Hash
9686503b7d5642e78fee39152a52dedd
e6eb6dbe08d010ea29c6f763cfdb1bc38f6dd207
cf21b8c8ffdda6fed07c2fb390b532008a13e6dd083f286082c21a1fac5a306c

HTTP Headers

GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.lmlenzitrasporti.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 14 Nov 2022 12:39:09 GMT
expires: Mon, 14 Nov 2022 12:39:09 GMT
cache-control: private, max-age=900
last-modified: Mon, 14 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76521
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
8af3a150c8d71c52aa93e553ab576bf5
53537ee37ecc5ac396e4df09d18f6899fdfa1078
53159401f00d7839a26ddb25ba4925e051fef2b3cfac155e272a8f34722f6a31

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 12:39:09 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "68C54179ECC307DDC05641606269A20E45F7FD8D"
Expires: Mon, 14 Nov 2022 23:00:00 GMT
Last-Modified: Mon, 14 Nov 2022 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 820
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769fceec6a50b51d-OSL

www.lmlenzitrasporti.com/page1/rola/posten/file/js

62.149.140.201

200 OK

86 kB

URL HTTP/1.1
www.lmlenzitrasporti.com/page1/rola/posten/file/js
IP
62.149.140.201:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (1578), with CRLF line terminators
Size
86 kB (86235 bytes)
Hash
3bc2dba628f72e4cb686cabe461d5817
2e462c205994b0b805bdb67c5270493d4767bbfc
a0244e6ec83e84391c2f82f729629fb848a1d480816753b46e0ab1eed258e516

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page1/rola/posten/file/js HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/

HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Last-Modified: Mon, 01 Mar 2021 06:20:12 GMT
ETag: "e7837a67-150db-5bc739c3cc338"
Accept-Ranges: bytes
Content-Length: 86235
X-Aruba-Cache: NA
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/plain

in.taskanalytics.com/00012/tm.js?r=&1595299259862

54.216.252.255

403 Forbidden

7 B

URL HTTP/1.1
in.taskanalytics.com/00012/tm.js?r=&1595299259862
IP
54.216.252.255:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536

HTTP Headers

GET /00012/tm.js?r=&1595299259862 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur

in.taskanalytics.com/00012/tm.js?r=&1595299259690

54.216.252.255

403 Forbidden

7 B

URL HTTP/1.1
in.taskanalytics.com/00012/tm.js?r=&1595299259690
IP
54.216.252.255:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536

HTTP Headers

GET /00012/tm.js?r=&1595299259690 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1af800aa2b326e8af0f2640db68a7a0d
4c617814f5c705737bf4bf111c53bf40bb932af5
594f573b6e73b1d385ae75a518c18a0bb833ac4a3f894fcea377096c756f8cc1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

in.taskanalytics.com/00012/tm.js?r=&1595299259698

54.216.252.255

403 Forbidden

7 B

URL HTTP/1.1
in.taskanalytics.com/00012/tm.js?r=&1595299259698
IP
54.216.252.255:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536

HTTP Headers

GET /00012/tm.js?r=&1595299259698 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
71ce511016c35873398f6ef07fcc93d1
7938922f1a045429a9ff860b4c4687884db180b1
84ba6efae37e39f1aa5b0f9d829a7115a8f0f0c0678e386e95ffad63732160e1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158613
Date: Mon, 14 Nov 2022 12:39:09 GMT
Etag: "6371fcc8-1d7"
Expires: Wed, 16 Nov 2022 08:42:42 GMT
Last-Modified: Mon, 14 Nov 2022 08:31:04 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: u-de9ruaTafUgSDlKTHXs37Uwy-g1dZdwGu7c22gOscTFhdf_li7HA==
Age: 698

www.lmlenzitrasporti.com/page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement

62.149.140.201

404 Not Found

250 B

URL HTTP/1.1
www.lmlenzitrasporti.com/page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement
IP
62.149.140.201:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
250 B (250 bytes)
Hash
4d7d6ba9558b7a14f557bf20672314e0
4f10a42b4073bb897a8452e544b01f81901a657e
633140f227d704ab90634132a6544edf1bcee713564f3487d3f8db388cea644c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/

HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Content-Length: 250
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3200044057cb585f1a435c0efece61c8
8305d5b5891288aa9996b4b4ca6fce2265413194
df45704534a24928e7659a6d8cd1b5ac9ffa9b224b02b34a2d6aed5ef69fd586

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3331
Cache-Control: max-age=163403
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:09 GMT
Etag: "63720535-1d7"
Expires: Wed, 16 Nov 2022 10:02:32 GMT
Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

www.googletagmanager.com/gtm.js?id=GTM-M83DX4

142.250.74.168

302 Found

250 B

URL HTTP/1.1
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
250 B (250 bytes)
Hash
1373afd5f63dc37d3b1e0cd4a9857230
c6f8ae3f09ce337c9e491f0946bdfe8eab86188a
989490b30a61855760b9f74412798e09385461c1f5f07e630d5fa943bc27a47e

HTTP Headers

GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-M83DX4
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 14 Nov 2022 12:39:09 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0

in.taskanalytics.com/00012/tm.js?r=&1595293061872

54.216.252.255

403 Forbidden

7 B

URL HTTP/1.1
in.taskanalytics.com/00012/tm.js?r=&1595293061872
IP
54.216.252.255:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536

HTTP Headers

GET /00012/tm.js?r=&1595293061872 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur

in.taskanalytics.com/00012/tm.js?r=&1595293061723

54.216.252.255

403 Forbidden

7 B

URL HTTP/1.1
in.taskanalytics.com/00012/tm.js?r=&1595293061723
IP
54.216.252.255:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536

HTTP Headers

GET /00012/tm.js?r=&1595293061723 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur

www.lmlenzitrasporti.com/page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement

62.149.140.201

404 Not Found

250 B

URL HTTP/1.1
www.lmlenzitrasporti.com/page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement
IP
62.149.140.201:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
250 B (250 bytes)
Hash
4d7d6ba9558b7a14f557bf20672314e0
4f10a42b4073bb897a8452e544b01f81901a657e
633140f227d704ab90634132a6544edf1bcee713564f3487d3f8db388cea644c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page1/rola/posten/file/moatframe.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/

HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Content-Length: 250
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.googletagmanager.com/gtm.js?id=GTM-M83DX4

142.250.74.168

302 Found

250 B

URL HTTP/1.1
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
250 B (250 bytes)
Hash
1373afd5f63dc37d3b1e0cd4a9857230
c6f8ae3f09ce337c9e491f0946bdfe8eab86188a
989490b30a61855760b9f74412798e09385461c1f5f07e630d5fa943bc27a47e

HTTP Headers

GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-M83DX4
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 14 Nov 2022 12:39:09 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0

in.taskanalytics.com/00012/tm.js?r=&1595285185398

54.216.252.255

403 Forbidden

7 B

URL HTTP/1.1
in.taskanalytics.com/00012/tm.js?r=&1595285185398
IP
54.216.252.255:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536

HTTP Headers

GET /00012/tm.js?r=&1595285185398 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:09 GMT
Via: 1.1 vegur

www.googletagmanager.com/gtm.js?id=GTM-M83DX4

142.250.74.168

302 Found

250 B

URL HTTP/1.1
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
250 B (250 bytes)
Hash
1373afd5f63dc37d3b1e0cd4a9857230
c6f8ae3f09ce337c9e491f0946bdfe8eab86188a
989490b30a61855760b9f74412798e09385461c1f5f07e630d5fa943bc27a47e

HTTP Headers

GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-M83DX4
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 14 Nov 2022 12:39:09 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0

www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/bundle.js

62.149.140.201

404 Not Found

247 B

URL HTTP/1.1
www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/bundle.js
IP
62.149.140.201:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
247 B (247 bytes)
Hash
5b19b643f388e39168fb9924cc50f99b
eb13aa00e08744f4066de55dc2c59c1960c99110
34a5b64299a36157c0a5f7cbe970243aa1fc0113e8e5c74b0c5731ea3134ce39

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_/asset/no.posten.website:1594301215/js/bundle.js HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
Cookie: _gcl_au=1.1.998631713.1668429548

HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 12:39:09 GMT
Server: Apache
Content-Length: 247
Keep-Alive: timeout=15, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c032f30e41c8a71a7610a7be9f7b6255
01daaa4dbbb0e2d2402e4796c37843f01464c813
bcefb7ad2179e9704c340d8cefc2de63aac8e9e35c10433090127cd7e323bb7c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.mycomandia.com/static/shop/common/fonts/flaticon/Flaticon.woff2

176.31.232.62

200 OK

2.0 kB

URL HTTP/2
cdn.mycomandia.com/static/shop/common/fonts/flaticon/Flaticon.woff2
IP
176.31.232.62:0
ASN
#16276 OVH SAS

File type
Web Open Font Format (Version 2), TrueType, length 2024, version 1.0\012- data
Size
2.0 kB (2024 bytes)
Hash
c1b7ca92614b5e76d59b8b467f1d8dd9
6ada3f43e5b4ec1a77383f2af00dd2b3c990af5c
a92c73eb3e53032a9846ca27c2c579b424b45a893ac814288954762e878b5e1b

HTTP Headers

GET /static/shop/common/fonts/flaticon/Flaticon.woff2 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.lmlenzitrasporti.com
Connection: keep-alive
Referer: https://cdn.mycomandia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 14 Nov 2022 12:39:10 GMT
content-type: application/octet-stream
content-length: 2024
last-modified: Mon, 02 Sep 2019 15:03:52 GMT
etag: "5d6d2f58-7e8"
server: rebelio-n1
expires: Tue, 14 Nov 2023 12:39:10 GMT
cache-control: max-age=31536000
backend: 1
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=4057822662770;gtm=2wgb90;auiddc=998631713.1668429548;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F?

142.250.74.70

200 OK

272 B

URL HTTP/2
8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=4057822662770;gtm=2wgb90;auiddc=998631713.1668429548;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F?
IP
142.250.74.70:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (588), with no line terminators
Size
272 B (272 bytes)
Hash
585e85202fa6ac353710aa60d3a12c35
5e6c245db4f669a885b34d18783346086d2ad998
db086210f191aa5caeaebec22a281d23489227776cec2f01809a3d8b146944a6

HTTP Headers

GET /activityi;src=8260928;type=global;cat=postengl;ord=4057822662770;gtm=2wgb90;auiddc=998631713.1668429548;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F? HTTP/1.1
Host: 8260928.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 272
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 14-Nov-2022 12:54:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.89.181.160

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.181.160:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6YOIaPK43rEBMTe7ZeyE2Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qL8VPAvdng/gckWkUqSFgmXGZps=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c032f30e41c8a71a7610a7be9f7b6255
01daaa4dbbb0e2d2402e4796c37843f01464c813
bcefb7ad2179e9704c340d8cefc2de63aac8e9e35c10433090127cd7e323bb7c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/chatbot.js

62.149.140.201

404 Not Found

248 B

URL HTTP/1.1
www.lmlenzitrasporti.com/_/asset/no.posten.website:1594301215/js/chatbot.js
IP
62.149.140.201:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
248 B (248 bytes)
Hash
f795cb471edbaa7817880a2e73a1a73b
8adf12001d4b11a01c996a2ff375ae87b6b23aa4
36c6bb8da9872370e4a4cf828514100ccdc3cca6bebb81feb6647bbd989b80f5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_/asset/no.posten.website:1594301215/js/chatbot.js HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
Cookie: _gcl_au=1.1.998631713.1668429548

HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 12:39:10 GMT
Server: Apache
Content-Length: 248
Keep-Alive: timeout=15, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D?

142.250.74.70

200 OK

427 B

URL HTTP/1.1
8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D?
IP
142.250.74.70:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (636), with no line terminators
Size
427 B (427 bytes)
Hash
7894f56de7efa41c42aab98bd8cd19ba
4a3a8110cc5a2e6deccedda3ac6d00bed188ff10
34c3b01b8c469b58e9933b67e4a12c9dd98ec4daefd4324f0aceb92cf8dd6d44

HTTP Headers

GET /activityi;src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D? HTTP/1.1
Host: 8260928.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 14 Nov 2022 12:39:10 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 427
X-XSS-Protection: 0

8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F?

142.250.74.70

200 OK

379 B

URL HTTP/1.1
8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F?
IP
142.250.74.70:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (514), with no line terminators
Size
379 B (379 bytes)
Hash
b0d6eab9eab3a20438b0bd13da342a70
134028116c2bead7b536a69aff5cdffbe7cef66c
a10b560c3b8f69897480622085a0ab5675665bff0b3e3f8ead749b3f2535c7dc

HTTP Headers

GET /activityi;src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F? HTTP/1.1
Host: 8260928.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 14 Nov 2022 12:39:10 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 379
X-XSS-Protection: 0

8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D?

142.250.74.70

200 OK

427 B

URL HTTP/1.1
8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D?
IP
142.250.74.70:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (636), with no line terminators
Size
427 B (427 bytes)
Hash
78b225543f9ea122bf259d94fd379b4b
cbe260dd69e0791c6479bf8c214f28aa09a41286
e2e8bdcba10a07de068f0c41f8f0c7dd6bfed0b8b0f4aaedae5b263cd70e0362

HTTP Headers

GET /activityi;src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D? HTTP/1.1
Host: 8260928.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 14 Nov 2022 12:39:10 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 427
X-XSS-Protection: 0

in.taskanalytics.com/00012/tm.js?r=&1668429548609

54.216.252.255

403 Forbidden

7 B

URL HTTP/1.1
in.taskanalytics.com/00012/tm.js?r=&1668429548609
IP
54.216.252.255:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536

HTTP Headers

GET /00012/tm.js?r=&1668429548609 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:10 GMT
Via: 1.1 vegur

in.taskanalytics.com/00012/tm.js?r=&1668429548612

54.216.252.255

403 Forbidden

7 B

URL HTTP/1.1
in.taskanalytics.com/00012/tm.js?r=&1668429548612
IP
54.216.252.255:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536

HTTP Headers

GET /00012/tm.js?r=&1668429548612 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:10 GMT
Via: 1.1 vegur

in.taskanalytics.com/00012/tm.js?r=&1668429548611

54.216.252.255

403 Forbidden

7 B

URL HTTP/1.1
in.taskanalytics.com/00012/tm.js?r=&1668429548611
IP
54.216.252.255:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536

HTTP Headers

GET /00012/tm.js?r=&1668429548611 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:10 GMT
Via: 1.1 vegur

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
96c9e6a333b1f0fddf32f24e7b965151
647fee1eb0d6839e30115edebe8d0840e6152cdb
a2ac4ddc863a9d641d91d504db389e0116cf1699322d2391f17d5785bf5bc538

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4057822662770;gtm=2wgb90;auiddc=998631713.1668429548;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F

142.250.74.66

200 OK

272 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4057822662770;gtm=2wgb90;auiddc=998631713.1668429548;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (587), with no line terminators
Size
272 B (272 bytes)
Hash
0e5d866a890390344a419fc9dcff8406
6c351b3350936edecbe405694703324e2a45ba9b
8600605b779bf5c2d30faac5e356904819b2633ae25114b883422524a55c37d6

HTTP Headers

GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4057822662770;gtm=2wgb90;auiddc=998631713.1668429548;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8260928.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 272
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F

142.250.74.66

200 OK

251 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (513), with no line terminators
Size
251 B (251 bytes)
Hash
66bab8b407292b70d4f0f305ec9acacd
4acdd7d1e3e07355322ca7aaf74899a6e67a64a8
fffcc1ee1d9daaab2e3396862ae8e5913226f7da9049f41dad4a15604fc939c9

HTTP Headers

GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://8260928.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D

142.250.74.66

200 OK

297 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (635), with no line terminators
Size
297 B (297 bytes)
Hash
bc6d6c3a1c420799472640b0a824691d
a5386ff8c52d713dc16ee1630746b76ee6a0c37a
c077749c0272ef956823be09fc24bb8b28c91397ece025c16b8ddfddce8b8806

HTTP Headers

GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://8260928.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 297
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D

142.250.74.66

200 OK

299 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (635), with no line terminators
Size
299 B (299 bytes)
Hash
73fbf7971c5c280fa659ce0ac803c7ab
15baa8bc86051abe9c8da4d47720b403004d4ec0
5171ae2d45af40b0aa0c09c444ff33f7322ca5d258a1be8e2f00f795d32ef652

HTTP Headers

GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://8260928.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 299
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

vars.hotjar.com/box-XMRheight:%201px%20!important;%20opacity:%200%20!important;%20pointer-events:%20none%20!important;

54.230.111.85

403 Forbidden

243 B

URL HTTP/2
vars.hotjar.com/box-XMRheight:%201px%20!important;%20opacity:%200%20!important;%20pointer-events:%20none%20!important;
IP
54.230.111.85:0
ASN
#16509 AMAZON-02

File type
data
Size
243 B (243 bytes)
Hash
91837704cb39cce11910686e21f366de
68a8d78a42570c446a6f5c31669eb6da6167561e
4bccada4eab6cc22fb89b250369d2996feccf0be22173b5cfb2c780c748a7c32

HTTP Headers

GET /box-XMRheight:%201px%20!important;%20opacity:%200%20!important;%20pointer-events:%20none%20!important; HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-type: application/xml
content-length: 243
date: Mon, 14 Nov 2022 12:39:10 GMT
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YBHDsk-scqw-bAmqJAoSc2TiW27mD2vBPWB20OW60EdhvRBtRjFaYw==
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
96c9e6a333b1f0fddf32f24e7b965151
647fee1eb0d6839e30115edebe8d0840e6152cdb
a2ac4ddc863a9d641d91d504db389e0116cf1699322d2391f17d5785bf5bc538

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3ed64b41b0a432ed6f8763fb24643390
a706034f8eaca414f20e2bde40ff84dde5509515
f5486847b03849b009bebe64683cd107ac2427ffbf109786938be5e06e620aea

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3ed64b41b0a432ed6f8763fb24643390
a706034f8eaca414f20e2bde40ff84dde5509515
f5486847b03849b009bebe64683cd107ac2427ffbf109786938be5e06e620aea

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3ed64b41b0a432ed6f8763fb24643390
a706034f8eaca414f20e2bde40ff84dde5509515
f5486847b03849b009bebe64683cd107ac2427ffbf109786938be5e06e620aea

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3ed64b41b0a432ed6f8763fb24643390
a706034f8eaca414f20e2bde40ff84dde5509515
f5486847b03849b009bebe64683cd107ac2427ffbf109786938be5e06e620aea

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

in.taskanalytics.com/00012/tm.js?r=&1668429548819

54.216.252.255

403 Forbidden

7 B

URL HTTP/1.1
in.taskanalytics.com/00012/tm.js?r=&1668429548819
IP
54.216.252.255:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536

HTTP Headers

GET /00012/tm.js?r=&1668429548819 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Mon, 14 Nov 2022 12:39:10 GMT
Via: 1.1 vegur

adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4057822662770;gtm=2wgb90;auiddc=998631713.1668429548;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F

142.250.74.162

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4057822662770;gtm=2wgb90;auiddc=998631713.1668429548;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4057822662770;gtm=2wgb90;auiddc=998631713.1668429548;u1=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F;u2=page1;u3=rola-posten;u4=Posten.no;u5=;~oref=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Mon, 14 Nov 2022 12:39:10 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D

142.250.74.162

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Mon, 14 Nov 2022 12:39:10 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D

142.250.74.162

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Mon, 14 Nov 2022 12:39:10 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F

142.250.74.162

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Mon, 14 Nov 2022 12:39:10 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3ed64b41b0a432ed6f8763fb24643390
a706034f8eaca414f20e2bde40ff84dde5509515
f5486847b03849b009bebe64683cd107ac2427ffbf109786938be5e06e620aea

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
2b8683209feb823e1ec2a35199ab8e59
df3e2ff43415b59aa05b9da3a916339585417e2e
522f970372008500095b0a891a3880bd7d4ef689f137dd7ba16049d2177f47f5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=127459
Date: Mon, 14 Nov 2022 12:39:10 GMT
Etag: "6371743c-1d7"
Expires: Wed, 16 Nov 2022 00:03:29 GMT
Last-Modified: Sun, 13 Nov 2022 22:48:28 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Q3WlDAkjGKl9FWK_xpnDjf0QSwAvsN0blceZboaHQ1j65xLA1Dq-tQ==
Age: 4501

6015663.global.siteimproveanalytics.io/image.aspx?url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&title=Posten.no&res=1280x1024&accountid=6015663&rt=1259&prev=4e38ae71-4730-465b-e391-719e48102403&luid=12e400e0-9f2d-2f20-d71d-d3af4050d9bf&rnd=41015

18.158.237.5

200 OK

34 B

URL HTTP/2
6015663.global.siteimproveanalytics.io/image.aspx?url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&title=Posten.no&res=1280x1024&accountid=6015663&rt=1259&prev=4e38ae71-4730-465b-e391-719e48102403&luid=12e400e0-9f2d-2f20-d71d-d3af4050d9bf&rnd=41015
IP
18.158.237.5:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
34 B (34 bytes)
Hash
a82ba3a9d42148e9cf209df13d8c3f3d
dba80835d31175bdcf0bcad1abafefb06d86e304
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

HTTP Headers

GET /image.aspx?url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&title=Posten.no&res=1280x1024&accountid=6015663&rt=1259&prev=4e38ae71-4730-465b-e391-719e48102403&luid=12e400e0-9f2d-2f20-d71d-d3af4050d9bf&rnd=41015 HTTP/1.1
Host: 6015663.global.siteimproveanalytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 14 Nov 2022 12:39:10 GMT
content-type: image/gif
content-length: 34
set-cookie: AWSALB=PGt4Xu/UxFxGCFK6FWjjxtsKrap7AIBABR/KSz3PEjOU7pBDVEf2adbFIrt8SdlaS9g08XiNIA1EedF6pBwKxvNvWH70yxcP0MTRvonlPMuv1eijx2YQW8jeR2tl; Expires=Mon, 21 Nov 2022 12:39:10 GMT; Path=/
AWSALBCORS=PGt4Xu/UxFxGCFK6FWjjxtsKrap7AIBABR/KSz3PEjOU7pBDVEf2adbFIrt8SdlaS9g08XiNIA1EedF6pBwKxvNvWH70yxcP0MTRvonlPMuv1eijx2YQW8jeR2tl; Expires=Mon, 21 Nov 2022 12:39:10 GMT; Path=/; SameSite=None; Secure
cache-control: max-age=0
expires: Mon, 14 Nov 2022 12:39:10 UTC
X-Firefox-Spdy: h2

b.scorecardresearch.com/beacon.js

54.230.111.125

200 OK

1.9 kB

URL HTTP/1.1
b.scorecardresearch.com/beacon.js
IP
54.230.111.125:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (3936)
Size
1.9 kB (1882 bytes)
Hash
95ead88a8555078b6f6bb9f697a8a4ec
1fbbfb3a67372b6b034d295a717e6601344e7216
4e0f7c7a56fc7a7bfc3d73b3ea4b4981c676efaaa126b6576e2b4f21eba78a88

HTTP Headers

GET /beacon.js HTTP/1.1
Host: b.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 14 Nov 2022 01:57:23 GMT
Cache-Control: max-age=86400
ETag: W/"eaf85c1c6758e84acfe134efd70e9373"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gvM5r6AVe0M7r-ENHiJUCXuf5HtE1DARjy0CrwCbGhftN-uXc2LrmQ==
Age: 38510

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/1.1
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27337 bytes)
Hash
0ac10debd3a9ea8147a26d045bb93e6e
ff45f3442508e8695f2303701682ebdb6e016464
5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
Pragma: public
Cache-Control: public, max-age=1200
Expires: Sat, 01 Jan 2000 00:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
X-FB-Debug: vvGitSgqFZ1d3nZBfEMt28NCGStUmzQb1XI1vtY5q/r7r/Sw3SxCw3gInxO9O7OVAz2cXHlxd2V8NBHMbntKmQ==
X-FB-TRIP-ID: 1904183273
Date: Mon, 14 Nov 2022 12:39:10 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 27337

static.ads-twitter.com/uwt.js

151.101.84.157

200 OK

15 kB

URL HTTP/1.1
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (57596), with no line terminators
Size
15 kB (15375 bytes)
Hash
573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 15375
Last-Modified: Thu, 27 Oct 2022 18:55:37 GMT
Cache-Control: no-cache
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
Accept-Ranges: bytes
Date: Mon, 14 Nov 2022 12:39:10 GMT
X-Served-By: cache-iad-kjyo7100147-IAD, cache-bma1631-BMA
X-Cache: HIT, HIT
Vary: Accept-Encoding,Host
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT

www.lmlenzitrasporti.com/_/image/60b33711-0a7f-40bc-974b-0209e50dae4a:91dbc5bf28c5fb069b0219ca5856e5da19efea66/square-192/posten-logo.png

62.149.140.201

404 Not Found

310 B

URL HTTP/1.1
www.lmlenzitrasporti.com/_/image/60b33711-0a7f-40bc-974b-0209e50dae4a:91dbc5bf28c5fb069b0219ca5856e5da19efea66/square-192/posten-logo.png
IP
62.149.140.201:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
310 B (310 bytes)
Hash
9352f0210a326d4c8efdee61bf8dbb2e
cc254f948eac14e8c985dd2422fa4efa68726580
def264931a1bf02ca3887a87992ff6e1c9c4bc3eefe9d7de1d5b30cd8e20657f

HTTP Headers

GET /_/image/60b33711-0a7f-40bc-974b-0209e50dae4a:91dbc5bf28c5fb069b0219ca5856e5da19efea66/square-192/posten-logo.png HTTP/1.1
Host: www.lmlenzitrasporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/page1/rola/posten/
Cookie: _gcl_au=1.1.998631713.1668429548; nmstat=4e38ae71-4730-465b-e391-719e48102403

HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 12:39:10 GMT
Server: Apache
Content-Length: 310
Keep-Alive: timeout=15, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

script.hotjar.com/modules.a1fbf755044ca8f629ba.js

54.230.111.44

200 OK

89 kB

URL HTTP/2
script.hotjar.com/modules.a1fbf755044ca8f629ba.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
89 kB (88758 bytes)
Hash
db69fc2480d3485a988c1628d311d0c0
82abdfda4d399e9e8032a71f1f962e91ad80860f
7517e0f2be2260c0cd09514fb51ac73f72751caa5e58e4fa5267732f3862b318

HTTP Headers

GET /modules.a1fbf755044ca8f629ba.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 88758
date: Tue, 04 Oct 2022 09:53:15 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "db69fc2480d3485a988c1628d311d0c0"
last-modified: Wed, 22 Jul 2020 09:42:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YerKTIxaauHihEn_CRX1kLT0zGHqUlesc453uz6krLcBGD4SM2vXAQ==
age: 3552355
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5e80da4d7eecb711fd30395a80a40107
3051e29b919e705dc29bfa4dcf943adfe4f9efb6
f31820520fcfcc11ff412c986d56213def98f4452d47061237cfdc85fa18c2cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4917
Cache-Control: max-age=170769
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Etag: "63721bca-1d7"
Expires: Wed, 16 Nov 2022 12:05:19 GMT
Last-Modified: Mon, 14 Nov 2022 10:43:22 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

static.ads-twitter.com/uwt.js

151.101.84.157

304 Not Modified

0 B

URL HTTP/1.1
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"

HTTP/1.1 304 Not Modified
Connection: keep-alive
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: no-cache
ETag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
X-Served-By: cache-bma1631-BMA
X-Cache: HIT
Vary: Accept-Encoding,Host
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT

acdn.adnxs.com/dmp/up/pixie.js

151.101.85.108

200 OK

3.3 kB

URL HTTP/1.1
acdn.adnxs.com/dmp/up/pixie.js
IP
151.101.85.108:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (9139), with no line terminators
Size
3.3 kB (3340 bytes)
Hash
75b9af81e30e45403e6856566e888545
d013e9a47331447f32c2bdf6f35b286e711788f0
dd26e2e55783f6174ceea7c7a3b10e5af1c7fca56fc2543956a38b848f32a151

HTTP Headers

GET /dmp/up/pixie.js HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3340
Server: nginx/1.18.0 (Ubuntu)
Content-Type: application/javascript
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
ETag: W/"60b79de0-23b3"
Expires: Mon, 31 Oct 2022 05:58:51 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 14 Nov 2022 12:39:10 GMT
Age: 23991
X-Served-By: cache-lga21930-LGA, cache-bma1626-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 4652
X-Timer: S1668429551.828038,VS0,VE0
Vary: Accept-Encoding

snap.licdn.com/li.lms-analytics/insight.min.js

23.36.76.121

200 OK

4.5 kB

URL HTTP/2
snap.licdn.com/li.lms-analytics/insight.min.js
IP
23.36.76.121:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (12826)
Size
4.5 kB (4530 bytes)
Hash
806d185619a4ef5951ab91810117e4ba
f40031c0ea5718f6d9a0a35e8ca60262daedc440
06489a801966cb9e7b467aed4edb63aa10bc2e588d259054ef696ade54e4b19f

HTTP Headers

GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 19:27:04 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=68071
date: Mon, 14 Nov 2022 12:39:10 GMT
content-length: 4530
x-cdn: AKAM
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ad435294061dbdaf662a3169c556d25
df00f159cc18b79d03cb15ee6cbe00c7e86339f2
6da35ce76e5ed3bfd884fa7fba9999890342a83316c051696eb623fe5640f8e3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

s10.histats.com/js15_as.js

46.105.201.240

200 OK

4.5 kB

URL HTTP/1.1
s10.histats.com/js15_as.js
IP
46.105.201.240:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (11440), with no line terminators
Size
4.5 kB (4547 bytes)
Hash
2b153cb2287eac49566b32fce9c385f8
206074b038daff8bc66d86bca0c5ff35f9f72655
7398435bd3f0dae8206173dd66954ae029dc8787962d5f089bcb548f53409869

HTTP Headers

GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/

HTTP/1.1 200 OK
date: Mon, 14 Nov 2022 12:37:30 GMT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 21497985
etag: W/"-375139978"
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4547
x-iplb-request-id: 5B5A2A9A:335C_2E69C9F0:0050_637236EE_C7CB2:88CB
x-iplb-instance: 42305

static.ads-twitter.com/uwt.js

151.101.84.157

304 Not Modified

0 B

URL HTTP/1.1
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"

HTTP/1.1 304 Not Modified
Connection: keep-alive
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: no-cache
ETag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
X-Served-By: cache-bma1631-BMA
X-Cache: HIT
Vary: Accept-Encoding,Host
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/plugins/ua/linkid.js

142.250.74.174

200 OK

859 B

URL HTTP/2
www.google-analytics.com/plugins/ua/linkid.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1335)
Size
859 B (859 bytes)
Hash
904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237

HTTP Headers

GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 12:29:39 GMT
expires: Mon, 14 Nov 2022 13:29:39 GMT
cache-control: public, max-age=3600
age: 571
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googleadservices.com/pagead/conversion_async.js

142.250.74.162

200 OK

15 kB

URL HTTP/2
www.googleadservices.com/pagead/conversion_async.js
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1654)
Size
15 kB (15191 bytes)
Hash
43554e104968194aa58c92a60f87b85f
83b93428a7de45e05dee9935cd267ded8fbe3047
761e05cdcb9af97e1de328b96155b9c5595111aadeb3de62c28a07bfb4c68c71

HTTP Headers

GET /pagead/conversion_async.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 14 Nov 2022 12:39:10 GMT
expires: Mon, 14 Nov 2022 12:39:10 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 2264052217849554208
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15191
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-507531.js?sv=7

54.230.111.66

200 OK

0 B

URL HTTP/2
static.hotjar.com/c/hotjar-507531.js?sv=7
IP
54.230.111.66:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c/hotjar-507531.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 14 Nov 2022 12:39:10 GMT
cache-control: max-age=60
etag: W/d41d8cd98f00b204e9800998ecf8427e
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8uDbMzmzd8IlDnpRGx1fIspWrI_1WvGEkuy5g7LL4jPZGOsizzIY3A==
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 14 Nov 2022 10:41:09 GMT
expires: Mon, 14 Nov 2022 12:41:09 GMT
cache-control: public, max-age=7200
age: 7081
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8094f6d66cd067b92b99cc3c1ec916c6
cdb6d27ace38846e7a770dafce189f90a30db886
f07248933eddbab19c1153daaece5a2c3bcb421598bfab2c4b0f4c547d75e817

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c1abc90e3b0a3418b27aa617d9e6f6eb
ec09eabd2f48a4013c6ae13d0145d5cd5823aa96
57905b7c1951f7340d51107297e02bd848abecfcf701ea8bc1befa105ee0178f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/images/branding/product/1x/translate_24dp.png

142.250.74.163

200 OK

846 B

URL HTTP/2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
846 B (846 bytes)
Hash
e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

HTTP Headers

GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 11:57:41 GMT
expires: Tue, 14 Nov 2023 11:57:41 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 2489
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

encrypted-tbn0.gstatic.com/images?q=tbn%3AANd9GcQTrX8MP4pA-vzwCA0DiAM71Fj69Cm9CP7aY7NITLF99rsGcwM9

142.250.74.78

200 OK

6.2 kB

URL HTTP/2
encrypted-tbn0.gstatic.com/images?q=tbn%3AANd9GcQTrX8MP4pA-vzwCA0DiAM71Fj69Cm9CP7aY7NITLF99rsGcwM9
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Size
6.2 kB (6238 bytes)
Hash
2063951383d22405d0663550e2ed3762
6a256b7cdec8d0e0aaf2c86c17e7cc34693a609e
0fb41ab8877699782e17566fafad17e01b8d04b840db658583cb0d3b9508fff4

HTTP Headers

GET /images?q=tbn%3AANd9GcQTrX8MP4pA-vzwCA0DiAM71Fj69Cm9CP7aY7NITLF99rsGcwM9 HTTP/1.1
Host: encrypted-tbn0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 6238
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 07:43:46 GMT
expires: Tue, 14 Nov 2023 07:43:46 GMT
cache-control: public, max-age=31536000
age: 17724
last-modified: Thu, 28 Dec 2017 03:23:06 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.163

200 OK

1.8 kB

URL HTTP/2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 11:25:58 GMT
expires: Tue, 14 Nov 2023 11:25:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 4392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&ct_cookie_present=1

216.58.211.2

200 OK

42 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&ct_cookie_present=1
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/viewthroughconversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 14-Nov-2022 12:54:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5e80da4d7eecb711fd30395a80a40107
3051e29b919e705dc29bfa4dcf943adfe4f9efb6
f31820520fcfcc11ff412c986d56213def98f4452d47061237cfdc85fa18c2cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4917
Cache-Control: max-age=170769
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Etag: "63721bca-1d7"
Expires: Wed, 16 Nov 2022 12:05:19 GMT
Last-Modified: Mon, 14 Nov 2022 10:43:22 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

www.google.com/pagead/1p-conversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4

142.250.74.164

302 Found

63 B

URL HTTP/2
www.google.com/pagead/1p-conversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
63 B (63 bytes)
Hash
0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26

HTTP Headers

GET /pagead/1p-conversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2f155cafc1dce1994f8c5a9c7b43ffcd
53668173c273daf9540e7c5a0aadc11ef246a01e
05a8dd620eac5d494de75b51fc371fb86959551edfcaf87b4eb8ef15df563ccf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c1abc90e3b0a3418b27aa617d9e6f6eb
ec09eabd2f48a4013c6ae13d0145d5cd5823aa96
57905b7c1951f7340d51107297e02bd848abecfcf701ea8bc1befa105ee0178f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 12:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5238
Expires: Mon, 14 Nov 2022 14:06:29 GMT
Date: Mon, 14 Nov 2022 12:39:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5238
Expires: Mon, 14 Nov 2022 14:06:29 GMT
Date: Mon, 14 Nov 2022 12:39:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9322 bytes)
Hash
6f1e763f44800e4de06d69a3b2af74da
35afe48832221fe42de30260b9bcb15867109031
5f234c025d1f586b4364d2ef8c2818d3d4d441691444bb885e89f4c150b3d2a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9322
x-amzn-requestid: 0becd817-a29e-46bf-b9d6-2d18e12f5fe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDvE8DoAMFsiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-5b4bf1674c4edf80458cf53f;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6eUvvtJ48e5eRUJffmsuc9-blgv2dHt-Lsemnf-i8mLQ9CpY0Y94sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:13:29 GMT
age: 51942
etag: "35afe48832221fe42de30260b9bcb15867109031"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5238
Expires: Mon, 14 Nov 2022 14:06:29 GMT
Date: Mon, 14 Nov 2022 12:39:11 GMT
Connection: keep-alive

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6535 bytes)
Hash
a0db3498954921b58948ad8a4e7fd49f
6b618c3ff6e589f9e01650bd0a619acb70d8004e
fa3baa9e32e455ab2eeefab0c76714bf0ff5f67a5ccd7c10b3f5c21d8138c5cf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6535
x-amzn-requestid: 3333aa65-c0c7-4704-9af1-fb0a49f830fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDtHbhoAMFSsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-51c3e4513240b7e5662b8e6e;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6dTOcWIKFuo-Thf3zUH_1WY70yFyQkj3w2xPrb6Ntjf8TUFPVG-_lA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:01:14 GMT
age: 52677
etag: "6b618c3ff6e589f9e01650bd0a619acb70d8004e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7494 bytes)
Hash
dfc7286992b2cebdf1ebb58f85576e61
a49a1bf9716e32979810931d04d1f84216d096c1
7c5288d4ae39202e00c7fd482faa10b5610d31edf0bba9fc69fa4fc1f422b837

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7494
x-amzn-requestid: b07e424a-c11e-442f-8636-e0670cb6f864
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bd8heGBtoAMFYQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f0e09-7dcda14e5077563d726752ae;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 03:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VXu3wEUmBJjK6YiXRFYVAuZ3h-ApKkvK1miRBXpo6faKsx8OOXu0JQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 03:14:47 GMT
age: 33864
etag: "a49a1bf9716e32979810931d04d1f84216d096c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

posten.boost.ai/chatPanel/chatPanel.js

34.243.197.63

200 OK

503 B

URL HTTP/2
posten.boost.ai/chatPanel/chatPanel.js
IP
34.243.197.63:0
ASN
#16509 AMAZON-02

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

GET /chatPanel/chatPanel.js HTTP/1.1
Host: posten.boost.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 14 Nov 2022 12:39:09 GMT
content-type: application/javascript
server: Apache
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=94608000; includeSubDomains
access-control-allow-credentials: true
vary: Origin,Accept-Encoding
last-modified: Mon, 14 Nov 2022 08:38:48 GMT
etag: "b2b60-5ed6a2b0ce7b5-gzip"
accept-ranges: bytes
cache-control: max-age=600
expires: Mon, 14 Nov 2022 12:49:09 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
access-control-allow-headers: content-type, X-Requested-With, accept, Origin, Access-Control-Request-Method, Access-Control-Request-Headers, X-CSRF-TOKEN, X-XSRF-TOKEN, X-XHR-Logon, x-ms-client-application-name, x-ms-client-request-id, x-ms-client-session-id, x-ms-effective-locale
access-control-max-age: 600
x-robots-tag: noindex
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3659f1b-dbbe-487d-af32-218abe7ac972.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10361 bytes)
Hash
082b39a895ac8ac7bf914d71d71b9dfb
183dd713ee74ac0556c7deebde16a4ccf95d1253
5713277b54fe722f7d6ec72b38e648d7c9efab3223f37ba4bc3a71f3b1eded87

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3659f1b-dbbe-487d-af32-218abe7ac972.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10361
x-amzn-requestid: adb2ad3c-fd60-4751-8cd1-7a45055da065
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bUQppG9RIAMFrEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636b2e3d-7cc68ec108c88af51d358860;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 04:36:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pMrFZg6_xA2Q9vb1tgyV8GyfIoA70aROalMHUmOUxL5vfEQgKVZ2cw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 18:02:03 GMT
age: 67028
etag: "183dd713ee74ac0556c7deebde16a4ccf95d1253"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5238
Expires: Mon, 14 Nov 2022 14:06:29 GMT
Date: Mon, 14 Nov 2022 12:39:11 GMT
Connection: keep-alive

www.facebook.com/tr/?id=843920095719058&ev=PageView&dl=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&rl=&if=false&ts=1668429549439&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668429549437.1741899964&it=1668429549223&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=843920095719058&ev=PageView&dl=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&rl=&if=false&ts=1668429549439&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668429549437.1741899964&it=1668429549223&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=843920095719058&ev=PageView&dl=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&rl=&if=false&ts=1668429549439&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668429549437.1741899964&it=1668429549223&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Nov 2022 12:39:11 GMT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11715 bytes)
Hash
cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:52:43 GMT
age: 53188
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.google.no/pagead/1p-conversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0

142.250.74.3

200 OK

63 B

URL HTTP/2
www.google.no/pagead/1p-conversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
63 B (63 bytes)
Hash
0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26

HTTP Headers

GET /pagead/1p-conversion/undefined/?random=1668429548283&cv=11&fst=1668429548283&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&tiba=Posten.no&value=0&bttype=purchase&auid=998631713.1668429548&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.lmlenzitrasporti.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:39:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa95e3362-3324-487e-af72-a8801904975f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9663 bytes)
Hash
ceefde63fac8b44410baa7054cbbf39d
bc5a776a90f9ff1c5bd6e3dad0a542d3b73bad88
6e55d25f544d934550970c70a8325886471550d1d4f757610b13800985896ba1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa95e3362-3324-487e-af72-a8801904975f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9663
x-amzn-requestid: ef07bc3a-4907-484b-9113-f00e08442f33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyFUHz6IAMFrXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163bb-1c1a2d0d4aeae314494e4b33;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:38:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fWVjU2p0gxiXvlch1JwzoAc7RHvtGt0jTQqb99ERvCfVw7ZUPJz2XQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:04:26 GMT
etag: "bc5a776a90f9ff1c5bd6e3dad0a542d3b73bad88"
content-type: image/jpeg
age: 52485
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ib.adnxs.com/pixie?e=PageView&pi=9c3f7c51-769b-4487-8db5-bef9b5c66993&it=1668429549336&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1668429549334&et=1668429549336&if=0

185.89.210.244

200 OK

42 B

URL HTTP/1.1
ib.adnxs.com/pixie?e=PageView&pi=9c3f7c51-769b-4487-8db5-bef9b5c66993&it=1668429549336&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1668429549334&et=1668429549336&if=0
IP
185.89.210.244:0
ASN
#29990 ASN-APPNEX

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pixie?e=PageView&pi=9c3f7c51-769b-4487-8db5-bef9b5c66993&it=1668429549336&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1668429549334&et=1668429549336&if=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 14 Nov 2022 12:39:11 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

ib.adnxs.com/pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1668429549334&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1668429549334&et=1668429549336&if=0

185.89.210.244

200 OK

42 B

URL HTTP/1.1
ib.adnxs.com/pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1668429549334&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1668429549334&et=1668429549336&if=0
IP
185.89.210.244:0
ASN
#29990 ASN-APPNEX

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1668429549334&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1668429549334&et=1668429549336&if=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 14 Nov 2022 12:39:11 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

185.89.210.244

200 OK

42 B

URL HTTP/1.1
ib.adnxs.com/pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1668429549334&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1668429549334&et=1668429549334&if=0
IP
185.89.210.244:0
ASN
#29990 ASN-APPNEX

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1668429549334&v=0.0.20&u=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&st=1668429549334&et=1668429549334&if=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 14 Nov 2022 12:39:11 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1668429549338&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F

13.107.42.14

200 OK

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1668429549338&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=&time=1668429549338&url=http%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&e2e2a7f5-11dd-4dbc-8c74-964dc8d957ac"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 14-Nov-2023 12:39:11 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2430:u=1:x=1:i=1668429551:t=1668515951:v=2:sig=AQHkI4HskKabI8-vUXuGz6eeJ5YhC9ZJ"; Expires=Tue, 15 Nov 2022 12:39:11 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXtbYa8EwJCURTRvyMR5A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 91D4A9AFDC1D4994BD9BBD04304423AD Ref B: OSL30EDGE0312 Ref C: 2022-11-14T12:39:11Z
date: Mon, 14 Nov 2022 12:39:11 GMT
content-length: 0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03459ddef8d88ae62546b7794c0f6e93
6d5e07a88581ae3649a2612d762f3ec271cc6084
d09e0a08be0dc4ddbda6aae4b57626afe1bc1410b15af8db9304340a3629d600

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D09E0A08BE0DC4DDBDA6AAE4B57626AFE1BC1410B15AF8DB9304340A3629D600"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8066
Expires: Mon, 14 Nov 2022 14:53:37 GMT
Date: Mon, 14 Nov 2022 12:39:11 GMT
Connection: keep-alive

s4.histats.com/stats/0.php?4203309&@f16&@g1&@h1&@i1&@j1668429549353&@k0&@l1&@mPosten.no&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-53686740&@b3:1668429549&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&@w

192.99.8.34

200 OK

50 B

URL HTTP/1.1
s4.histats.com/stats/0.php?4203309&@f16&@g1&@h1&@i1&@j1668429549353&@k0&@l1&@mPosten.no&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-53686740&@b3:1668429549&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&@w
IP
192.99.8.34:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
50 B (50 bytes)
Hash
972e5bb98802869ee27a144bf2edf6ff
1a32bb73c3d61540606971d2091dd50d428c8c80
7651715a161dc69f2f9de3a68a8b71bc7a9b8cde16119ccb427ae172be512bb6

HTTP Headers

GET /stats/0.php?4203309&@f16&@g1&@h1&@i1&@j1668429549353&@k0&@l1&@mPosten.no&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-53686740&@b3:1668429549&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fwww.lmlenzitrasporti.com%2Fpage1%2Frola%2Fposten%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 12:39:11 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 50
Connection: close

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

0 B

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: /EbSbCgZx9/deSF4q9L7K2hyw7ibh1M3iv06NbOLXRhYzLTkM+WOLkkVwS78hk+xjGbp+GoGO+y9E2hTy6vp7Q==
content-length: 27337
x-fb-trip-id: 1904183273
date: Mon, 14 Nov 2022 12:39:10 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=PT+Sans:400,700

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=PT+Sans:400,700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=PT+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lmlenzitrasporti.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 14 Nov 2022 12:39:09 GMT
date: Mon, 14 Nov 2022 12:39:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (36)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP