firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 20 Oct 2022 22:52:00 GMT
Expires: Thu, 20 Oct 2022 23:37:57 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BaCftxxP6wt8FnmfcbCChRyQDP7e1hgAx2GwLkzAiP_OKTigSrFMtw==
Age: 950
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 24a97183f836954e0f05c4dc794ff4d1
52778bbe39b9f736c16b5798575d1d96607ce9d0
01f6721f2674f54662fff590fdf7247cc8c58a3f84906cae75527fb7b6dd2436
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01F6721F2674F54662FFF590FDF7247CC8C58A3F84906CAE75527FB7B6DD2436"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8538
Expires: Fri, 21 Oct 2022 01:30:08 GMT
Date: Thu, 20 Oct 2022 23:07:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9dc4f23f82148797f6d8041bdda3c7f7
6841ded3e2dd94fd762316d01efd43f7aafb8354
e229db1854a85b320cee574e805210f3adf5797136ea820c0a0ce9abcd63d4dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E229DB1854A85B320CEE574E805210F3ADF5797136EA820C0A0CE9ABCD63D4DD"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8537
Expires: Fri, 21 Oct 2022 01:30:07 GMT
Date: Thu, 20 Oct 2022 23:07:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KC45CZ5XXwDdfvxS4RehDCmtLiS2PeLeRzEIjB8J9Ag0S9P290U3WEdB+9ylgCrxNl4+Zfa+D2Af91CiCa9cNw==
x-amz-request-id: 0EERBZ2Q4VEXB7VX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 20 Oct 2022 22:36:55 GMT
age: 1855
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 23:07:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ecocalor.michelettigroup.it/wp-includes/fonts/opt/
80.252.226.191200 OK 10 kB URL HTTP/1.1 ecocalor.michelettigroup.it/wp-includes/fonts/opt/
IP 80.252.226.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- PHP script text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3190), with CRLF line terminators
Hash bc64cfc68cd94c531cafe7e3ba0ede54
f094951ea6b41639cda204085ff9a3c062093647
e4bd788c40be87ff34522d9880e91bcf71ef034e4f8a1ccb42ccf9fa041610d8
Analyzer Verdict Alert openphish Singtel Optus
GET /wp-includes/fonts/opt/ HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host,Accept-Encoding
Content-Encoding: gzip
Content-Length: 10096
Keep-Alive: timeout=10, max=10000
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/analytics.js
80.252.226.191200 OK 20 kB URL HTTP/1.1 ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/analytics.js
IP 80.252.226.191:0
File type ASCII text, with very long lines (1325)
Hash a8d5e06df793aa34009b792587610413
27cf8f84b9fa9330d9c535d0703b01945aba5540
7aa50b03c5dde9c0ab3a21ec6185f267d220c4edd10c5b5266405a9fe940bf47
GET /wp-includes/fonts/opt/css/analytics.js HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host,Accept-Encoding
Last-Modified: Wed, 13 Jul 2022 21:43:16 GMT
ETag: "c41d-5e3b6ac310500-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 20006
Keep-Alive: timeout=10, max=9999
Connection: Keep-Alive
Content-Type: application/javascript
smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/all-fonts4.css
23.38.200.195200 OK 981 B URL HTTP/2 smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/all-fonts4.css
IP 23.38.200.195:0
File type ASCII text, with very long lines (368), with CRLF line terminators
Hash db32ac7df96f9ef941e90b86d9e516d2
d75a3e8501856fa4ce49e903615afe263d264d8a
024e58c8873d964f3be6af4ad8b04dd6b9a0e8fd34eed1bc1a868dc61f2c339f
GET /opfiles/Shop/Consumer/Assets/AllFonts/all-fonts4.css HTTP/1.1
Host: smb.optus.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 21 Jan 2022 06:42:59 GMT
etag: "a02750-167c-5d611edfb22c0"
accept-ranges: bytes
content-encoding: gzip
content-length: 981
content-type: text/css
cache-control: max-age=20410
expires: Fri, 21 Oct 2022 04:48:00 GMT
date: Thu, 20 Oct 2022 23:07:50 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/jquery-migrate-1.4.1.js
80.252.226.191302 Found 0 B URL HTTP/1.1 ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/jquery-migrate-1.4.1.js
IP 80.252.226.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/fonts/opt/css/jquery-migrate-1.4.1.js HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=9998
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 13b2ffd04752d468f707090604f6ed1c
94de24b43698a598b060edea68a4b1b5c6bf9879
98f0ad0db175ed53ed6b048cc4427f902c148adc378d833dcb8cd89d59397aad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 23:07:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/18ae682f
80.252.226.191200 OK 27 kB URL HTTP/1.1 ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/18ae682f
IP 80.252.226.191:0
File type ASCII text, with very long lines (14360)
Hash c05c1e11c9c7b3f3dd6cc1fc15bcfa3f
32ae031ed77f4b22d65b37a449e804d7bd8c6bd7
5f8d78703eacfcd43e9157bc9d7f5e7c0b20ba06621cf8ec882b2cb9682b9f71
GET /wp-includes/fonts/opt/css/18ae682f HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Last-Modified: Wed, 13 Jul 2022 21:43:16 GMT
ETag: "683c-5e3b6ac310500"
Accept-Ranges: bytes
Content-Length: 26684
Keep-Alive: timeout=10, max=9997
Connection: Keep-Alive
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/247px.js
80.252.226.191302 Found 0 B URL HTTP/1.1 ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/247px.js
IP 80.252.226.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/fonts/opt/css/247px.js HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=10000
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.googletagmanager.com/gtm.js?id=GTM-525H7H9
142.250.74.168200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-525H7H9
IP 142.250.74.168:0
File type ASCII text, with very long lines (1588)
Hash 17e30fe1b313a9c466e6f473a34ab71b
418af7db0bd6ec812bf8892d8b18a9d614fc86e6
ce504718f9ca99b5751e20ac7f439cd5b7d24d7a402f170e84f311cf63852296
GET /gtm.js?id=GTM-525H7H9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 20 Oct 2022 23:07:50 GMT
expires: Thu, 20 Oct 2022 23:07:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/247tag.js
80.252.226.191302 Found 0 B URL HTTP/1.1 ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/247tag.js
IP 80.252.226.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/fonts/opt/css/247tag.js HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=10000
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/jquery-1.12.4.js
80.252.226.191302 Found 0 B URL HTTP/1.1 ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/jquery-1.12.4.js
IP 80.252.226.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/fonts/opt/css/jquery-1.12.4.js HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=10000
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 20 Oct 2022 22:43:40 GMT
Cache-Control: max-age=3600
Expires: Thu, 20 Oct 2022 22:44:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dfl89EpNgNhzzDsJ_wStQMNKciMTLQeZIW2xGZ9S-ippUT1ms6Gn3Q==
Age: 1450
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a5dd4f71f4ddd5be9201466ed7a6c423
1d0832fb6e227d42137d319f728c8bc1414c816f
1edffa6a320210fccbd0e5fa6dbdaa45561678a75a66639985f02791c8283b40
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6404
Cache-Control: max-age=125140
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 23:07:50 GMT
Etag: "63510196-1d7"
Expires: Sat, 22 Oct 2022 09:53:30 GMT
Last-Modified: Thu, 20 Oct 2022 08:06:46 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/globalHeaderNavDesktop.js
80.252.226.191302 Found 0 B URL HTTP/1.1 ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/globalHeaderNavDesktop.js
IP 80.252.226.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/fonts/opt/css/globalHeaderNavDesktop.js HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=9999
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/modernizr.js
80.252.226.191200 OK 8.4 kB URL HTTP/1.1 ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/modernizr.js
IP 80.252.226.191:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (3738), with CRLF line terminators
Hash 749ec6f33435e6285fa38109d65d3112
5f0d8afb9c4eaf34e6af8de921ab8844f6a5938c
8ffb2978b3070c5d17c29253443380932bee1eeb3284eff92e55678ae4bc4e54
GET /wp-includes/fonts/opt/css/modernizr.js HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host,Accept-Encoding
Last-Modified: Wed, 13 Jul 2022 21:43:16 GMT
ETag: "77f8-5e3b6ac310500-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 8375
Keep-Alive: timeout=10, max=9996
Connection: Keep-Alive
Content-Type: application/javascript
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/globalHeaderNavMain.js
80.252.226.191302 Found 0 B URL HTTP/1.1 ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/globalHeaderNavMain.js
IP 80.252.226.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/fonts/opt/css/globalHeaderNavMain.js HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=9999
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 13b2ffd04752d468f707090604f6ed1c
94de24b43698a598b060edea68a4b1b5c6bf9879
98f0ad0db175ed53ed6b048cc4427f902c148adc378d833dcb8cd89d59397aad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 23:07:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/gtm
80.252.226.191200 OK 113 kB URL HTTP/1.1 ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/gtm
IP 80.252.226.191:0
File type ASCII text, with very long lines (1600)
Size 113 kB (112575 bytes)
Hash 29e5aa09ed493ef60adc7049d18c1b9c
2e1824a271116c13f9516d2c1651d4bfb8b5141d
d4642910b397dc44c34f4e8ee0ccb2c4ec6e83a55ed50faec712b9e736074049
GET /wp-includes/fonts/opt/css/gtm HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Last-Modified: Wed, 13 Jul 2022 21:43:16 GMT
ETag: "1b7bf-5e3b6ac310500"
Accept-Ranges: bytes
Content-Length: 112575
Keep-Alive: timeout=10, max=10000
Connection: Keep-Alive
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/FhBwcEk
80.252.226.191200 OK 86 kB URL HTTP/1.1 ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/FhBwcEk
IP 80.252.226.191:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 95ed6677924852b9085a949341297472
dbcad9d1273a65c3cd7c0e08c7f7a8cbdde089f0
fa43fd4073d3976c0bc94de0d58e6f81290443515528b60e80aa889fa38f80c2
GET /wp-includes/fonts/opt/css/FhBwcEk HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Last-Modified: Wed, 13 Jul 2022 21:43:16 GMT
ETag: "14f56-5e3b6ac310500"
Accept-Ranges: bytes
Content-Length: 85846
Keep-Alive: timeout=10, max=9999
Connection: Keep-Alive
www.google-analytics.com/j/collect?v=1&_v=j96&a=866316565&t=pageview&_s=1&dl=https%3A%2F%2Fecocalor.michelettigroup.it%2Fwp-includes%2Ffonts%2Fopt%2F&ul=en-us&de=UTF-8&dt=Optus%20-%20Webmail&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aGBACEABFAAAAC~&jid=473857071&gjid=1965497801&cid=71832969.1666307282&tid=UA-22088848-3&_gid=919567179.1666307282&_r=1>m=2wgaj0525H7H9&z=100649488
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=866316565&t=pageview&_s=1&dl=https%3A%2F%2Fecocalor.michelettigroup.it%2Fwp-includes%2Ffonts%2Fopt%2F&ul=en-us&de=UTF-8&dt=Optus%20-%20Webmail&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aGBACEABFAAAAC~&jid=473857071&gjid=1965497801&cid=71832969.1666307282&tid=UA-22088848-3&_gid=919567179.1666307282&_r=1>m=2wgaj0525H7H9&z=100649488
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j96&a=866316565&t=pageview&_s=1&dl=https%3A%2F%2Fecocalor.michelettigroup.it%2Fwp-includes%2Ffonts%2Fopt%2F&ul=en-us&de=UTF-8&dt=Optus%20-%20Webmail&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aGBACEABFAAAAC~&jid=473857071&gjid=1965497801&cid=71832969.1666307282&tid=UA-22088848-3&_gid=919567179.1666307282&_r=1>m=2wgaj0525H7H9&z=100649488 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://ecocalor.michelettigroup.it
date: Thu, 20 Oct 2022 23:07:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
webmail.optusnet.com.au/css/headerFooter.css
104.84.152.187200 OK 36 kB URL HTTP/2 webmail.optusnet.com.au/css/headerFooter.css
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65502)
Hash 7bf6d4616f35414f59dfe74b2e873cd3
e78a6efbc279e2e85c8cb7d5b5d65f5869902888
a3e9ca9db0a801a881aa7293ff67c9a0c4b60e6ad8b0749bc94706606c9700f3
GET /css/headerFooter.css HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Wed, 02 Dec 2020 13:28:19 GMT
etag: "12239d-582d7-5b57b37762e41"
accept-ranges: bytes
content-encoding: gzip
content-length: 36541
content-type: text/css
expires: Thu, 20 Oct 2022 23:07:50 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:50 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2
webmail.optusnet.com.au/css/lux.base.8fba59704a65bcc34212ff1ef5e4708d.css
104.84.152.187200 OK 51 kB URL HTTP/2 webmail.optusnet.com.au/css/lux.base.8fba59704a65bcc34212ff1ef5e4708d.css
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (51031)
Hash 4384b6a0b62d9982f6fe87be29cbc1e9
7501c812704905cc420a0bc0cce2b4b15991ac4e
fa70e99bbb1d75bbd317006646972e6cc10cb988cb161e7189a8e914b547ccb9
GET /css/lux.base.8fba59704a65bcc34212ff1ef5e4708d.css HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Wed, 25 Nov 2020 03:07:09 GMT
etag: "38061c-7c9fd-5b4e5b9119140"
accept-ranges: bytes
content-encoding: gzip
content-length: 50683
content-type: text/css
expires: Thu, 20 Oct 2022 23:07:50 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:50 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2
ecocalor.michelettigroup.it/wp-admin/install.php
80.252.226.191200 OK 2.9 kB URL HTTP/1.1 ecocalor.michelettigroup.it/wp-admin/install.php
IP 80.252.226.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Hash d1ffbeb517ba1da574add75a391651af
14c907d7662c380557299b1cc8549e2ba8d2218b
1e42bf84891c03e401c890f57a236b0d0a13578a222a9a621ad92dc81d7fdbc9
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2922
Keep-Alive: timeout=10, max=9999
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/mob.png
80.252.226.191200 OK 1.2 kB URL HTTP/1.1 ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/mob.png
IP 80.252.226.191:0
File type PNG image data, 80 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 746c5446544934459f95c61b1cce0f56
30a65f665997cad02775e7bb8f6946239c730bde
d4b023ef19903b8679087af12c0888bb945f320f9453aa4f351702dac09b0c2c
GET /wp-includes/fonts/opt/css/mob.png HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Last-Modified: Wed, 13 Jul 2022 21:43:16 GMT
ETag: "4a6-5e3b6ac310500"
Accept-Ranges: bytes
Content-Length: 1190
Keep-Alive: timeout=10, max=9995
Connection: Keep-Alive
Content-Type: image/png
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/tablet.png
80.252.226.191200 OK 1.3 kB URL HTTP/1.1 ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/tablet.png
IP 80.252.226.191:0
File type PNG image data, 80 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash d71f2f87bee3b11e5625b7fb1305ee9f
d43bb7f610e19406b0db952f340b1192c9d92f60
75df7b13dd67f6b31092e2a72f963d1c77cdfa88938b4b45f3152330173e3f2c
GET /wp-includes/fonts/opt/css/tablet.png HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Last-Modified: Wed, 13 Jul 2022 21:43:16 GMT
ETag: "52f-5e3b6ac310500"
Accept-Ranges: bytes
Content-Length: 1327
Keep-Alive: timeout=10, max=9998
Connection: Keep-Alive
Content-Type: image/png
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/macpc.png
80.252.226.191200 OK 2.0 kB URL HTTP/1.1 ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/macpc.png
IP 80.252.226.191:0
File type PNG image data, 80 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ede4f453e5942b129e44e1cfb32a034
c32d46e6a89113297323d31849220f623f663bf3
1911f1118b639907dc998c8afd117af682ee15046693af74fb0ec3c82b150a85
GET /wp-includes/fonts/opt/css/macpc.png HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Last-Modified: Wed, 13 Jul 2022 21:43:16 GMT
ETag: "7e5-5e3b6ac310500"
Accept-Ranges: bytes
Content-Length: 2021
Keep-Alive: timeout=10, max=9999
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8709f3baa978d291fda131e2f445ddda
987cf815a2d18b4aeb0a1047e9e7f8783dde6d88
b24f6a13ff0a1f888143ad742bf32a2b80e3d7f5a903d2e59e1dbfbf1a1a3e11
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 23:07:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22088848-3&cid=71832969.1666307282&jid=473857071&gjid=1965497801&_gid=919567179.1666307282&_u=aGBACEAAFAAAAC~&z=1620163978
173.194.73.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22088848-3&cid=71832969.1666307282&jid=473857071&gjid=1965497801&_gid=919567179.1666307282&_u=aGBACEAAFAAAAC~&z=1620163978
IP 173.194.73.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22088848-3&cid=71832969.1666307282&jid=473857071&gjid=1965497801&_gid=919567179.1666307282&_u=aGBACEAAFAAAAC~&z=1620163978 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://ecocalor.michelettigroup.it
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 20 Oct 2022 23:07:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.41.246.187101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.246.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R27qQo1CQ0YdBhoDQ7sP9w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: x838ZG2WAH9M0BKnObnyxyJNvDs=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8709f3baa978d291fda131e2f445ddda
987cf815a2d18b4aeb0a1047e9e7f8783dde6d88
b24f6a13ff0a1f888143ad742bf32a2b80e3d7f5a903d2e59e1dbfbf1a1a3e11
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 23:07:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ecocalor.michelettigroup.it/wp-admin/install.php
80.252.226.191200 OK 2.9 kB URL HTTP/1.1 ecocalor.michelettigroup.it/wp-admin/install.php
IP 80.252.226.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Hash 41b11f567d3f70db682a441ac93a0f2d
4ff2d20ce9ce9fddd6bf057e90839b3286e4c0ee
26661d516b0b7a5ee40581ea681866c77ff85660827bbb52915f63401140c0a6
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2917
Keep-Alive: timeout=10, max=9998
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
ecocalor.michelettigroup.it/wp-admin/install.php
80.252.226.191200 OK 2.9 kB URL HTTP/1.1 ecocalor.michelettigroup.it/wp-admin/install.php
IP 80.252.226.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Hash 0bfaf57f960a2be919641c072f4c855d
9dc65802b22dec4e6ea6f52530bdf51c45968024
81b2699ad900a67e1511d5d9200958edb46c2d2ef29ac9f6c1e04984dd31615e
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2918
Keep-Alive: timeout=10, max=9998
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
ecocalor.michelettigroup.it/wp-admin/install.php
80.252.226.191200 OK 2.9 kB URL HTTP/1.1 ecocalor.michelettigroup.it/wp-admin/install.php
IP 80.252.226.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Hash 2eec70fe495bcf46d009ebdfbd48e29e
feac8315f90cad95522b6a7571eab0da7b1c42a6
521c1bb11933079edd6f89c76c303ae494c6339ef9f2ad57b776cee50843a476
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2917
Keep-Alive: timeout=10, max=9997
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
ecocalor.michelettigroup.it/fonts/TradeGothicLTPro.woff
80.252.226.191302 Found 0 B URL HTTP/1.1 ecocalor.michelettigroup.it/fonts/TradeGothicLTPro.woff
IP 80.252.226.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fonts/TradeGothicLTPro.woff HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:51 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=9994
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
s.go-mpulse.net/boomerang/PC6VM-4FQA5-8HDKN-MYG9N-T5BRS
23.38.200.138200 OK 52 kB URL HTTP/2 s.go-mpulse.net/boomerang/PC6VM-4FQA5-8HDKN-MYG9N-T5BRS
IP 23.38.200.138:0
File type C source, ASCII text, with very long lines (31985)
Hash cd84496512bb060357bd7e6e877fe2d1
90992f2c8c86540facb19e7ed4ab0ae3e4fdcda4
3b53bb627cec222cfed7c8c6ad8b68f869500bbd4231f4e1ed67358ae74fd5f6
GET /boomerang/PC6VM-4FQA5-8HDKN-MYG9N-T5BRS HTTP/1.1
Host: s.go-mpulse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
content-encoding: br
last-modified: Fri, 23 Sep 2022 00:15:32 GMT
timing-allow-origin: *
vary: Accept-Encoding
content-length: 51580
date: Thu, 20 Oct 2022 23:07:51 GMT
X-Firefox-Spdy: h2
ecocalor.michelettigroup.it/wp-admin/install.php
80.252.226.191200 OK 2.9 kB URL HTTP/1.1 ecocalor.michelettigroup.it/wp-admin/install.php
IP 80.252.226.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Hash e30ba8030b5457f569081f08f1158955
4b2540cd8050b334585f40d0ab43839ce6a49171
0d9f1832ee60c6cf424e8384698d7b87f4cc77ec0c21f40467f9705c93ceb5e8
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:51 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2916
Keep-Alive: timeout=10, max=9996
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
ecocalor.michelettigroup.it/wp-admin/install.php
80.252.226.191200 OK 2.9 kB URL HTTP/1.1 ecocalor.michelettigroup.it/wp-admin/install.php
IP 80.252.226.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Hash 776e60da03cd412ed46ac89f4c4bb463
13d5f2584cc90bf0fb06204dd32e3f254296ffd0
e9258879cfc3f7dfbf7a5bc1abef33c080ab7d8698e6454bb304502a900ae190
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:51 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2921
Keep-Alive: timeout=10, max=9997
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
smb.optus.com.au/opfiles/ys/online-style/images/logo/logo_optus.png
23.38.200.195200 OK 1.4 kB URL HTTP/2 smb.optus.com.au/opfiles/ys/online-style/images/logo/logo_optus.png
IP 23.38.200.195:0
File type PNG image data, 84 x 17, 8-bit colormap, non-interlaced\012- data
Hash 261efcd6f96789f44e5d68ec4f70e7cb
01103070885237bc27ea96b0364930613d19c993
6f7079f7f44f2ef5c07100f61ee2843c1c3720158e62a1948c186f00c882b8aa
GET /opfiles/ys/online-style/images/logo/logo_optus.png HTTP/1.1
Host: smb.optus.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61a72-780-535f1e3375cc0"
last-modified: Tue, 22 Sep 2020 19:27:06 GMT
server: Akamai Image Manager
content-length: 1438
content-type: image/png
cache-control: private, no-transform, max-age=2404654
expires: Thu, 17 Nov 2022 19:05:25 GMT
date: Thu, 20 Oct 2022 23:07:51 GMT
X-Firefox-Spdy: h2
webmail.optusnet.com.au/css/assets/fonts/lux-icons/2d0e6ce5791dcb72fd35df708136be66.woff
104.84.152.187200 OK 58 kB URL HTTP/2 webmail.optusnet.com.au/css/assets/fonts/lux-icons/2d0e6ce5791dcb72fd35df708136be66.woff
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format, TrueType, length 58352, version 1.0\012- data
Hash 2d0e6ce5791dcb72fd35df708136be66
cda7b1fbf8c5537a46c531971179e41c58200b9c
8855f50a2c19e5186a498b2cfd5a21f20e6e71e16ecfb8c396b1af3f9bb8e9db
GET /css/assets/fonts/lux-icons/2d0e6ce5791dcb72fd35df708136be66.woff HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Wed, 25 Nov 2020 04:03:26 GMT
etag: "3e07a3-e3f0-5b4e6825a7f80"
accept-ranges: bytes
content-length: 58352
content-type: text/plain; charset=UTF-8
expires: Thu, 20 Oct 2022 23:07:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:51 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: ak_bmsc=957F7EB4ACD994E5519CE3D11D574DBE~000000000000000000000000000000~YAAQt5hUaDa+6++DAQAA3iqn9xHK+O1ePyopV5ePg2k5gbX0mA1xyRDArbP0X7T6bUcfCw+Vk1gROOJ7o21KlD4/3B5D6VFsUaGZvqJqfpPxm7uDX66M7zQ67/RHgdDDGOcFNlLh0xGSJAbZ7+Ghn5WsOnCN+YI+3jRSTHCy902Yw3w2j7aDc4Aqs9/2u5KtzaLRHQeFNC9StFbgiDxIayuuUpgpaW6QepAmV+PX50QHX8nmOtZpEmIHhgrDXmwMgxslXbgTS8xGTwbI8IN+b4HYtuQS1E31CMNvKGl1kjv5Z8BNylwwJji3RSor9b+VDZODTq7va5kCbaC2xq5lUQ+Dii0X0A5SqHxR87xJF529jsSGhPmfGZxEUMop9hoGs5FmsmGcdhkcz7iIuwU=; Domain=.optusnet.com.au; Path=/; Expires=Fri, 21 Oct 2022 01:07:51 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
webmail.optusnet.com.au/css/assets/fonts/markpro-bold/507b76aa0351c57ece90f02239b62ba3.woff
104.84.152.187200 OK 68 kB URL HTTP/2 webmail.optusnet.com.au/css/assets/fonts/markpro-bold/507b76aa0351c57ece90f02239b62ba3.woff
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format, CFF, length 67824, version 7.504\012- data
Hash 507b76aa0351c57ece90f02239b62ba3
ed8f2b819f5e89eba31a38f405860c83a2578596
06e6ac46fef95be90de802cbf8f07aefa9d2c9416ea8e32bccef5d526bb96e5f
GET /css/assets/fonts/markpro-bold/507b76aa0351c57ece90f02239b62ba3.woff HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Wed, 25 Nov 2020 03:44:01 GMT
etag: "3e07cf-108f0-5b4e63cea0240"
accept-ranges: bytes
content-length: 67824
content-type: text/plain; charset=UTF-8
expires: Thu, 20 Oct 2022 23:07:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:51 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: ak_bmsc=854341867F841A832EEFF53FBB53D2F8~000000000000000000000000000000~YAAQt5hUaDe+6++DAQAAAiun9xHRUHk3+SCK07xR8fhmd9kA9qFBGtkdLp88QQMROzTO+ud35XjYTpm0tCVRKNAWqyzrpdcP0mtrk5xxw0lnylXDtwDFIUA0tu4GlmG+6mWrWe2J0GyXp2X/OeASfot84NXOh0u/TfbwyE5ijfiNXNjqbb/vRBPshQCuOjxzcWM03K5XkTlm9CPiAowLcPOxXRGe6sP6kTV7foF+7o9KHU8MLKmTCH+pXt5c12XNLhDShNa6tiUKTSxPlY4/odM8nnMqoX7uUlddJ1VfGVdGbDaXyajdNx/CEkFFh760BVpNL1IY3vl6I0QlF0uAbf5Do6P0ZFeUA7/Fduw+z6/WmXMJUqptD6/EZ8d1i0Ex/IR5UoqEbw8kNxUwCO4=; Domain=.optusnet.com.au; Path=/; Expires=Fri, 21 Oct 2022 01:07:51 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
webmail.optusnet.com.au/fonts/TradeGothicLTPro-Bold.woff
104.84.152.187200 OK 24 kB URL HTTP/2 webmail.optusnet.com.au/fonts/TradeGothicLTPro-Bold.woff
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format, CFF, length 24100, version 2.0\012- data
Hash 8f94edabe8c022fd046b4cac75b9e7d4
210d10865330002b4f80ef523bf6dd24db853e39
abdf7b15897f5c4cc2df8a0ec80bb7af8afba3f018eccd88bb6eaed68e8c1e42
GET /fonts/TradeGothicLTPro-Bold.woff HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Mon, 07 Sep 2020 14:46:42 GMT
etag: "38075a-5e24-5aeba49709ecb"
accept-ranges: bytes
content-length: 24100
content-type: text/plain; charset=UTF-8
expires: Thu, 20 Oct 2022 23:07:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:51 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: ak_bmsc=6AB346AE985E2A5C0414EA5694007418~000000000000000000000000000000~YAAQt5hUaDi+6++DAQAADCun9xHVI+MRgjB9vHCp5OBJVe9/S0gYykSROKLFb1EvIjcAzLM4lhO/zaG/2fu42CxEvtaKTkpWsCFmEdHam6ieL2MARs5r40lWaxN3v1fCenKag2FWpYRMSL+VvpPTcMkHHTS3EzkBUpqD1jK5EX0eEKIWskWOLt0ScDIqVBQIDkG5MvRdtT/b+8vNKkIAU9qKSGb6b1yc4UliRtgqDZOajx4prHOvMsLwx7O8+9uzyi/7R9CBT6F3yq41gS4Vwg041hW+6CGqMvecU2F3Mq0jMnXb49nn3vfSE8+P5SkAePCsAQZfp1zhWB4Zxkrv9jIQM6d/9ze/5CkFaU653IwxMv65ZWW6Q9thCQNOBRyy++9O1FbyOWL30OkphTs=; Domain=.optusnet.com.au; Path=/; Expires=Fri, 21 Oct 2022 01:07:51 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
webmail.optusnet.com.au/css/assets/fonts/markpro/ee10f7196c1b125a3b8222341465bf5e.woff
104.84.152.187200 OK 67 kB URL HTTP/2 webmail.optusnet.com.au/css/assets/fonts/markpro/ee10f7196c1b125a3b8222341465bf5e.woff
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format, CFF, length 66552, version 7.504\012- data
Hash ee10f7196c1b125a3b8222341465bf5e
58a1d6aeb83e74b3a9e0eda8ad4daf3f1f1f387f
7b1443ccd9f5702ad832d5f8f58cd7955da80b6be466208e37900863097dbb12
GET /css/assets/fonts/markpro/ee10f7196c1b125a3b8222341465bf5e.woff HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Wed, 25 Nov 2020 03:44:01 GMT
etag: "3e07ce-103f8-5b4e63cea0240"
accept-ranges: bytes
content-length: 66552
content-type: text/plain; charset=UTF-8
expires: Thu, 20 Oct 2022 23:07:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:51 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: ak_bmsc=8D6BA49CF01A312B176572EA541B8960~000000000000000000000000000000~YAAQt5hUaDm+6++DAQAAFCun9xHjvmAHvgqMO+C9l9jEwYneINRHr8ekwS41ACZPman14kaPKLVYewEWP7AQte0Usz4hj/lYbnDN5UB9L0pmnaHXVuW5NiCHg0LKBRWoHBqgZkhp5bdEM9uy0YEOAoaQGqjqa0Ij6Ea3fpvo7o1aBzQTSu3Wk6XnOa/3A7t+y4RmowOr7IPGevP0mJGZxcLVShJBWlt8V3Gte4yLrw+LSSFQ63vtos761+KC6gmVpr5khaLyxA6LLuhX+U/EI7/k/3W/0zKymzSki70P2QxRb8bnJR/dZ0LEawF1U52p+jLQ2ReQuLCK1+Mp8qzrDgpiIaAteBnALzEpbvm75uO/aW3f+D+2TtVT1zqWLLN5afQXuRdv/X6YYAn1IPA=; Domain=.optusnet.com.au; Path=/; Expires=Fri, 21 Oct 2022 01:07:51 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
ecocalor.michelettigroup.it/wp-admin/install.php
80.252.226.191200 OK 2.9 kB URL HTTP/1.1 ecocalor.michelettigroup.it/wp-admin/install.php
IP 80.252.226.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Hash c54b295aea8a4de4833705c1cba3760b
8b5e26f95e933cd4be75621a8ca8745a6f733863
c7ffd30b9d1d5649167bc8ad857bf076de23a46f5649c0a065baffdf863d5072
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:51 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2916
Keep-Alive: timeout=10, max=9993
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
ecocalor.michelettigroup.it/fonts/optus-icons.woff
80.252.226.191302 Found 0 B URL HTTP/1.1 ecocalor.michelettigroup.it/fonts/optus-icons.woff
IP 80.252.226.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fonts/optus-icons.woff HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:51 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=9996
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
webmail.optusnet.com.au/fonts/TradeGothicLTPro-Bold.ttf
104.84.152.187200 OK 22 kB URL HTTP/2 webmail.optusnet.com.au/fonts/TradeGothicLTPro-Bold.ttf
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type TrueType Font data, 15 tables, 1st "FFTM", 34 names, Macintosh\012- data
Hash cfdb5ba9409879d9074dd348b0c55f92
700119f9abe7625a466d39a2f0607d22ce12f84c
da7610cafac818ab5f205486522bda0fa045e8ba770287b38ec074777f219631
GET /fonts/TradeGothicLTPro-Bold.ttf HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Mon, 07 Sep 2020 14:46:42 GMT
etag: "380758-b908-5aeba49709ecb"
accept-ranges: bytes
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 20 Oct 2022 23:07:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:51 GMT
content-length: 22200
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: ak_bmsc=3A7DC045B8803CC1A9B00DC6C5E6AB17~000000000000000000000000000000~YAAQt5hUaD2+6++DAQAAdyun9xEIzYnv7pdEBCHiHPTfm+e3EJkywAMcFCSNSX7l8HpwqxabjtCBZINNJIqaujCGXqrZpZuN9qe728A+mmF7reJhK/RXXQ/gSpJhcHzmR64p4WUJfgjkIQrQdUk/pcVMHIXBTAMvHvaijgdVG47z9sa6Y/mgHXAVVrzMEeJT6+j9lkyy21FNu1GBPS6ke8/717ijcASHRbHs/CxH356/BmWw1fWlZq1WPS7B7e3cT9s9sUijrvVlUH9Ib1JHg46snfGODIru/v8BINGanZdMjEeSgv5hDAY2r9HtcaY+fkfuhOHwtqNwjR8BP/c3dSgEwqSVhURl9V7YdM5w3XGFHEkpuL58iSeWMZyR+oF97GTQhMvbObDidJx9IqQ=; Domain=.optusnet.com.au; Path=/; Expires=Fri, 21 Oct 2022 01:07:51 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/optus-icons4.ttf
23.38.200.195200 OK 24 kB URL HTTP/2 smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/optus-icons4.ttf
IP 23.38.200.195:0
File type TrueType Font data, 11 tables, 1st "GSUB", 16 names, Macintosh, type 1 string, optus-iconsRegularoptus-iconsoptus-iconsVersion 1.0optus-iconsGenerated by svg2ttf from Fontello\012- data
Hash 3ad802f9f1d8233b0f22d017fd0ea0a7
a9bd66bc31fee3718f9279846c16dd937a018409
a6eb28bea76265b388497a8a156cbd15e192cae11ff026a77e21e8330e67e5a1
GET /opfiles/Shop/Consumer/Assets/AllFonts/optus-icons4.ttf HTTP/1.1
Host: smb.optus.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://smb.optus.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=31536000
last-modified: Thu, 23 Mar 2017 05:17:39 GMT
etag: "18301a-9e0c-54b5efee542c0"
accept-ranges: bytes
content-encoding: gzip
content-length: 24359
content-type: text/plain; charset=ISO-8859-1
cache-control: max-age=28757
expires: Fri, 21 Oct 2022 07:07:08 GMT
date: Thu, 20 Oct 2022 23:07:51 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ecocalor.michelettigroup.it/fonts/TradeGothicLTPro.ttf
80.252.226.191302 Found 0 B URL HTTP/1.1 ecocalor.michelettigroup.it/fonts/TradeGothicLTPro.ttf
IP 80.252.226.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fonts/TradeGothicLTPro.ttf HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1; RT="z=1&dm=michelettigroup.it&si=z9arzyjvtkn&ss=l9hoc01n&sl=0&tt=0"
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:51 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=9995
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/lux-icon.f3b05436332f1b3b6e43b84b30eb59d6.woff
23.38.200.195200 OK 24 kB URL HTTP/2 smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/lux-icon.f3b05436332f1b3b6e43b84b30eb59d6.woff
IP 23.38.200.195:0
File type Web Open Font Format, TrueType, length 24040, version 1.0\012- data
Hash f3b05436332f1b3b6e43b84b30eb59d6
cdeee7ddf5a41722ed3a06b57c30d0fb188bd024
fd79a7fea081166cdd9eeeba41272a4c9a34c335f29dddb752e136efb04612db
GET /opfiles/Shop/Consumer/Assets/AllFonts/lux-icon.f3b05436332f1b3b6e43b84b30eb59d6.woff HTTP/1.1
Host: smb.optus.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://smb.optus.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Mar 2017 22:55:27 GMT
etag: "18300a-5de8-54ae0f4fe75c0"
content-type: text/plain; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: max-age=4449318
expires: Sun, 11 Dec 2022 11:03:09 GMT
date: Thu, 20 Oct 2022 23:07:51 GMT
content-length: 24040
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ecocalor.michelettigroup.it/wp-admin/install.php
80.252.226.191200 OK 2.9 kB URL HTTP/1.1 ecocalor.michelettigroup.it/wp-admin/install.php
IP 80.252.226.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Hash ec173c94b7dd732ecb7bc319b9951054
022543405f00bd435199dfa29f2bd33af006a7e4
e6802d8dde98e5878a30c9f9c1a487f39033622ff46cd95f838df2837d6a9e75
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1; RT="z=1&dm=michelettigroup.it&si=z9arzyjvtkn&ss=l9hoc01n&sl=0&tt=0"
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:51 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2923
Keep-Alive: timeout=10, max=9995
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
webmail.optusnet.com.au/css/assets/fonts/markpro-bold/b36bd0abdbc7fa03aa4a74b044f01b41.ttf
104.84.152.187200 OK 66 kB URL HTTP/2 webmail.optusnet.com.au/css/assets/fonts/markpro-bold/b36bd0abdbc7fa03aa4a74b044f01b41.ttf
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type TrueType Font data, 15 tables, 1st "FFTM", 30 names, Macintosh\012- data
Hash 0612e65313c05c690a2c75acd8b8a8a7
b4237c92117860d8782a06e55eb59612a514448e
c447635573c6e9562add915ebd964e98f042d421662893be857eff91c45963fd
GET /css/assets/fonts/markpro-bold/b36bd0abdbc7fa03aa4a74b044f01b41.ttf HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Wed, 25 Nov 2020 03:44:01 GMT
etag: "3e07d2-24aa8-5b4e63cea0240"
accept-ranges: bytes
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 20 Oct 2022 23:07:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:51 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: ak_bmsc=1CBF93416E1DE2773E3BA624DF5B84F7~000000000000000000000000000000~YAAQt5hUaEC+6++DAQAAeCun9xFiTpBq85TsruBInonYptcx2A95FJ/vRXcm1iqrog5U4i48Uejloh4G7gSQ9cHCR4JDCGKrNgS+32+CL7WxkiIEPnDlnAhfCOhv7UvJewGL6G15zLmbGZCFQfoIAc6SnDCvMaZj4B42mqwtGStO+rxuTzzPxIdkehoPxaaRo9RwR2kZUzE6jCYDjD+AbrwIQDvIawfYverzqe5rExtvyNHiFvfL2ZNasJam34G17lLRpQC3WiRIevLAqD8oNF0vvE/Qg+K9aihyLJFu3hvHvbF2Au4JzxXQHuNpMWF/Y6Bj2E3ke5VJW12x92N8cKAgnl4KIu4up72sXfIasYklWINQNaAHHfa6mSBXbN54RQqGNXCp0Xh1rX+p4X0=; Domain=.optusnet.com.au; Path=/; Expires=Fri, 21 Oct 2022 01:07:51 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
c.go-mpulse.net/api/config.json?key=PC6VM-4FQA5-8HDKN-MYG9N-T5BRS&d=ecocalor.michelettigroup.it&t=5554358&v=1.632.0&if=&sl=0&si=z9arzyjvtkn-rk2qxf&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=647240
23.38.200.138200 OK 51 B URL HTTP/1.1 c.go-mpulse.net/api/config.json?key=PC6VM-4FQA5-8HDKN-MYG9N-T5BRS&d=ecocalor.michelettigroup.it&t=5554358&v=1.632.0&if=&sl=0&si=z9arzyjvtkn-rk2qxf&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=647240
IP 23.38.200.138:0
File type JSON data\012- , ASCII text
Hash 0c31809e4fd33a86721fb9b52fc97cb6
2c65ea77e432a8df5d43cf74564139a1830943c9
e5d7255215c2de4586458722f3bf16f0d4f2be286be48d45b2fdff258d434407
GET /api/config.json?key=PC6VM-4FQA5-8HDKN-MYG9N-T5BRS&d=ecocalor.michelettigroup.it&t=5554358&v=1.632.0&if=&sl=0&si=z9arzyjvtkn-rk2qxf&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=647240 HTTP/1.1
Host: c.go-mpulse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Timing-Allow-Origin: *
Content-Length: 51
Date: Thu, 20 Oct 2022 23:07:51 GMT
Connection: keep-alive
Content-Type: application/json
ecocalor.michelettigroup.it/wp-admin/install.php
80.252.226.191200 OK 2.9 kB URL HTTP/1.1 ecocalor.michelettigroup.it/wp-admin/install.php
IP 80.252.226.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Hash e9a4b174df4b26e01b10d160925e005b
23dd9cc616d8a2b7a5275cf12c3dbe4ceb64e134
2dc77e4c0e883d9cd10dae2f1b50b84c9310faa6e562220f189a6a066035a4b8
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1; RT="z=1&dm=michelettigroup.it&si=z9arzyjvtkn&ss=l9hoc01n&sl=0&tt=0"
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:51 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2919
Keep-Alive: timeout=10, max=9994
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
webmail.optusnet.com.au/fonts/TradeGothicLTPro.woff
104.84.152.187200 OK 24 kB URL HTTP/2 webmail.optusnet.com.au/fonts/TradeGothicLTPro.woff
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format, CFF, length 24000, version 2.0\012- data
Hash a82ff9bc3d36880ef95c322c31465b76
b362b3bdbddffc032b271be74a596562b36fb4e6
0e295e739425866834aa396daa3334bc878c6f72da205fe317ecc3ff749d9f0e
GET /fonts/TradeGothicLTPro.woff HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Mon, 07 Sep 2020 14:46:42 GMT
etag: "38075d-5dc0-5aeba4970a2b3"
accept-ranges: bytes
content-length: 24000
content-type: text/plain; charset=UTF-8
expires: Thu, 20 Oct 2022 23:07:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:51 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: ak_bmsc=A1895EDD26EEA81AFF2BAC537464183A~000000000000000000000000000000~YAAQt5hUaEa+6++DAQAAGC2n9xGncb4q9qhpnoslIonpEOwES4zO0QVm2Y7uujTzpghC9Rhxf1+S3rhsjeEexGMcTXuq4Z9N5IpPjuTMct1MHOZ438fwKtXCangfKlKw7PWstxslRjuX1wCGQS2wTWREjXSdIzDXTOZXpVfvryQT5YIXDFBsEpM6Kyhp4Hbn33GUlJi2534uQ8FFV6MLAOh1SSwregVUsoEUwINSDyZTeqb32y82ZGsg5krOvV89XZ3Gc7LfGcKMDGUJIzf1QBRvewCicrwX0qSyVKWpWolGjzBf9gTBHH8G+JC/jYab4IfkFZ6rQvorjxbKu6QP4L2iftRoB2+AXOkdV2gxyHMsAOwKARHysThu1qS5StGulHVzZMzafwdqxfJJd28=; Domain=.optusnet.com.au; Path=/; Expires=Fri, 21 Oct 2022 01:07:51 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/MarkPro.woff
23.38.200.195200 OK 89 kB URL HTTP/2 smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/MarkPro.woff
IP 23.38.200.195:0
File type Web Open Font Format, CFF, length 66548, version 7.504\012- data
Hash 42b95416cc7461159de6d4b82879d5b9
95f13168524a16ddd107dccf682b433debe4ac92
7f9a444b94772328d76ff762787e95b4ad12582fd5f4e690796ddf3d94790031
GET /opfiles/Shop/Consumer/Assets/AllFonts/MarkPro.woff HTTP/1.1
Host: smb.optus.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://smb.optus.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 01 Apr 2016 05:01:15 GMT
etag: "a00cb9-103f4-52f6544bd1cc0"
content-type: text/plain; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: max-age=14797571
expires: Mon, 10 Apr 2023 05:34:02 GMT
date: Thu, 20 Oct 2022 23:07:51 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ecocalor.michelettigroup.it/akam/13/pixel_18ae682f
80.252.226.191302 Found 0 B URL HTTP/1.1 ecocalor.michelettigroup.it/akam/13/pixel_18ae682f
IP 80.252.226.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /akam/13/pixel_18ae682f HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2670
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1; RT="z=1&dm=michelettigroup.it&si=z9arzyjvtkn&ss=l9hoc01n&sl=0&tt=0"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:51 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=9993
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/markpro-medium.woff
23.38.200.195200 OK 125 kB URL HTTP/2 smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/markpro-medium.woff
IP 23.38.200.195:0
File type Web Open Font Format, CFF, length 63644, version 7.504\012- data
Size 125 kB (125344 bytes)
Hash ecb4204ec0c85cc6f28b7c4212a9ec3d
1220344ed454dfcbd1aea96563fda7dfc2a26e40
cfd8077706219799a7b8d457be4691de0492b56f682705b0c4657444e44e7c39
GET /opfiles/Shop/Consumer/Assets/AllFonts/markpro-medium.woff HTTP/1.1
Host: smb.optus.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://smb.optus.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 06 May 2016 02:33:43 GMT
etag: "a00cd1-f89c-5322349906fc0"
content-type: text/plain; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: max-age=4028131
expires: Tue, 06 Dec 2022 14:03:22 GMT
date: Thu, 20 Oct 2022 23:07:51 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
webmail.optusnet.com.au/css/assets/fonts/markpro/19a3ebc699884aecee079593432d97c3.ttf
104.84.152.187200 OK 71 kB URL HTTP/2 webmail.optusnet.com.au/css/assets/fonts/markpro/19a3ebc699884aecee079593432d97c3.ttf
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
Hash 16a0f17f4cee84808ca8b670815767e2
d1d4b232eb94297ee019d66c914debf1a80c7122
13fadf5f8c0932e64bdd360fdf7223344223fd7509a513f5b46c24d3406acda1
GET /css/assets/fonts/markpro/19a3ebc699884aecee079593432d97c3.ttf HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Wed, 25 Nov 2020 03:43:59 GMT
etag: "3e07ca-24718-5b4e63ccb7dc0"
accept-ranges: bytes
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 20 Oct 2022 23:07:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:51 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: ak_bmsc=8D7D9F32BDBE04F0FD8758B3F44631AD~000000000000000000000000000000~YAAQt5hUaEG+6++DAQAAeyun9xGhZ14sDPFDIAJBAW9+qFGIAxI5zFdmuU7oRdaT92lMn9QkmjxBDg6qb9Bpp2qBFSpm8rh28NfiF6TCK2kQOwX8QIRpI3j8m0rHjGNYBlfHZtThIF8VL/UOK4iK4xptpPcPG4aamfZfH1Ys18QP24kSjoBEvkaR+S5d41NNhc6d7vzSkn2ndb3rqr5ngI8ZOaxE4RN8Tpc72xdL0WJ+Jq+kJaOorcfsEP4kBLQSHBw6EW9K0X2TJnkv+9ZCEVsaFZT39wPzyMQ2zVPy/a55HXq4ixy2kuQ7Qjt/e9T7J42OV2v9iXF3NBfaWmx9yt7zyoc2zcBfMphsg326Ek54V9snkFcGXkjS5Hn3/Spv99iyu/DPZWoS8KLMvms=; Domain=.optusnet.com.au; Path=/; Expires=Fri, 21 Oct 2022 01:07:51 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
ecocalor.michelettigroup.it/wp-admin/install.php
80.252.226.191200 OK 2.9 kB URL HTTP/1.1 ecocalor.michelettigroup.it/wp-admin/install.php
IP 80.252.226.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Hash 4af6ffa3042984e1276e00e004dca30c
feb72d7280ae54cf9481c2723f4dc41740fe591f
44d4608dce462c8b42411af2a27e4f711f33d128a6f1faaa0b1b7a13c5c98b43
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1; RT="z=1&dm=michelettigroup.it&si=z9arzyjvtkn&ss=l9hoc01n&sl=0&tt=0"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:52 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2916
Keep-Alive: timeout=10, max=9992
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9f4b1d3c4fdfbd28fa4afc92115bd9f9
365125fe68f668bae6f3c13ef21d92bb00783ebe
92ea3ab34acb6f2464ef06496365dd1a54767519d3429346849898739bf05bb5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 23:07:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f0b55633a85caa84bbab66d84cfeaefd
f26db3965219030d152064bc0893b6e2bfcb4957
6f74b2dc627a54e47e4f1ac97fae03d25e5557d2b7e6efd4856e929788e9f956
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 23:07:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22088848-3&cid=71832969.1666307282&jid=473857071&_u=aGBACEAAFAAAAC~&z=1189367336
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22088848-3&cid=71832969.1666307282&jid=473857071&_u=aGBACEAAFAAAAC~&z=1189367336
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22088848-3&cid=71832969.1666307282&jid=473857071&_u=aGBACEAAFAAAAC~&z=1189367336 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 23:07:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22088848-3&cid=71832969.1666307282&jid=473857071&_u=aGBACEAAFAAAAC~&z=1189367336
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22088848-3&cid=71832969.1666307282&jid=473857071&_u=aGBACEAAFAAAAC~&z=1189367336
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22088848-3&cid=71832969.1666307282&jid=473857071&_u=aGBACEAAFAAAAC~&z=1189367336 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 23:07:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f0b55633a85caa84bbab66d84cfeaefd
f26db3965219030d152064bc0893b6e2bfcb4957
6f74b2dc627a54e47e4f1ac97fae03d25e5557d2b7e6efd4856e929788e9f956
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 23:07:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/markpro-heavy.woff
23.38.200.195200 OK 138 kB URL HTTP/2 smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/markpro-heavy.woff
IP 23.38.200.195:0
File type Web Open Font Format, CFF, length 67808, version 7.504\012- data
Size 138 kB (137651 bytes)
Hash 10b53bc387545537691755c39b5221ef
08f55b7ecf0a58ee031fe15704d40415cf3982fa
309e9aea7fb3ae0211c35d44eedbd69e1b5dc233af7a028ac4b3297024201991
GET /opfiles/Shop/Consumer/Assets/AllFonts/markpro-heavy.woff HTTP/1.1
Host: smb.optus.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://smb.optus.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 06 May 2016 02:16:33 GMT
etag: "181e89-108e0-532230c2be240"
content-type: text/plain; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: max-age=4477114
expires: Sun, 11 Dec 2022 18:46:25 GMT
date: Thu, 20 Oct 2022 23:07:51 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8538
Expires: Fri, 21 Oct 2022 01:30:10 GMT
Date: Thu, 20 Oct 2022 23:07:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8538
Expires: Fri, 21 Oct 2022 01:30:10 GMT
Date: Thu, 20 Oct 2022 23:07:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8538
Expires: Fri, 21 Oct 2022 01:30:10 GMT
Date: Thu, 20 Oct 2022 23:07:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0f39369-b0de-4f1a-a265-fb5b78bd72bb.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0f39369-b0de-4f1a-a265-fb5b78bd72bb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9092a9add4d42e5bd0fd11c1459b5c69
4055fbef2d5d4e27a1d88ee293552f7742914390
b07359415e41671b4eb74c0d253d36f99bd2b40f6223bf4915bb11d2086af571
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0f39369-b0de-4f1a-a265-fb5b78bd72bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8859
x-amzn-requestid: 8ecd9a22-fe28-487d-b01a-a818eb874d6d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsQ9Es8oAMFiVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0d2-6cd9f84f1fe795e5758d2527;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:42:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fdnNzqN_Gw5Ysi3SdxOkqc2GfZwR3ORbXsjy64hkcxXhSWx8MpHaOw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:50:24 GMT
age: 4648
etag: "4055fbef2d5d4e27a1d88ee293552f7742914390"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0e33502-97b5-4327-985f-813c8107dbb8.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0e33502-97b5-4327-985f-813c8107dbb8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b772335d96ac97ec5b28623955fb026d
7a19bf011359ad768b05dd79cec66787d2dc59fd
c13e7384880ec6fe431f3627eb61529c7fdb934cf0b021b4586ff2dc1c2e1244
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0e33502-97b5-4327-985f-813c8107dbb8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4786
x-amzn-requestid: 263fe384-2385-48c4-b250-1708a3cdd710
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKKFOYoAMF92Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-46dfbb85286685373b0b5e77;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xdusXhbeR0jyonK4NDRdcAGEDLLLJ5rL1X3u4seqIpfGaw4yIN5LEg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:50:08 GMT
age: 4664
etag: "7a19bf011359ad768b05dd79cec66787d2dc59fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg
34.120.237.76200 OK 2.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76fdbaaa2ef28349492bdf0e44fa1208
6769eeb6762a3dd7dacf6a054fedf043acb463df
8c8b2db96e764f97aa91bd800b2a6f7bf6c9d96a9dd67f919f27b53074e339e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2305
x-amzn-requestid: d44cceea-ab77-400f-a7a6-ed80b9873106
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aE95TG2YoAMFiiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b76a1-57ed4d9437044cc1665e535b;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 03:12:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AsSDzjeB5RvDY9ZCxMe-b1bTQiQI6r2yB-PPBo9Qap4hWMINj4wmSA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 10:13:37 GMT
age: 46455
etag: "6769eeb6762a3dd7dacf6a054fedf043acb463df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97a147f-f3d0-45e2-ab3e-cd90d0626589.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97a147f-f3d0-45e2-ab3e-cd90d0626589.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c6ab9a31e082a0c0eaab2a0f526495a
c30e9954dcef66d4f14ac8618ebf2a1da0b3e12a
ca3a602c8af7b3e87957e54910663ea2bb72d008e14719af0f9fd7bd1a949f3e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97a147f-f3d0-45e2-ab3e-cd90d0626589.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6551
x-amzn-requestid: 4deffe4d-e687-436e-938c-f8128bb84376
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zql_MG5QoAMFahg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6340e9fa-66d4e2210fda5a80155f2466;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 03:09:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V5ilfg4GVL-HvWbuZrvFkZynDNCZDiBVNTDWjLdr2ZCLjH04NW3yqw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 07:30:12 GMT
age: 56260
etag: "c30e9954dcef66d4f14ac8618ebf2a1da0b3e12a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcd75a30-b86f-487c-9bd7-4cc33f5ffaa6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcd75a30-b86f-487c-9bd7-4cc33f5ffaa6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92376b39b83dbbd4e18725ffe338a348
9a9fa707f507d0c9db15f422b29e1ea4baff5aff
5dca893e682d31f6ebbd01f2f587bb5374c0ccc23d81a99ccae38c02db86c166
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcd75a30-b86f-487c-9bd7-4cc33f5ffaa6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11799
x-amzn-requestid: 99c0ee76-b0c5-47fb-bb88-8f2041c14013
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUr-UF2mIAMFh4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c05b-386fb3157e4b63af7899705b;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:40:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lhRt-nFYnea2frKiWBGu6akrGHom67TzZU488Otjk40lEFMWpuaNWA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:49:07 GMT
age: 4725
etag: "9a9fa707f507d0c9db15f422b29e1ea4baff5aff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cf1b5d7-d878-479d-b3d9-7686ee0227ab.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cf1b5d7-d878-479d-b3d9-7686ee0227ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef2bbeb80f3b5ed8230377024febf22a
542d0ec1eb9ed3805327a415606dfdaebc760650
b05e48b03380a0f57cafd7e78682cdf78b087de20a8af3f9e83b286c3df27e19
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cf1b5d7-d878-479d-b3d9-7686ee0227ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5748
x-amzn-requestid: 43155cec-36ed-461c-80d8-4dd55a74f622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKLHLgoAMFrpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-5dc550c8214d049c6319189f;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hEjyTWJG-5hG2_dT0-lhuJ6LH846ls6-wLEXM-tfnXZQfmgP8ERdbw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:50:08 GMT
etag: "542d0ec1eb9ed3805327a415606dfdaebc760650"
content-type: image/jpeg
age: 4664
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
webmail.optusnet.com.au/css/assets/fonts/optus-icons/3b871fdce18529649ee34f0a03b9c4a7.woff
104.84.152.187200 OK 0 B URL HTTP/2 webmail.optusnet.com.au/css/assets/fonts/optus-icons/3b871fdce18529649ee34f0a03b9c4a7.woff
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
GET /css/assets/fonts/optus-icons/3b871fdce18529649ee34f0a03b9c4a7.woff HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Wed, 25 Nov 2020 03:44:02 GMT
etag: "3e07de-20284-5b4e63cf94480"
accept-ranges: bytes
content-length: 131716
content-type: text/plain; charset=UTF-8
expires: Thu, 20 Oct 2022 23:07:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:51 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: ak_bmsc=E7330D4B2640AEF690C54D70BCC94837~000000000000000000000000000000~YAAQt5hUaDu+6++DAQAAXyun9xEiylWlUoLODZ/XD7Re03QtsqyXveBC03xc2iuOyqh2lvsFU4qCU9vadjLBQUGMIwJvs+QAWVSrjVY4WTdJ52X8dMcAObAMnh/g2JGYKA6sI/Tn2JcTWY1t5vgWJqmXi6sVB8LxNPIOoVWWddLGsPJGMO+3UIw82yy+lmd/lKRi3PanS+eRB9hGAUWN2KhSIaPAL2hv5ovdTnvQBxqVNCWWY+AlLjSV4TdGSHlp9k5meD8qmOHUElHpbSpIWNZh4BMTnYLrlvNkeJLFnwxGxWIoYiAeTubMYvO19/QG5tNJnxPxiUJCtb0xcaJ54d8Ogd/Ori8n17YziAjrpnYCDSnG1wXbyrvX3JkOKjzwmSD68v1qwNTaPXnzdeA=; Domain=.optusnet.com.au; Path=/; Expires=Fri, 21 Oct 2022 01:07:51 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2