20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
20.199.19.234200 OK 33 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 33542cf4a402f40958ada75ee3dfc907
b2a08709cdc9885564a83a81f1028722111932ec
202290836ffd863ebd78380f9c3aa7933b11fc4e286415cbcb82128acd8d0679
GET /dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:14 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash cd8d0809aa5948f2a6ee41d2158861af
098cd24ac587cdc70137af412678526de4d43969
88e6741d6bf076bf7132c7cf98456702cc775476095aafd839888edff52fb03e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Alert, Retry-After, Content-Length, Content-Type
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 24 Oct 2022 20:53:04 GMT
Expires: Mon, 24 Oct 2022 21:02:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 51k-tPlXfBKulSIHHvb3lh7KmaRg42Xa8YP4BLf4P-KMS-Bw099yJw==
Age: 970
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4405
Expires: Mon, 24 Oct 2022 22:22:39 GMT
Date: Mon, 24 Oct 2022 21:09:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cecd3b2e0cd07173ee1fb63b0a744119
774e0935fffd5bb39799c040098e32c3dc88702f
78c2c60f2d752f572f1711e23aa3f82d5e5bce1940064405f6f989886f6315df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78C2C60F2D752F572F1711E23AA3F82D5E5BCE1940064405F6F989886F6315DF"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8395
Expires: Mon, 24 Oct 2022 23:29:09 GMT
Date: Mon, 24 Oct 2022 21:09:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WyOVRjhna/PNC0EZzs2dwxtRWvlfUdJPYz4KbP9PFQWLV6mtY7Z9iNAnfYyQXIuhSYEhWpdUPuQSe6Cfa809eA==
x-amz-request-id: MJ0NF15AS54YRR30
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 24 Oct 2022 20:38:31 GMT
age: 1843
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 21:09:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
waust.at/s.js
104.26.5.7200 OK 3.5 kB IP 104.26.5.7:0
File type ASCII text, with very long lines (8514), with no line terminators
Hash 7ba20d7d8e8f534a8d4b3e4848ba40e8
9757fceb751a25322b2f62ae9e8b9918add51baf
8351897e53bf4e0419e84c7a50076de46c03faa8a16baed3cc999374bf95c0db
GET /s.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 29 Aug 2022 18:12:58 GMT
etag: W/"630d01aa-2142"
expires: Tue, 25 Oct 2022 21:05:30 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
CF-Cache-Status: HIT
Age: 225
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiqpF7i4ThQ15QXhQ%2FJXscz6YCB8nlOlBsA3UIun%2B1EmuJCAxRckxCWgOM%2BkoEQELnjHlVDerxcvyj%2BjnPEidKgMq5mwE38PlE%2BajVH7FujaSkHKQxRnjI8G"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75f5b141b8501c06-OSL
alt-svc: h2=":443"; ma=60
20-199-19-234.cprapid.com/dpd/program/layout/applicazione-carburanti.css
20.199.19.234200 OK 13 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/applicazione-carburanti.css
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (13244), with CRLF line terminators
Hash 14b9439c8d4a7f8282a1eea47e9c3566
e799f0774d9aba5e010b6c1b694e16be44ec890b
1de9e9c15a3d6641f8466ac0d8a2f861be355f0dcd94dceab8e202b9bad9b784
GET /dpd/program/layout/applicazione-carburanti.css HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:18:52 GMT
Accept-Ranges: bytes
Content-Length: 13433
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
20-199-19-234.cprapid.com/dpd/program/layout/slick.css
20.199.19.234200 OK 2.2 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/slick.css
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (2031), with CRLF line terminators
Hash dd0b3483b8e2001f321463eabccf9ba9
6556b6bf6c2fdd9d9b149a1c7ebd005c3a9b7889
587145223d451023581d76c024aa8ade1377b05679fe11fb9e7cb9b83946f049
GET /dpd/program/layout/slick.css HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:18:34 GMT
Accept-Ranges: bytes
Content-Length: 2200
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
20-199-19-234.cprapid.com/dpd/program/layout/MappaDoveTrovarci.css
20.199.19.234200 OK 11 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/MappaDoveTrovarci.css
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (10575), with CRLF line terminators
Hash d10418be05871fcc5f56601b59f7ba3f
44195f61f0a25f349533a4f2a50b50b292eb8546
c455f42ffb8f81a00cfd23f90f90e5bedcc12a925b3f4cfdddcf8afbbe96a0b0
GET /dpd/program/layout/MappaDoveTrovarci.css HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:19:05 GMT
Accept-Ranges: bytes
Content-Length: 10756
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
20-199-19-234.cprapid.com/dpd/program/layout/jquery.smartbanner.css
20.199.19.234200 OK 4.3 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/jquery.smartbanner.css
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 14f0217f02d3a327d0f86bd53fd8fa93
e96b13504bc89ef639503745934a15ab277339e1
bef5f7460dd336051731e6257746851d2e05b92de405e29d47f289e5dc23754c
GET /dpd/program/layout/jquery.smartbanner.css HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:45:27 GMT
Accept-Ranges: bytes
Content-Length: 4333
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
20-199-19-234.cprapid.com/dpd/program/layout/rintracciaspedizioni.css
20.199.19.234200 OK 10 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/rintracciaspedizioni.css
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (398), with CRLF line terminators
Hash 8812f7dea3e4adc4e9f94427fb163f41
3b9784754a9f52afabb0136aa80234b693045979
95ab5ef358d256072057bcd234c85fa1ddce349177a5166def5594f5f25248f6
GET /dpd/program/layout/rintracciaspedizioni.css HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Fri, 11 Feb 2022 08:37:02 GMT
Accept-Ranges: bytes
Content-Length: 10039
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
20-199-19-234.cprapid.com/dpd/program/layout/bootstrap.min.css
20.199.19.234200 OK 156 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/bootstrap.min.css
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65319), with CRLF line terminators
Size 156 kB (155764 bytes)
Hash 8fe70898895271ddc62823321011273a
60f0159744e3b554a45da027f9e7faa992aed71a
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
GET /dpd/program/layout/bootstrap.min.css HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:10:54 GMT
Accept-Ranges: bytes
Content-Length: 155764
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
20-199-19-234.cprapid.com/dpd/program/layout/FlexJS.js
20.199.19.234200 OK 22 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/FlexJS.js
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 760043c02e5ad8250143432496cb1e95
43c58bc8327c95b2882c6166158ab229f69dc20e
32095cbb818303a76241a875198b459096fcce979d54e0f2775433a42b4063b3
Analyzer Verdict Alert fortinet Phishing
GET /dpd/program/layout/FlexJS.js HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:56:14 GMT
Accept-Ranges: bytes
Content-Length: 21782
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 1ea30e37b7f86b7d0a7cb7341087fdc1
2e88a09e17356724c7e0f488d70be82ebc64f55c
bb85d7fbaf1d4c0dc0a7cd27aebc8f21f942bf703896186a765131c80c87f059
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:09:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3e1bb48ebff0d9bf38d970a507a77938
2c4d3493a2d5e64ff86caa9d9f34f5164561a899
ea3c5e3f160b392dca3d5ef017a95ebbe9559e22658af0f8a7d42da34a69055e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6225
Cache-Control: max-age=142879
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:09:15 GMT
Etag: "635671c9-117"
Expires: Wed, 26 Oct 2022 12:50:34 GMT
Last-Modified: Mon, 24 Oct 2022 11:06:49 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:09:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
20-199-19-234.cprapid.com/dpd/program/layout/DropDownMenu.js
20.199.19.234200 OK 2.5 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/DropDownMenu.js
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 7b48c7adc759259273d1a9b110c9d34d
cb00a61719d0523efc21192e18705bcb0cf568ed
c5b60596c83a6a6ad571510793a32790545ef1a90a6e3f8043fb738d28cd3d39
Analyzer Verdict Alert fortinet Phishing
GET /dpd/program/layout/DropDownMenu.js HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:57:04 GMT
Accept-Ranges: bytes
Content-Length: 2528
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
20-199-19-234.cprapid.com/dpd/program/layout/all.css
20.199.19.234200 OK 174 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/all.css
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65389), with CRLF line terminators
Size 174 kB (174337 bytes)
Hash 2bc4fd8f7766f129c10c2dd8f935e745
f2e023c433f91a57433bb446345f24130f102415
c0d22cec83d6202205c0c4f032831100c6d7c9fc65d949c8bae6ea0f3ee39516
GET /dpd/program/layout/all.css HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:11:10 GMT
Accept-Ranges: bytes
Content-Length: 174337
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
20-199-19-234.cprapid.com/dpd/program/layout/slick.min.js
20.199.19.234200 OK 43 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/slick.min.js
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (42862)
Hash d5a61c749e44e47159af8a6579dda121
3b41b3bc956685015a347a2238e71db29dfa0dbb
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Analyzer Verdict Alert fortinet Phishing
GET /dpd/program/layout/slick.min.js HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:57:06 GMT
Accept-Ranges: bytes
Content-Length: 42863
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.googletagmanager.com/gtag/js?id=UA-16368494-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-16368494-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1588)
Hash 877daaae4ae1c732060072b5a41aff06
186a4ca5c997ff71d3f84f5dc2d6e56fbfdc7b82
ed4ec96e0b819608a294920ab666c96ee1e44d8b7bd7e081e0dd697d81f2c51d
GET /gtag/js?id=UA-16368494-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 24 Oct 2022 21:09:15 GMT
expires: Mon, 24 Oct 2022 21:09:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43649
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
20-199-19-234.cprapid.com/dpd/program/layout/bootstrap.bundle.min.js
20.199.19.234200 OK 79 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/bootstrap.bundle.min.js
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65297)
Hash a454220fc07088bf1fdd19313b6bfd50
265a733cb7fbc481fd2510a659a85ad55c93c895
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
Analyzer Verdict Alert fortinet Phishing
GET /dpd/program/layout/bootstrap.bundle.min.js HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 78635
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
20-199-19-234.cprapid.com/dpd/program/layout/flex.css
20.199.19.234200 OK 102 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/flex.css
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (65364), with CRLF line terminators
Size 102 kB (101686 bytes)
Hash 4e68e191e41175cf6abdd06065c03f29
620c303fd0f87dd511265de5bb3b10909d47a7f0
fd7f86cc227664360cf976786c766cbe8afa2a2759d8de5bcf47c712bccfd43d
GET /dpd/program/layout/flex.css HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:19:39 GMT
Accept-Ranges: bytes
Content-Length: 101686
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
20-199-19-234.cprapid.com/dpd/program/layout/jquery.smartbanner.js
20.199.19.234200 OK 9.8 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/jquery.smartbanner.js
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, Unicode text, UTF-8 text
Hash d227022ee2263f88319bbc7b17d8d900
84243fff1ba86e7f58146a5e0731da6e60357703
bc58030c40a89177bf413013256e50ebe3c6da30b64e72260dc4c3118181ccfa
Analyzer Verdict Alert fortinet Phishing
GET /dpd/program/layout/jquery.smartbanner.js HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:57:09 GMT
Accept-Ranges: bytes
Content-Length: 9784
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
20-199-19-234.cprapid.com/dpd/program/layout/Logo_DPD_top.svg
20.199.19.234200 OK 3.4 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/Logo_DPD_top.svg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3362), with no line terminators
Hash d4f64266e87dee035eac104580821622
998b813a6bcc91de0f1e2a7a9fcedb98481ee29e
82459ee1c5cbd6c6103eb91f7b32d9bee528b18ae3fdce9aaf21d4f3711d3c57
Analyzer Verdict Alert fortinet Phishing
GET /dpd/program/layout/Logo_DPD_top.svg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:54:00 GMT
Accept-Ranges: bytes
Content-Length: 3362
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml
20-199-19-234.cprapid.com/dpd/program/layout/dpd.png
20.199.19.234200 OK 21 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/dpd.png
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 141 x 67, 8-bit/color RGBA, non-interlaced\012- data
Hash 3adf083373a5d24d4b23ec4e212d94cd
4120c41feff071a8b02da31f3e7f65dcde1056b6
268b37ae55b70848676c6c100f52249325e99c6d511d95ebe841ad03bc685069
GET /dpd/program/layout/dpd.png HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Thu, 20 Jan 2022 11:50:31 GMT
Accept-Ranges: bytes
Content-Length: 21097
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
20-199-19-234.cprapid.com/dpd/program/layout/Logo-DPD-footer.svg
20.199.19.234200 OK 3.0 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/Logo-DPD-footer.svg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (2977), with no line terminators
Hash 9933d7ceee49b115ff7339bf8391b1c3
eb3d35081d2d8ae6e86f74959a58a470cc0e2917
4ec0cc94e8325a36d18ab2200c07f2113c7219d34763e8269461b3f1f89c15ab
Analyzer Verdict Alert fortinet Phishing
GET /dpd/program/layout/Logo-DPD-footer.svg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:56:42 GMT
Accept-Ranges: bytes
Content-Length: 2977
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
20-199-19-234.cprapid.com/dpd/program/layout/ico-spedizione.svg
20.199.19.234200 OK 808 B URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/ico-spedizione.svg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (800), with no line terminators
Hash 66efdaebd99908dd163908b56006632f
0806fb4fb3cb19570b10bcbdeb52f54a82f34178
c40f6ecfe233d63372c75975b8bb15dabc2e82acfc0dac6e62105a1d4c521341
Analyzer Verdict Alert fortinet Phishing
GET /dpd/program/layout/ico-spedizione.svg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:55:21 GMT
Accept-Ranges: bytes
Content-Length: 808
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
20-199-19-234.cprapid.com/dpd/program/layout/ico-tempi.svg
20.199.19.234200 OK 2.0 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/ico-tempi.svg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1951), with no line terminators
Hash f836a6bff530d5e4c0e07d312ac0bd43
57e855f12427e191ef3bf56f5aa06e1a1b8fe428
cc997fb56b14926f7747e54dec26cb428be9d26eb35c0569125f903a8f58261c
Analyzer Verdict Alert fortinet Phishing
GET /dpd/program/layout/ico-tempi.svg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:56:20 GMT
Accept-Ranges: bytes
Content-Length: 1959
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 1ea30e37b7f86b7d0a7cb7341087fdc1
2e88a09e17356724c7e0f488d70be82ebc64f55c
bb85d7fbaf1d4c0dc0a7cd27aebc8f21f942bf703896186a765131c80c87f059
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:09:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
20-199-19-234.cprapid.com/dpd/program/layout/ico-ricerca.svg
20.199.19.234200 OK 2.8 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/ico-ricerca.svg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (2788), with no line terminators
Hash aec6ff3da7cea468ac572aa0ef8df2a8
342bf13900f7e8032bc7faf1a5704ab3eb23b504
93778717aa7126e40ed978ec53381cb0520b2157ad0caeee69e9273e9890d838
Analyzer Verdict Alert fortinet Phishing
GET /dpd/program/layout/ico-ricerca.svg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:56:25 GMT
Accept-Ranges: bytes
Content-Length: 2796
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml
20-199-19-234.cprapid.com/dpd/program/layout/ico-ritiro.svg
20.199.19.234200 OK 2.7 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/ico-ritiro.svg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (2723), with no line terminators
Hash d823e32557094e094d2db22e695da821
25862ff41bf858532a38eea3aa1c46aec715424b
70494f58394327833265bebcd56fec862deb9062a274079caf6d5e07bf7d3cad
Analyzer Verdict Alert fortinet Phishing
GET /dpd/program/layout/ico-ritiro.svg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:55:32 GMT
Accept-Ranges: bytes
Content-Length: 2723
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml
20-199-19-234.cprapid.com/dpd/program/layout/3.jpg
20.199.19.234200 OK 92 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/3.jpg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1300x352, components 3\012- data
Hash fdc5bbc8b9b0d801af37e046580a3ac6
a98db790664d3242bb5f157f93b25d97ce98f0ea
e1796edebe65a566dcc9767bf50be85c5eb1742681649e47469b42e1b0ef56e4
GET /dpd/program/layout/3.jpg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Tue, 25 Jan 2022 12:40:49 GMT
Accept-Ranges: bytes
Content-Length: 92185
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
20-199-19-234.cprapid.com/dpd/program/layout/banner_versand-dpd.jpg
20.199.19.234200 OK 277 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/banner_versand-dpd.jpg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1280x300, components 3\012- data
Size 277 kB (277075 bytes)
Hash d27ef8870fc957ed9e5b536c42a89cb2
bb257a978071484f738e280529c115e4beacacd7
8c29792dd0ad83228dc72c2f7e0016336a6e43a603404a0604e9c6e00ff65f7d
GET /dpd/program/layout/banner_versand-dpd.jpg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Sun, 20 Feb 2022 19:00:09 GMT
Accept-Ranges: bytes
Content-Length: 277075
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
20-199-19-234.cprapid.com/dpd/program/layout/dpd_logo_redgrad_rgb.png
20.199.19.234200 OK 224 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/dpd_logo_redgrad_rgb.png
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 4097 x 1822, 8-bit/color RGBA, non-interlaced\012- data
Size 224 kB (224314 bytes)
Hash dff7f287447aaecd51d1ac2ad8cc44dc
c090020c966a57b4059f564d70f079a552b7fe81
228016cd2143451261b84a38c35d5c902af0be803071c316ab71bd8057efd172
GET /dpd/program/layout/dpd_logo_redgrad_rgb.png HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Sun, 20 Feb 2022 19:25:14 GMT
Accept-Ranges: bytes
Content-Length: 224314
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
20-199-19-234.cprapid.com/dpd/program/layout/ico-rintraccia.svg
20.199.19.234200 OK 2.3 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/ico-rintraccia.svg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (2286), with no line terminators
Hash 5da88e2c33833f8c5f9e3a8eae29b614
38902b7c00fae386e9e8421a400bf75b1b8e0951
e774edcb209f37323bd87537847f9f80b8e45ac40cc2edf5f1613c72b296d062
Analyzer Verdict Alert fortinet Phishing
GET /dpd/program/layout/ico-rintraccia.svg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:55:41 GMT
Accept-Ranges: bytes
Content-Length: 2294
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:09:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3e1bb48ebff0d9bf38d970a507a77938
2c4d3493a2d5e64ff86caa9d9f34f5164561a899
ea3c5e3f160b392dca3d5ef017a95ebbe9559e22658af0f8a7d42da34a69055e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6225
Cache-Control: max-age=142879
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:09:15 GMT
Etag: "635671c9-117"
Expires: Wed, 26 Oct 2022 12:50:34 GMT
Last-Modified: Mon, 24 Oct 2022 11:06:49 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
20-199-19-234.cprapid.com/dpd/program/layout/stampa.css
20.199.19.234200 OK 42 kB URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/stampa.css
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (41490), with CRLF line terminators
Hash 66724bcbf00999acbde8a048fe5ae75d
5221c35013860f45f3bc9632cfbbac6019d04254
7bdcd0b2bef61a5f54acb82fc6afe2fc8e30ade3528eaaebc646410369365c68
GET /dpd/program/layout/stampa.css HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:19:36 GMT
Accept-Ranges: bytes
Content-Length: 41662
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:09:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:09:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 12372, version 1.0\012- data
Hash 0ef99cf07a2a261ab43d5dc1937ffb27
bd39f9cd13ef2a6f912dcba8fa916fc67b4a19d9
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
GET /s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://20-199-19-234.cprapid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:28:25 GMT
expires: Thu, 19 Oct 2023 19:28:25 GMT
cache-control: public, max-age=31536000
age: 438050
last-modified: Wed, 27 Apr 2022 16:19:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 12136, version 1.0\012- data
Hash 5d7c6bb8fd4fc992c54e596ab7433d5d
35fd6e4c125235cb7f9aa6e297da4b64ae45b06a
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c
GET /s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://20-199-19-234.cprapid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12136
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:28:30 GMT
expires: Thu, 19 Oct 2023 19:28:30 GMT
cache-control: public, max-age=31536000
age: 438045
last-modified: Wed, 27 Apr 2022 15:39:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 24 Oct 2022 20:33:32 GMT
Expires: Mon, 24 Oct 2022 20:58:24 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rCXr9JPvKoDgzAlFPpWT6bIhiD5Te5iH-QpsHMiS9L75YvYdb808sA==
Age: 2143
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:09:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7c6fdc8e76ef5875b5c965ade2df503e
45d548aa2a9d7ede163743274790700878eaea62
d2ff6eacd48af4892a2642e5d7bb925ca683062139f5a5cb4047f6f706830618
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5168
Cache-Control: max-age=131018
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:09:15 GMT
Etag: "63564795-1d7"
Expires: Wed, 26 Oct 2022 09:32:53 GMT
Last-Modified: Mon, 24 Oct 2022 08:06:45 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 11796, version 1.0\012- data
Hash 8d4079c3aa4f01e6d9bbd4f1bbcdf114
52ab47c062d0bfdbd34dbd31784008bd0e4c4227
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
GET /s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://20-199-19-234.cprapid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:28:37 GMT
expires: Thu, 19 Oct 2023 19:28:37 GMT
cache-control: public, max-age=31536000
age: 438038
last-modified: Wed, 27 Apr 2022 15:47:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 24 Oct 2022 20:41:09 GMT
expires: Mon, 24 Oct 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 1686
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 882bd6bed1136169cb6febd8a8fa9a7c
46640ffb93c5cba3e255cb1ac872628b99789749
55e422aecd456a0f0d4a432028a725da3bd07088972d93736395ebf6254d26fb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 22 Oct 2022 05:29:14 GMT
Expires: Sat, 29 Oct 2022 05:29:13 GMT
Etag: "46640ffb93c5cba3e255cb1ac872628b99789749"
Cache-Control: max-age=374997,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75f5b146ca53b4eb-OSL
push.services.mozilla.com/
35.164.56.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.56.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BwiVosAFzi6KcCTWRskT/Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zeLWA6EsPOIVVl4eXEqEJLvTF2w=
widgets.amung.us/small.js
104.22.75.171200 OK 3.5 kB URL HTTP/2 widgets.amung.us/small.js
IP 104.22.75.171:0
File type ASCII text, with very long lines (8537), with no line terminators
Hash 7ee97ec50b78950f77ebe59125112cfa
1fcfee45ed636a02d71675ad2a5895ccdcfe43f4
fa03fdefd9b2c9de44da0d5dee60a467ce52efeb17a4b9c844ce0a88c3384f5f
GET /small.js HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 24 Oct 2022 21:09:16 GMT
content-type: application/x-javascript
last-modified: Mon, 29 Aug 2022 18:12:50 GMT
etag: W/"630d01a2-2142"
expires: Tue, 25 Oct 2022 21:08:09 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 67
vary: Accept-Encoding
server: cloudflare
cf-ray: 75f5b1472efd0a20-ARN
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=d44fzsonjq&t=Suivre%20mon%20colis%20%7C%20DPD%20-&c=s&x=http%3A%2F%2F20-199-19-234.cprapid.com%2Fdpd%2Fprogram%2Fupdate.php%3F%26return_url%3D9b8fc7114ee5d4e7ab629bc2dad7f21f%26enrolmentID%3Df12f7dad2cb926ba7e4d5ee4117cf8b9%3Fsecuressl%3Dtrue&y=&a=1&d=1.387&v=27&r=8629
172.67.8.141200 OK 48 B URL HTTP/1.1 whos.amung.us/pingjs/?k=d44fzsonjq&t=Suivre%20mon%20colis%20%7C%20DPD%20-&c=s&x=http%3A%2F%2F20-199-19-234.cprapid.com%2Fdpd%2Fprogram%2Fupdate.php%3F%26return_url%3D9b8fc7114ee5d4e7ab629bc2dad7f21f%26enrolmentID%3Df12f7dad2cb926ba7e4d5ee4117cf8b9%3Fsecuressl%3Dtrue&y=&a=1&d=1.387&v=27&r=8629
IP 172.67.8.141:0
File type ASCII text, with no line terminators
Hash ceb926e612dbdb14096f5ad9f804bd97
873be6baa4b1ac438097cf1b54ba1c59eb581c41
eea7b66921de84dbab0ec316ce9429208ef242aa9fa88930f5e4a7d25119f40a
GET /pingjs/?k=d44fzsonjq&t=Suivre%20mon%20colis%20%7C%20DPD%20-&c=s&x=http%3A%2F%2F20-199-19-234.cprapid.com%2Fdpd%2Fprogram%2Fupdate.php%3F%26return_url%3D9b8fc7114ee5d4e7ab629bc2dad7f21f%26enrolmentID%3Df12f7dad2cb926ba7e4d5ee4117cf8b9%3Fsecuressl%3Dtrue&y=&a=1&d=1.387&v=27&r=8629 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:16 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75f5b1477d3ab518-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 57ce924fd7b602a78b54d11d4faf585f
47da1f05e7d19e89719ecc04949ca40c6e06d77d
25a2fbef5df5c32be72d36b611635b95e4751b75807481faaeadbdda460990bc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 23 Oct 2022 05:56:48 GMT
Expires: Sun, 30 Oct 2022 05:56:47 GMT
Etag: "47da1f05e7d19e89719ecc04949ca40c6e06d77d"
Cache-Control: max-age=463050,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75f5b1482c61b4eb-OSL
t.dtscout.com/i/?l=http%3A%2F%2F20-199-19-234.cprapid.com%2Fdpd%2Fprogram%2Fupdate.php%3F%26return_url%3D9b8fc7114ee5d4e7ab629bc2dad7f21f%26enrolmentID%3Df12f7dad2cb926ba7e4d5ee4117cf8b9%3Fsecuressl%3Dtrue&j=
158.69.139.230200 OK 2.1 kB URL HTTP/1.1 t.dtscout.com/i/?l=http%3A%2F%2F20-199-19-234.cprapid.com%2Fdpd%2Fprogram%2Fupdate.php%3F%26return_url%3D9b8fc7114ee5d4e7ab629bc2dad7f21f%26enrolmentID%3Df12f7dad2cb926ba7e4d5ee4117cf8b9%3Fsecuressl%3Dtrue&j=
IP 158.69.139.230:0
File type ASCII text, with very long lines (2077)
Hash 51bd741af3fcc4984d1a753eebfa1141
534664acf69cbbb5c9b97c96b63dd37bdc580da2
3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c
GET /i/?l=http%3A%2F%2F20-199-19-234.cprapid.com%2Fdpd%2Fprogram%2Fupdate.php%3F%26return_url%3D9b8fc7114ee5d4e7ab629bc2dad7f21f%26enrolmentID%3Df12f7dad2cb926ba7e4d5ee4117cf8b9%3Fsecuressl%3Dtrue&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 24 Oct 2022 21:09:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-S: mtl3
Set-Cookie: m=1; Domain=dtscout.com; Expires=Mon, 24-Oct-2022 22:32:36 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
b=1; Domain=dtscout.com; Expires=Tue, 25-Oct-2022 02:09:16 GMT; Max-Age=18000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Tue, 25-Oct-2022 01:09:16 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1666645756; Domain=dtscout.com; Expires=Wed, 01-Feb-2023 21:09:16 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
X-T: 0.697
Expires: Mon, 24 Oct 2022 21:09:15 GMT
Cache-Control: no-cache
t.dtscout.com/i/?l=http%3A%2F%2F20-199-19-234.cprapid.com%2Fdpd%2Fprogram%2Fupdate.php%3F%26return_url%3D9b8fc7114ee5d4e7ab629bc2dad7f21f%26enrolmentID%3Df12f7dad2cb926ba7e4d5ee4117cf8b9%3Fsecuressl%3Dtrue&j=
158.69.139.230200 OK 2.1 kB URL HTTP/1.1 t.dtscout.com/i/?l=http%3A%2F%2F20-199-19-234.cprapid.com%2Fdpd%2Fprogram%2Fupdate.php%3F%26return_url%3D9b8fc7114ee5d4e7ab629bc2dad7f21f%26enrolmentID%3Df12f7dad2cb926ba7e4d5ee4117cf8b9%3Fsecuressl%3Dtrue&j=
IP 158.69.139.230:0
File type ASCII text, with very long lines (2077)
Hash 51bd741af3fcc4984d1a753eebfa1141
534664acf69cbbb5c9b97c96b63dd37bdc580da2
3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c
GET /i/?l=http%3A%2F%2F20-199-19-234.cprapid.com%2Fdpd%2Fprogram%2Fupdate.php%3F%26return_url%3D9b8fc7114ee5d4e7ab629bc2dad7f21f%26enrolmentID%3Df12f7dad2cb926ba7e4d5ee4117cf8b9%3Fsecuressl%3Dtrue&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 24 Oct 2022 21:09:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-S: mtl3
Set-Cookie: m=1; Domain=dtscout.com; Expires=Mon, 24-Oct-2022 22:32:36 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
b=1; Domain=dtscout.com; Expires=Tue, 25-Oct-2022 02:09:16 GMT; Max-Age=18000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Tue, 25-Oct-2022 01:09:16 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1666645756; Domain=dtscout.com; Expires=Wed, 01-Feb-2023 21:09:16 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
X-T: 0.575
Expires: Mon, 24 Oct 2022 21:09:15 GMT
Cache-Control: no-cache
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4e7c82c20cb576cabe90810e22a8ff79
9c4ac7b981564a7a51e86ddd4bff3fffa92e8b92
3339eba57fa8a3104022c9ddf5f81738a7d7f8e3799f8f44ca806f955a101434
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 23 Oct 2022 11:33:41 GMT
Expires: Sun, 30 Oct 2022 11:33:40 GMT
Etag: "9c4ac7b981564a7a51e86ddd4bff3fffa92e8b92"
Cache-Control: max-age=483263,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75f5b14b1883b4eb-OSL
t.dtscout.com/pv/?_a=v&_h=20-199-19-234.cprapid.com&_ss=2mbzb09eu2&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=25r2&_cb=_dtspv.c
158.69.139.230200 OK 51 B URL HTTP/1.1 t.dtscout.com/pv/?_a=v&_h=20-199-19-234.cprapid.com&_ss=2mbzb09eu2&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=25r2&_cb=_dtspv.c
IP 158.69.139.230:0
File type ASCII text, with no line terminators
Hash 3c0da60c92ced8b175d10f165594b066
0400ca397dd38b2919f1b149a5b7b4c9de567c74
06ed99e2a886f5b6524587faff6e149ec66f0d2c4ae53279fb0c75fe621f54c8
GET /pv/?_a=v&_h=20-199-19-234.cprapid.com&_ss=2mbzb09eu2&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=25r2&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Cookie: m=1; b=1; oa=1; df=1666645756
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 24 Oct 2022 21:09:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-T: 0.224
X-C: 0
Expires: Mon, 24 Oct 2022 21:09:15 GMT
Cache-Control: no-cache
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9ed554f0d1187302352f943e39d6c91a
10e1bb8702d0d14c56b659b1662b7c857484b0e7
2e1eda67a00dcf60ade2e3332b7f8b0c18c88ea6794fbb49fa9503e7c02236e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-16368494-1&cid=247180599.1666645755&jid=54258425&gjid=752728736&_gid=1996330300.1666645755&_u=YEBAAUAAAAAAACAAIAB~&z=226220268
173.194.222.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-16368494-1&cid=247180599.1666645755&jid=54258425&gjid=752728736&_gid=1996330300.1666645755&_u=YEBAAUAAAAAAACAAIAB~&z=226220268
IP 173.194.222.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-16368494-1&cid=247180599.1666645755&jid=54258425&gjid=752728736&_gid=1996330300.1666645755&_u=YEBAAUAAAAAAACAAIAB~&z=226220268 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://20-199-19-234.cprapid.com
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://20-199-19-234.cprapid.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 24 Oct 2022 21:09:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4e7c82c20cb576cabe90810e22a8ff79
9c4ac7b981564a7a51e86ddd4bff3fffa92e8b92
3339eba57fa8a3104022c9ddf5f81738a7d7f8e3799f8f44ca806f955a101434
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 23 Oct 2022 11:33:41 GMT
Expires: Sun, 30 Oct 2022 11:33:40 GMT
Etag: "9c4ac7b981564a7a51e86ddd4bff3fffa92e8b92"
Cache-Control: max-age=483263,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75f5b14b1a7cb500-OSL
cdn.tynt.com/tc.js
104.18.19.39200 OK 7.2 kB IP 104.18.19.39:0
Hash 513941a057f6c57d1da136828c31071f
8124abca3e5ed72c4f24fe1c123eb8ff2540495f
e4357fbc2ec524f75d3d663697b2a0c17c7ced46d3f9b2553a0751acc26e5c6d
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 24 Oct 2022 21:09:16 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:29 GMT
vary: Accept-Encoding
etag: W/"62d96959-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 193700
expires: Thu, 27 Oct 2022 21:09:16 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 75f5b14b7fa5b521-OSL
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0&t=Suivre%20mon%20colis%20%7C%20DPD%20-
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0&t=Suivre%20mon%20colis%20%7C%20DPD%20-
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0&t=Suivre%20mon%20colis%20%7C%20DPD%20- HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 24 Oct 2022 21:09:17 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0&t=Suivre%20mon%20colis%20%7C%20DPD%20-
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0&t=Suivre%20mon%20colis%20%7C%20DPD%20-
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0&t=Suivre%20mon%20colis%20%7C%20DPD%20- HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 24 Oct 2022 21:09:17 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0&t=Suivre%20mon%20colis%20%7C%20DPD%20-
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0&t=Suivre%20mon%20colis%20%7C%20DPD%20-
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0&t=Suivre%20mon%20colis%20%7C%20DPD%20- HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 24 Oct 2022 21:09:17 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!dpdfr~w!d44fzsonjq&dn=TC&cc=1&r=
67.202.105.34200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!dpdfr~w!d44fzsonjq&dn=TC&cc=1&r=
IP 67.202.105.34:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!dpdfr~w!d44fzsonjq&dn=TC&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Tue, 25 Oct 2022 21:09:17 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Mon, 24 Oct 2022 21:09:16 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 24 Oct 2022 21:09:17 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 24 Oct 2022 21:09:17 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 24 Oct 2022 21:09:17 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!dpdfr~w!d44fzsonjq&lm=0&ts=1666645755392&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 24 Oct 2022 21:09:17 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2355
Expires: Mon, 24 Oct 2022 21:48:32 GMT
Date: Mon, 24 Oct 2022 21:09:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2355
Expires: Mon, 24 Oct 2022 21:48:32 GMT
Date: Mon, 24 Oct 2022 21:09:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3257320-582a-498d-9e0c-531ea65fbbe0.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3257320-582a-498d-9e0c-531ea65fbbe0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 772-513, spot sensor temperature 0.000000, unit celsius, color scheme 1, calibration: offset 0.000000, slope 241254190455726276608.000000\012- data
Hash 88436497b6fe5e22155afc45e9e8fe3e
5004575548d76d878a7f27bb3fc4a9a10e8f6909
304c2388dd96c82582d490cd473174b11eac53bf408a29ed78e23d77139ef243
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3257320-582a-498d-9e0c-531ea65fbbe0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13962
x-amzn-requestid: 84f8b505-da9d-421c-b00a-3d6407aac332
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelDQETqoAMFwxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b547-566c7abb12b09a565be85833;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: N-R8_VOQSIhikiT-qqPi0ABMoZnr234hdcdinyzBath9A8M6aUZ37A==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:54:05 GMT
age: 83712
etag: "5004575548d76d878a7f27bb3fc4a9a10e8f6909"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9983bdfe8dbe8386970aae586bb57575
4c5ff521fec700a1cda73325eebbeb88f97baa39
775d510a8d82ed993085e3d828c33b75eee99db2911b90d6151faf5c2e25b5d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9894
x-amzn-requestid: 8d639b03-49d2-411b-b0ca-39c5dafe21f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelOtF6YIAMF-4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b591-230070a06848d4d90ea4f6ef;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mYzFAcyUErnaOlGBX0ygFYZ4608EanLq5V4xzX7qCHQRGzkKwwWvHw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:14:18 GMT
age: 82499
etag: "4c5ff521fec700a1cda73325eebbeb88f97baa39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe87578f5-db38-4350-a6ac-22b0577d75a1.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe87578f5-db38-4350-a6ac-22b0577d75a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 548cc254725b085a0794f02585db37f6
69ebcb96188f5e3f6355aabecbe925e26ff00668
09906078ef781e283e939b86e3ee34665ed5df4524a9af4be26f7106a8cab836
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe87578f5-db38-4350-a6ac-22b0577d75a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7435
x-amzn-requestid: fd538694-534d-4938-bebc-1131c0bb7c62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB1HWdIAMFuSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-2f9210cb5a6a28a71b130497;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GFV2nCltq7Zg9MXGD96a5ajF-Kih-yNwv2rQC8Omlyla0UQ01TYkmw==
via: 1.1 58f9a50682bb94842197f3e957919c60.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:03:39 GMT
age: 83138
etag: "69ebcb96188f5e3f6355aabecbe925e26ff00668"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af3d4b4d16ad8b30805be96afa6472e3
bceb257123711c43994e5a03e9caf22eeee16423
30d7fea8d87522ce3ba2abf2c47e0025af1b7c05d6b4ea9f26aaa1f06aff4a67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10072
x-amzn-requestid: 2f26fcdb-0540-49ea-be46-83c00182fcc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB0FKvoAMFVFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-1be524647e3db4a211e4c4ff;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 28s2Fwd7CYJpmy57dsIok6owygvyqng_WwlfbKApRjznSlULtnSJqw==
via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:56:12 GMT
age: 83585
etag: "bceb257123711c43994e5a03e9caf22eeee16423"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F869ea046-6a24-4b66-a52f-bc9a678d7ebb.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F869ea046-6a24-4b66-a52f-bc9a678d7ebb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f174281da48e4a62aab93bcdc57d14a
8ee29d073b84530a30bb370838598115f1a65da8
0096edb7703f0bcea7e5c0d5b529482eceea9123f5f3b278f3f9012f87875f1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F869ea046-6a24-4b66-a52f-bc9a678d7ebb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8400
x-amzn-requestid: b1436934-5b97-4aa8-937a-78bce0b9181c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelN4GACoAMFYmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b58b-29da495d75578b3c20eb37ba;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:39 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EmusO-_70hMOdHGlmVAeiZI8nFPDJuJEsxtzTB4-j_8NDsIqwPVk_Q==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:54:06 GMT
age: 83711
etag: "8ee29d073b84530a30bb370838598115f1a65da8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e8ac15f-1a51-4bfe-ab4a-570fc480a976.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e8ac15f-1a51-4bfe-ab4a-570fc480a976.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f12f21779aa94b557db8037ceefd15b2
1698d8d0ff47fc4e6dd20d99ceae84cfcdd69e86
0d33ee5a721c2f940ff1e7d5fae9abba3781f6d37e458a36285718466ecdcd10
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e8ac15f-1a51-4bfe-ab4a-570fc480a976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4434
x-amzn-requestid: 41e95a27-2955-4224-8d2c-f12d1254cda7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB0EQboAMFmMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-5cb99b700c84c99c2d9e52d7;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OTe4NY6F7vvMR1vwdg53oUfynNgHOuyn9VPBf7ub1SqnXTgJRj8dXw==
via: 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:05:54 GMT
age: 83003
etag: "1698d8d0ff47fc4e6dd20d99ceae84cfcdd69e86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.brt.it/it/
104.18.37.220200 OK 0 B IP 104.18.37.220:0
GET /it/ HTTP/1.1
Host: www.brt.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20-199-19-234.cprapid.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 21:09:16 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400, s-maxage=200, must-revalidate
cms-200: TRUE
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.32
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cf-edge-cache: cache,platform=wordpress
link: <https://www.brt.it/it/it/>; rel=shortlink
vary: Accept-Encoding,User-Agent
last-modified: Fri, 21 Oct 2022 11:00:50 GMT
cf-cache-status: HIT
age: 295388
server: cloudflare
cf-ray: 75f5b14aee76b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
20-199-19-234.cprapid.com/dpd/program/layout/jquery-3.6.0.min.js
20.199.19.234200 OK 0 B URL HTTP/1.1 20-199-19-234.cprapid.com/dpd/program/layout/jquery-3.6.0.min.js
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Analyzer Verdict Alert fortinet Phishing
GET /dpd/program/layout/jquery-3.6.0.min.js HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/dpd/program/update.php?&return_url=9b8fc7114ee5d4e7ab629bc2dad7f21f&enrolmentID=f12f7dad2cb926ba7e4d5ee4117cf8b9?securessl=true
Cookie: PHPSESSID=03eec4e4389dc347d37f4b2199d38e3f
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 21:09:15 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 11:56:11 GMT
Accept-Ranges: bytes
Content-Length: 89501
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css?family=Titillium+Web:200,300,400,600,700,900
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Titillium+Web:200,300,400,600,700,900
IP 142.250.74.10:0
GET /css?family=Titillium+Web:200,300,400,600,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 24 Oct 2022 21:09:15 GMT
date: Mon, 24 Oct 2022 21:09:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/js/all.js
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.15.4/js/all.js
IP 172.64.133.15:0
GET /releases/v5.15.4/js/all.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 24 Oct 2022 21:09:15 GMT
content-type: application/javascript
x-amz-id-2: sBpdiKG5ayiaywzeO89zwsfPJ1saIR/O3iFGjxjIg9Va3bd1uUt/c5/M62MqHDtWXaSukqHbvSo=
x-amz-request-id: 3JGBH8MFK7WBVMY5
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"5e29440867fdb02a48dffded02338c31"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 27197334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSurbwIwjo%2B6xxhJzQF2WLHNOJ4q%2BuPO9EwcGyXDKUlw0NuZVgJAt98o9CqzU%2BRUo40uHSJTA%2FI%2BayfL5UXgxWc2hBeMukFHu7X%2BQHE15X%2B96uoNaMPP%2B4d97UW7eM%2Bvtww3HDkx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75f5b142ed1c88bf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.brt.it/flex/TemplatesUSR/assets/img/favicon/apple-touch-icon.png
104.18.37.220302 Found 0 B URL HTTP/2 www.brt.it/flex/TemplatesUSR/assets/img/favicon/apple-touch-icon.png
IP 104.18.37.220:0
GET /flex/TemplatesUSR/assets/img/favicon/apple-touch-icon.png HTTP/1.1
Host: www.brt.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 24 Oct 2022 21:09:16 GMT
content-type: text/html; charset=UTF-8
location: https://www.brt.it/it/
cache-control: max-age=0, no-cache, no-store, must-revalidate, no-cache, must-revalidate, max-age=0
pragma: no-cache, no-cache
expires: Thu, 01 Jan 1970 12:00:00 GMT, Wed, 11 Jan 1984 05:00:00 GMT
cms-fix-loop: True
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.32
cf-edge-cache: cache,platform=wordpress
x-redirect-by: WordPress
vary: User-Agent, Accept-Encoding
cf-cache-status: BYPASS
set-cookie: INGRESSCOOKIE=63ec23545277745c866d5fd0723d57b9; Path=/; HttpOnly
PHPSESSID=0788fc8acb19282084b98264e385cd5e; path=/; secure; HttpOnly
dpd-connect-generic-redirect=https%3A%2F%2Fwww.brt.it%2Fflex%2FTemplatesUSR%2Fassets%2Fimg%2Ffavicon%2Fapple-touch-icon.png; expires=Tue, 25-Oct-2022 23:09:16 GMT; Max-Age=93600; path=/; secure
ROUTEID=.4; path=/
server: cloudflare
cf-ray: 75f5b146e9e2b509-OSL
X-Firefox-Spdy: h2
www.brt.it/flex/TemplatesUSR/assets/img/favicon/favicon.ico
104.18.37.220302 Found 0 B URL HTTP/2 www.brt.it/flex/TemplatesUSR/assets/img/favicon/favicon.ico
IP 104.18.37.220:0
GET /flex/TemplatesUSR/assets/img/favicon/favicon.ico HTTP/1.1
Host: www.brt.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 24 Oct 2022 21:09:16 GMT
content-type: text/html; charset=UTF-8
location: https://www.brt.it/it/
cache-control: max-age=0, no-cache, no-store, must-revalidate, no-cache, must-revalidate, max-age=0
pragma: no-cache, no-cache
expires: Thu, 01 Jan 1970 12:00:00 GMT, Wed, 11 Jan 1984 05:00:00 GMT
cms-fix-loop: True
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.32
cf-edge-cache: cache,platform=wordpress
x-redirect-by: WordPress
vary: User-Agent, Accept-Encoding
cf-cache-status: BYPASS
set-cookie: INGRESSCOOKIE=eb221ac6f1e9baf57f4d37befcdc60b9; Path=/; HttpOnly
PHPSESSID=f1f91011889759df67f130d2df1a2e53; path=/; secure; HttpOnly
dpd-connect-generic-redirect=https%3A%2F%2Fwww.brt.it%2Fflex%2FTemplatesUSR%2Fassets%2Fimg%2Ffavicon%2Ffavicon.ico; expires=Tue, 25-Oct-2022 23:09:16 GMT; Max-Age=93600; path=/; secure
ROUTEID=.3; path=/
server: cloudflare
cf-ray: 75f5b146d9c3b509-OSL
X-Firefox-Spdy: h2