| www.hotelnumi.it/00/ | 193.70.57.51 | 301 Moved Permanently | 162 B |
IP193.70.57.51:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /00/ HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 16 Sep 2022 12:35:49 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.hotelnumi.it/00/
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.115 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash99b7d23c1748d0526782b9ff9ea45f09 eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 16 Sep 2022 12:10:48 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gFqmAqnCqAdKPii1qpxGXlmbECFIArdh430-ytKz8f8Ll49dZrmn4Q==
Age: 1501
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash96daaf84cd2c07756756caf7a2724a29 d24d47c68eec98d44bf341dab9d893df97103e1a fef9ce9f75ec19e7ae2ccbffb6654db2473a2b4acc94c1b4303e5ec24149465f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FEF9CE9F75EC19E7AE2CCBFFB6654DB2473A2B4ACC94C1B4303E5EC24149465F"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3138
Expires: Fri, 16 Sep 2022 13:28:07 GMT
Date: Fri, 16 Sep 2022 12:35:49 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.35 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.35:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: f4xpdnoGrEumePf_0bZV2KXTHDsKuZBIMglMhQShHDIpf5BaqpIR6Q==
age: 28834
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe9e822af90a9efdce86f208f6c3da2be fe9e987c5f4b680cada3b723083ab94136a858a6 fb50ecdad14cfe7f509f34933a8dd558e1e0bb7256b16dedd9059175267d20c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB50ECDAD14CFE7F509F34933A8DD558E1E0BB7256B16DEDD9059175267D20C3"
Last-Modified: Fri, 16 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 16 Sep 2022 18:35:50 GMT
Date: Fri, 16 Sep 2022 12:35:50 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.115 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 16 Sep 2022 12:03:22 GMT
Cache-Control: max-age=3600
Expires: Fri, 16 Sep 2022 12:48:26 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pD2tz3Fj4X_OrYEQ1b7R3uX15O9mt9tV6QJ_FEqTPnB3JSTAFvvDoQ==
Age: 1948
|
|
| www.hotelnumi.it/00/Lib/img/locked_24_tertiary.png | 193.70.57.51 | 200 OK | 351 B |
URL HTTP/2www.hotelnumi.it/00/Lib/img/locked_24_tertiary.png IP193.70.57.51:0
File typePNG image data, 12 x 15, 8-bit/color RGBA, non-interlaced\012- data Hash27e87471032425ed8bb873d9c43b52b1 df078567410e8ef2157f123cfe6aecca44fa671c 539663d83d4d2e55bca59ded8aefef25111691bc9795d5c0c1d13b142795cf6e
GET /00/Lib/img/locked_24_tertiary.png HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hotelnumi.it/00/
Cookie: PHPSESSID=4nekmjnjchv0ifmll1q971ic1e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: image/png
content-length: 351
x-accel-version: 0.01
last-modified: Fri, 12 Feb 2021 13:26:02 GMT
etag: "15f-5bb2393d4ce80"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| www.hotelnumi.it/00/Lib/img/sb_logo.png | 193.70.57.51 | 200 OK | 6.9 kB |
URL HTTP/2www.hotelnumi.it/00/Lib/img/sb_logo.png IP193.70.57.51:0
File typePNG image data, 116 x 134, 8-bit colormap, non-interlaced\012- data Hash3577140395dbe02972a42a09126ca0f9 7e2fa7ef7cb1c6ed6e207cc0720adbcdb37ab36c 5e03e8a2ea184c5c68a1d0e1446b7ea7c57d60a4d18400267136ff423ac9633e
GET /00/Lib/img/sb_logo.png HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hotelnumi.it/00/
Cookie: PHPSESSID=4nekmjnjchv0ifmll1q971ic1e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: image/png
content-length: 6899
last-modified: Fri, 12 Feb 2021 13:26:06 GMT
etag: "602681ee-1af3"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.hotelnumi.it/00/Lib/img/icn_shield_with_lock_42.png | 193.70.57.51 | 200 OK | 1.8 kB |
URL HTTP/2www.hotelnumi.it/00/Lib/img/icn_shield_with_lock_42.png IP193.70.57.51:0
File typePNG image data, 40 x 46, 8-bit/color RGBA, non-interlaced\012- data Hash9086b591bec33c717add2ca6426ebfd9 b02a92dbad43db29c1fe134c7f3c4bd9ff69818a 61d18c253909a2759193f36bd4f4757a47d5de7be38c7a0052947453daec6282
GET /00/Lib/img/icn_shield_with_lock_42.png HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hotelnumi.it/00/
Cookie: PHPSESSID=4nekmjnjchv0ifmll1q971ic1e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: image/png
content-length: 1759
last-modified: Fri, 12 Feb 2021 13:25:58 GMT
etag: "602681e6-6df"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.hotelnumi.it/00/Lib/img/icn_register_28.png | 193.70.57.51 | 200 OK | 611 B |
URL HTTP/2www.hotelnumi.it/00/Lib/img/icn_register_28.png IP193.70.57.51:0
File typePNG image data, 26 x 24, 8-bit/color RGBA, non-interlaced\012- data Hash5509313ad16b8d05f851890a70fdf573 e9ef6ab5d091dad22ba02d5b92c62fe02c410a05 b7b76d870a0a9617e0f6126f9c78b7d35733c13d67bd7df584515e8b32594f18
GET /00/Lib/img/icn_register_28.png HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hotelnumi.it/00/
Cookie: PHPSESSID=4nekmjnjchv0ifmll1q971ic1e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: image/png
content-length: 611
x-accel-version: 0.01
last-modified: Fri, 12 Feb 2021 13:25:54 GMT
etag: "263-5bb23935abc80"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| www.hotelnumi.it/00/Lib/img/PlayBadge.png | 193.70.57.51 | 200 OK | 3.9 kB |
URL HTTP/2www.hotelnumi.it/00/Lib/img/PlayBadge.png IP193.70.57.51:0
File typePNG image data, 116 x 29, 8-bit/color RGBA, non-interlaced\012- data Hash3d34b119e42d33707ef6daaba40f3ec8 0b264bd3477dc93304def2d1847aaed6aada24ee 57f6f21b2fe8bc0c67e9ff4350c825de7a3cc8b3259253828d12d396d616aefd
GET /00/Lib/img/PlayBadge.png HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hotelnumi.it/00/
Cookie: PHPSESSID=4nekmjnjchv0ifmll1q971ic1e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: image/png
content-length: 3877
last-modified: Fri, 12 Feb 2021 13:25:46 GMT
etag: "602681da-f25"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.hotelnumi.it/00/Lib/img/login-email.png | 193.70.57.51 | 200 OK | 1.2 kB |
URL HTTP/2www.hotelnumi.it/00/Lib/img/login-email.png IP193.70.57.51:0
File typePNG image data, 36 x 35, 8-bit/color RGBA, interlaced\012- data Hash19dcee6768ba4fc80c32f53962a5d587 a94426111dc2305811a71b47b326fdcb7fdbe0ee 2450014250927af73636e00dd54036fbd745d5169435ed779b0bcb675258361f
GET /00/Lib/img/login-email.png HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hotelnumi.it/00/
Cookie: PHPSESSID=4nekmjnjchv0ifmll1q971ic1e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: image/png
content-length: 1150
last-modified: Fri, 12 Feb 2021 13:25:50 GMT
etag: "602681de-47e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.hotelnumi.it/00/Lib/img/icon_south_africa_white.png | 193.70.57.51 | 200 OK | 850 B |
URL HTTP/2www.hotelnumi.it/00/Lib/img/icon_south_africa_white.png IP193.70.57.51:0
File typePNG image data, 26 x 22, 8-bit/color RGBA, non-interlaced\012- data Hashc127d3145cf161974bc5b86ecf705c6b 3ee94a38c70107611168f5c7570fa6be89157736 659ec5c9f365d3e03d205766dcf6103fdb716dae3e99d8742d33f1e31eb37b2d
GET /00/Lib/img/icon_south_africa_white.png HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hotelnumi.it/00/
Cookie: PHPSESSID=4nekmjnjchv0ifmll1q971ic1e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: image/png
content-length: 850
x-accel-version: 0.01
last-modified: Tue, 09 Feb 2021 05:52:48 GMT
etag: "352-5bae0e56b2c00"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash3db421016cf0e3ad25f324cf0faf0fac b15909de1105d4d2fb5be5b3920c454daf022445 914b15f28636e0a5e851540ffb0625ecd09d0546b2f1f7af90b267ceebcf1d5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 469
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 12:35:50 GMT
Last-Modified: Fri, 16 Sep 2022 12:28:01 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
|
|
| www.hotelnumi.it/00/Lib/img/appStoreBadge.png | 193.70.57.51 | 200 OK | 4.3 kB |
URL HTTP/2www.hotelnumi.it/00/Lib/img/appStoreBadge.png IP193.70.57.51:0
File typePNG image data, 114 x 30, 8-bit/color RGBA, non-interlaced\012- data Hash6afb7ed9607190cc3a412f88914d1d98 3bbfebacfbe2f29c139f41a36cff1f565143f294 287794a8f89b9a10b699cf3c625e0f4847b0989018675fdb55c7182003a13dc0
GET /00/Lib/img/appStoreBadge.png HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hotelnumi.it/00/
Cookie: PHPSESSID=4nekmjnjchv0ifmll1q971ic1e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: image/png
content-length: 4290
last-modified: Fri, 12 Feb 2021 13:25:42 GMT
etag: "602681d6-10c2"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.hotelnumi.it/00/Lib/img/icon_global_white.png | 193.70.57.51 | 200 OK | 1.1 kB |
URL HTTP/2www.hotelnumi.it/00/Lib/img/icon_global_white.png IP193.70.57.51:0
File typePNG image data, 26 x 24, 8-bit/color RGBA, non-interlaced\012- data Hashfa84956901e030193422bde03f7c7c26 2084f5489d4897356ba4569004d214f35b560cbd a98db87f78fe65c1c150fe8eddba301a4040bec74b19304bcad6405dbc323d9d
GET /00/Lib/img/icon_global_white.png HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hotelnumi.it/00/
Cookie: PHPSESSID=4nekmjnjchv0ifmll1q971ic1e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: image/png
content-length: 1090
last-modified: Tue, 09 Feb 2021 05:52:48 GMT
etag: "60222330-442"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.hotelnumi.it/00/Lib/img/icon_email_white.png | 193.70.57.51 | 200 OK | 795 B |
URL HTTP/2www.hotelnumi.it/00/Lib/img/icon_email_white.png IP193.70.57.51:0
File typePNG image data, 26 x 17, 8-bit/color RGBA, non-interlaced\012- data Hash6070e3ce9cbf09cc71464b833fc9521c 3168a304ee9052834f3595ac31170cc0b61d4bc3 2daf53b1d65351e31f6c8513731bec5ecd65fd1c072d8ddd5521e35cc31a73de
GET /00/Lib/img/icon_email_white.png HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hotelnumi.it/00/
Cookie: PHPSESSID=4nekmjnjchv0ifmll1q971ic1e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: image/png
content-length: 795
x-accel-version: 0.01
last-modified: Tue, 09 Feb 2021 05:52:48 GMT
etag: "31b-5bae0e56b2c00"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| www.hotelnumi.it/00/Lib/stylesheets/css/app.min.css | 193.70.57.51 | 200 OK | 17 kB |
URL HTTP/2www.hotelnumi.it/00/Lib/stylesheets/css/app.min.css IP193.70.57.51:0
File typeASCII text, with very long lines (65206), with CRLF line terminators Hashce27cb81855d7bd769b3543b20fe6cbd bb727e323fc0b258e599ce38772b2e09f3dc656f 5c7ee330f195ad5a389402a872a2160cfd8250699c0d6969314b688198cbda69
GET /00/Lib/stylesheets/css/app.min.css HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hotelnumi.it/00/
Cookie: PHPSESSID=4nekmjnjchv0ifmll1q971ic1e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: text/css
last-modified: Tue, 22 Jun 2021 07:25:58 GMT
etag: W/"60d19086-10af0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.hotelnumi.it/00/Lib/stylesheets/css/app.min-blessed40.css?z=1612885494473 | 193.70.57.51 | 200 OK | 52 kB |
URL HTTP/2www.hotelnumi.it/00/Lib/stylesheets/css/app.min-blessed40.css?z=1612885494473 IP193.70.57.51:0
File typeASCII text, with very long lines (53215), with CRLF line terminators Hash15065c5503c72059695fec3143b10e9a 7bb0dd2b2164d0c909470da64064ec970133bdd4 af9aa2b69d0d5244d4e305ab38a7c9d655d6818d25010c54dd9201bb20195d94
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /00/Lib/stylesheets/css/app.min-blessed40.css?z=1612885494473 HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hotelnumi.it/00/Lib/stylesheets/css/app.min.css
Cookie: PHPSESSID=4nekmjnjchv0ifmll1q971ic1e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: text/css
last-modified: Fri, 12 Feb 2021 15:30:16 GMT
etag: W/"60269f08-51150"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.hotelnumi.it/00/Lib/img/favicon.ico | 193.70.57.51 | 200 OK | 6.4 kB |
URL HTTP/2www.hotelnumi.it/00/Lib/img/favicon.ico IP193.70.57.51:0
File typePNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data Hash57fa24bf8aa987f75d34d08edeeee583 f5a1c0ae56994f310afe6aaf6053b35f328025aa e63e4818edbc63a849b1f1733278136eb041951fba85f76975d77f71c9e12132
GET /00/Lib/img/favicon.ico HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hotelnumi.it/00/
Cookie: PHPSESSID=4nekmjnjchv0ifmll1q971ic1e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: image/vnd.microsoft.icon
content-length: 6398
last-modified: Tue, 09 Feb 2021 05:52:48 GMT
etag: "60222330-18fe"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 35.162.203.49 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.162.203.49:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3HU8+7BCKIDr+7dJZocm2g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VcEk8aa39XPOhhMvnOn6EZzRSyY=
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4abe181b1d086cd7e122d7de32f63fb6 e3482d4df0d59c247109ff7fb97f20ec6f142c4d 63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8526
Expires: Fri, 16 Sep 2022 14:57:58 GMT
Date: Fri, 16 Sep 2022 12:35:52 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4abe181b1d086cd7e122d7de32f63fb6 e3482d4df0d59c247109ff7fb97f20ec6f142c4d 63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8526
Expires: Fri, 16 Sep 2022 14:57:58 GMT
Date: Fri, 16 Sep 2022 12:35:52 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4abe181b1d086cd7e122d7de32f63fb6 e3482d4df0d59c247109ff7fb97f20ec6f142c4d 63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8526
Expires: Fri, 16 Sep 2022 14:57:58 GMT
Date: Fri, 16 Sep 2022 12:35:52 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4abe181b1d086cd7e122d7de32f63fb6 e3482d4df0d59c247109ff7fb97f20ec6f142c4d 63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8526
Expires: Fri, 16 Sep 2022 14:57:58 GMT
Date: Fri, 16 Sep 2022 12:35:52 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032fbd06-806d-41e6-9160-3fdf480555ac.webp | 34.120.237.76 | 200 OK | 9.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032fbd06-806d-41e6-9160-3fdf480555ac.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd242ded8ac40a1eb617303256d5f34eb afbe7dae2d65763a004b5bddc697131762da7bf2 b4b08292f36acfca7df3710c29c184c5ff18592e6383eddc5582d302184fce59
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032fbd06-806d-41e6-9160-3fdf480555ac.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9256
x-amzn-requestid: 19e81e48-6501-4938-906c-60aa7acdb33a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhUj5EE5oAMFvwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239ae5-3031e84f158e1ad94da4875b;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:36:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7sWzfcxt9YWCOnMbanWOiZhhv5DXzHDq8vBqd1AhMfxewBBS0ZtidA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:48 GMT
age: 53404
etag: "afbe7dae2d65763a004b5bddc697131762da7bf2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf876cdc19dca10c62d83d19303512c7f 9f812c7bc1b42b0cea3e42694e7d1f6738789770 c647aac44ba9eb501eb7def781ca0168b4eb71a716283cc6f4e6782939a396cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12123
x-amzn-requestid: 2beedee9-cf7e-47d6-ac4d-3ca9251aa565
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfSWEFAZoAMFd6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322ca8d-37688e4a23c3234a25becf57;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 06:47:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: H2ySDtSQZtsrCA99y1a2_fLQcRI8hvN_nvA9U_V_iCm6c3cq3DigXQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:11:59 GMT
age: 51833
etag: "9f812c7bc1b42b0cea3e42694e7d1f6738789770"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg | 34.120.237.76 | 200 OK | 9.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe6d17788c7d2a1a91e68eff48df14bd1 8e1090346d90bc69e7a95384e6a7a01154e31567 1e1eefa02e4c55e73be87a309ad5c2335856125cb678cff6ebc42c5ff73a0e2b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9904
x-amzn-requestid: a23cb4b3-db6e-48ae-90b1-3ecf6478bf52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDpH_CIAMFl4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb0-15869210609a18587467d1e2;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:00 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RbKcO0CPRsex8VWdIVqctamGyJ7D1PHD04ry2wbrcDPDYL0Yy5vPPQ==
via: 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:50:35 GMT
etag: "8e1090346d90bc69e7a95384e6a7a01154e31567"
content-type: image/jpeg
age: 53117
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png | 34.120.237.76 | 200 OK | 14 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash512280055633fcce9abc7d11a9816a24 de5c3e010fca76659455a144875a52c25fa72bdd 435eadb36830928b20d4cf8ead62134b75bd0ed3228489d9fdee66450bcbeaed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13536
x-amzn-requestid: 5533b257-1558-472b-aeb9-8207a78e1110
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDzFa4IAMF9Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb1-05d0dfde7a488ed97d2a40d5;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JAzbRqinDuqQuQoESEsL26c1Y1UTQ5tO1thL3ugE6LPQtNTWGaGTLg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:48:32 GMT
age: 53240
etag: "de5c3e010fca76659455a144875a52c25fa72bdd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png | 34.120.237.76 | 200 OK | 8.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb7d4ee58e0f26ec6817dbab72aa7db6d b6e634ef27eba9da38c6472565e0fdca6898e4f0 07db05a6ee70a699164ad55da47bfca58e6639956e256d902cbe0388cd7995c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8435
x-amzn-requestid: f6efd924-4f54-41a6-8771-087803b5b8ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhU0-EJaoAMFvtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b52-37c21ee857fe27d104b70337;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:38:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rgjwYJ-ZzVF3bv7pl1l8TN8EAoENIcaSAXJU_YhFOSNRCzrCuPuKbQ==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:44:10 GMT
age: 53502
etag: "b6e634ef27eba9da38c6472565e0fdca6898e4f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashda1bd18c37b83b0ef4641036dc208eec abb5c719ec9341c6d4146297a2a1eca171df9c81 0085a66912a814c619a1257545d36610c7109ba32f1b097176102d3d3db2c8d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12425
x-amzn-requestid: 96b5f0d2-1327-4180-9d48-f915630c3de2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDqHyooAMFqyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb0-7d89d2d7024f6a821a62c948;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1Y5uBMPJvxTDKGnc5Q0lzKZXDv4lwTByGDO8eRIwgauut0yfJz-8Lg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:50:35 GMT
age: 53117
etag: "abb5c719ec9341c6d4146297a2a1eca171df9c81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.hotelnumi.it/00/ | 193.70.57.51 | 200 OK | 0 B |
IP193.70.57.51:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /00/ HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=4nekmjnjchv0ifmll1q971ic1e; path=/
x-powered-by: PHP/7.3.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.hotelnumi.it/00/Lib/stylesheets/css/app.min-blessed49.css?z=1612885494473 | 193.70.57.51 | 200 OK | 0 B |
URL HTTP/2www.hotelnumi.it/00/Lib/stylesheets/css/app.min-blessed49.css?z=1612885494473 IP193.70.57.51:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /00/Lib/stylesheets/css/app.min-blessed49.css?z=1612885494473 HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hotelnumi.it/00/Lib/stylesheets/css/app.min.css
Cookie: PHPSESSID=4nekmjnjchv0ifmll1q971ic1e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: text/css
last-modified: Fri, 12 Feb 2021 14:48:40 GMT
etag: W/"60269548-4bd2a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.hotelnumi.it/00/Lib/stylesheets/css/app.min-blessed45.css?z=1612885494473 | 193.70.57.51 | 200 OK | 0 B |
URL HTTP/2www.hotelnumi.it/00/Lib/stylesheets/css/app.min-blessed45.css?z=1612885494473 IP193.70.57.51:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /00/Lib/stylesheets/css/app.min-blessed45.css?z=1612885494473 HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hotelnumi.it/00/Lib/stylesheets/css/app.min.css
Cookie: PHPSESSID=4nekmjnjchv0ifmll1q971ic1e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: text/css
last-modified: Fri, 12 Feb 2021 09:51:08 GMT
etag: W/"60264f8c-6a329"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.hotelnumi.it/00/Lib/stylesheets/css/app.min-blessed44.css?z=1612885494473 | 193.70.57.51 | 200 OK | 0 B |
URL HTTP/2www.hotelnumi.it/00/Lib/stylesheets/css/app.min-blessed44.css?z=1612885494473 IP193.70.57.51:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /00/Lib/stylesheets/css/app.min-blessed44.css?z=1612885494473 HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hotelnumi.it/00/Lib/stylesheets/css/app.min.css
Cookie: PHPSESSID=4nekmjnjchv0ifmll1q971ic1e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: text/css
last-modified: Fri, 12 Feb 2021 09:51:08 GMT
etag: W/"60264f8c-19f76"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.hotelnumi.it/00/Lib/stylesheets/css/app.min-blessed41.css?z=1612885494473 | 193.70.57.51 | 200 OK | 0 B |
URL HTTP/2www.hotelnumi.it/00/Lib/stylesheets/css/app.min-blessed41.css?z=1612885494473 IP193.70.57.51:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /00/Lib/stylesheets/css/app.min-blessed41.css?z=1612885494473 HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hotelnumi.it/00/Lib/stylesheets/css/app.min.css
Cookie: PHPSESSID=4nekmjnjchv0ifmll1q971ic1e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: text/css
last-modified: Tue, 22 Jun 2021 07:28:30 GMT
etag: W/"60d1911e-3bf45"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.hotelnumi.it/00/Lib/stylesheets/css/app.min-blessed39.css?z=1612885494473 | 193.70.57.51 | 200 OK | 0 B |
URL HTTP/2www.hotelnumi.it/00/Lib/stylesheets/css/app.min-blessed39.css?z=1612885494473 IP193.70.57.51:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /00/Lib/stylesheets/css/app.min-blessed39.css?z=1612885494473 HTTP/1.1
Host: www.hotelnumi.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hotelnumi.it/00/Lib/stylesheets/css/app.min.css
Cookie: PHPSESSID=4nekmjnjchv0ifmll1q971ic1e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 12:35:50 GMT
content-type: text/css
last-modified: Tue, 22 Jun 2021 07:24:58 GMT
etag: W/"60d1904a-3dcbc"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|