cntr.click/3WmR4vk
302 Found 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /3WmR4vk HTTP/1.1
Host: cntr.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 15 Sep 2022 09:09:30 GMT
Server: Apache
Location: https://www.linkclickcounter.com/url_redirect.php?c=3WmR4vk
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 08:10:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SghUbw9u8_tS4Vev6GLiRrZZORhO6MaTHWy2PrPYlsl4bnFpVghbCg==
Age: 3548
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6631
Expires: Thu, 15 Sep 2022 11:00:01 GMT
Date: Thu, 15 Sep 2022 09:09:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: O8jXlgEEzwHKDR8Fd6-TpQfQ1fxGhpF1VVM6ghOQGOWOmlyqV2wDaA==
age: 16455
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
inmu.wicapaha-ogle.com/aff_c?offer_id=1802&aff_id=1753&source=5234&aff_sub5=56916&file_id=13320&url_id=13386
302 Found 320 B URL HTTP/1.1 inmu.wicapaha-ogle.com/aff_c?offer_id=1802&aff_id=1753&source=5234&aff_sub5=56916&file_id=13320&url_id=13386
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d2a7ca5243eea58cbc86b7d0a8810210
8c109bc75bfde2c770613b81e91af750431d3aed
0a0683675d7c8a35b6410edda5e52832ffab822ae3e3474a32338a9ac20021ed
GET /aff_c?offer_id=1802&aff_id=1753&source=5234&aff_sub5=56916&file_id=13320&url_id=13386 HTTP/1.1
Host: inmu.wicapaha-ogle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 15 Sep 2022 09:09:31 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 320
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://inmu.wicapaha-ogle.com/aff_c?offer_id=1802&aff_id=1753&source=5234&aff_sub5=56916&file_id=13320&url_id=13386
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_1802=13386; expires=Fri, 16 Sep 2022 09:09:31 GMT; path=/; SameSite=None; Secure
Access-Control-Allow-Origin: *
X-Request-Id: bc23e17eab4bba893de02e6580696816
Access-Control-Allow-Headers: Tune-SDK-Version
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 15 Sep 2022 09:03:22 GMT
Cache-Control: max-age=3600
Expires: Thu, 15 Sep 2022 09:56:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LH_K_8GTk6xjyRcjGvVhLIELjH8yVZUUrvOstFtOGvmgxxmhKlPh2A==
Age: 369
ocsp.digicert.com/
200 OK 471 B IP
Hash d597af1ab2f21a983bf0f0d105b94209
9d5dd938777abde094c89066b539141a02106b88
a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1355
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 09:09:31 GMT
Last-Modified: Thu, 15 Sep 2022 08:46:56 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash bea0aa73e076802e848d467b79dbe838
b1d9f29aeb0d6f11a90d9c862448a2cd140f2fa9
327bb266f760f7564b1fbea2ee96cbc1197e030e347cd23ef5b6a8df90fce22e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 09:09:31 GMT
Server: ECS (dcb/7FA4)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hs_2yxu5E32ztoEDbuW2QvJuxhoX9cpaJBWzamwJ_pVWNk8Dsy-Tmg==
inmu.wicapaha-ogle.com/aff_c?offer_id=1802&aff_id=1753&source=5234&aff_sub5=56916&file_id=13320&url_id=13386
302 Found 362 B URL HTTP/1.1 inmu.wicapaha-ogle.com/aff_c?offer_id=1802&aff_id=1753&source=5234&aff_sub5=56916&file_id=13320&url_id=13386
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4c2766957a12e48425e3f48f1cf8c580
9b07a4784dae9b356dac3ea065fc0b94b66121e8
2fcf4178e101777d7ad789f7a8ed33ebb4b251f7f38919b1d353e9416dd18c32
GET /aff_c?offer_id=1802&aff_id=1753&source=5234&aff_sub5=56916&file_id=13320&url_id=13386 HTTP/1.1
Host: inmu.wicapaha-ogle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 15 Sep 2022 09:09:31 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 362
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_1802=13386; expires=Fri, 16 Sep 2022 09:09:31 GMT; path=/; SameSite=None; Secure
enc_aff_session_1802=ENC03ca60741be40eaa794185116472270ad63c9668bb719af757408b3a276ddbc00224a7699dc2d776cf50b5dc4c801de669b3daec4dbc50bb91f914980b7ecedaa0fac78e962dfe15f913f504a12ccc15ae95cadfdfb3b3edb8314ffed8b67b9b7cf03cb3ded817941437f2131355e36c68cffa4a5604cc4419dd4d29b91dc3b96e06bb7118; expires=Sat, 15 Oct 2022 09:09:31 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Ni4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IFg4Nl82NDsgUnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiYWNjZXB0X2xhbmd1YWdlIjoiZW4tVVMsZW47cT0wLjUiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Sat, 09 Aug 2025 19:49:31 GMT; path=/; SameSite=None; Secure
Tracking_id: 102542dbeaee2f6a90db0475e5d6e5
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 8120eb708828cbb24bba5d02669281d1
Access-Control-Allow-Headers: Tune-SDK-Version
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lZ+q8vo5hN8N1qX9K3D1DA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lbTi4I433CDR2ldew4qQeAPuyDs=
cdnjs.cloudflare.com/ajax/libs/waypoints/2.0.3/waypoints.min.js
200 OK 2.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/waypoints/2.0.3/waypoints.min.js
IP
File type ASCII text, with very long lines (7808)
Hash 521afa5e7cc1b103eacd7a171bd300d7
ea8a27e63d0fc93b65723cd23f42ca8e96397bdc
7b9a0c63baa09a2f5a23232ad1006bb4e088a56c7bbe48ce02300247a289fca8
GET /ajax/libs/waypoints/2.0.3/waypoints.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 2331
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0402f-1f6c"
last-modified: Mon, 04 May 2020 16:17:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9731662
expires: Tue, 05 Sep 2023 09:09:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDO9h2w89l0379BFrpAQXLdharRC8e7ikrZiE3HMMX8RxvHp%2FGu6HHB691y%2BuVaJth7AvXkWU3l9f29Db7eAeWWNvO41TRuJdGTNZULrkC1z28COMZjUZrvlLNAPfoVGD%2Bfu1t%2F2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74b0395c3b4db527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ed97a4b82680caefc4ffdebf786e12fc
a638a68f346844709bac57a92bf3d2c28043165e
b81ed44963f5d8b54c62e7fe18db301d3c8eeaf8fbbfb099270562156e12fdc9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 09:09:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?hl=it&ver=6.0.2
200 OK 554 B URL HTTP/2 www.google.com/recaptcha/api.js?hl=it&ver=6.0.2
IP
File type ASCII text, with very long lines (850), with no line terminators
Hash a797b85af2f6d3de432b948988a5d362
28f4e9611ac8b9a43b26865bcfe774153cad6543
e1d623d5a41e28c87af3f4c2af30c83ff5b0900e5db6eb316f5e0dfa9954d61b
GET /recaptcha/api.js?hl=it&ver=6.0.2 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 15 Sep 2022 09:09:32 GMT
date: Thu, 15 Sep 2022 09:09:32 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 39aa25d8411997d98f9093c19b0ccbca
3cb31e92d707cd561897042ed1a09de5a79e7108
f1b7b71241b580ec34281f5addc49d716eac9ecc46a3217e646c76e6dc8d4578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 09:09:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ginospa.com/wp-content/themes/ginospa2016/dist/images/logo/1x/logo-gino-spa.png
200 OK 10 kB URL HTTP/2 www.ginospa.com/wp-content/themes/ginospa2016/dist/images/logo/1x/logo-gino-spa.png
IP
File type PNG image data, 140 x 65, 8-bit/color RGBA, non-interlaced\012- data
Hash 529dbb00e916686c09bceac792efe578
e22f1bf266b58272c9d529815e6dca7b305a7f9e
39c1010dbecfefebcf56b96c687e51588cac2e658b17cbf1875ad6010329b771
GET /wp-content/themes/ginospa2016/dist/images/logo/1x/logo-gino-spa.png HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: image/png
content-length: 10525
last-modified: Tue, 03 May 2022 13:35:40 GMT
etag: "62712fac-291d"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ginospa.com/wp-content/themes/ginospa2016/dist/images/logo/logo-gino.png
200 OK 19 kB URL HTTP/2 www.ginospa.com/wp-content/themes/ginospa2016/dist/images/logo/logo-gino.png
IP
File type PNG image data, 150 x 150, 8-bit/color RGBA, interlaced\012- data
Hash 6c4d6e084a0b00969106be730fba8d3f
d975bc1371b98df4a51752bf1efe80e1fd41389d
9b12b6b30023227aa6702a2465c56c36d25a4f5092cbd4a4ef50ecd2aad14edd
GET /wp-content/themes/ginospa2016/dist/images/logo/logo-gino.png HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: image/png
content-length: 19256
last-modified: Tue, 06 Sep 2022 15:54:00 GMT
etag: "63176d18-4b38"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ginospa.com/wp-content/themes/ginospa2016/dist/images/content/top-dealers-logo.png
200 OK 4.7 kB URL HTTP/2 www.ginospa.com/wp-content/themes/ginospa2016/dist/images/content/top-dealers-logo.png
IP
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash e9fa7a27cf4cf7d2254c2b06a1095196
2ccfbf3ca29fc49de3486ddeb4260da59cb17f03
a748bb98a184ce440e36f1ed8a819768a6968632add770b635e777549acd867e
GET /wp-content/themes/ginospa2016/dist/images/content/top-dealers-logo.png HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: image/png
content-length: 4693
last-modified: Tue, 06 Sep 2022 15:54:00 GMT
etag: "63176d18-1255"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ginospa.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.6
200 OK 13 kB URL HTTP/2 www.ginospa.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.6
IP
File type ASCII text, with very long lines (44300), with no line terminators
Hash 4d1f860ce6bbc86e7269906ebf4c8471
774f9d228a83fea963f657adcdfc7bd67ce577fd
1d2693b0faf2402df6d40e23cc3692160c9b7f0200c68240a50ec21fc4d236dc
GET /wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.6 HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: application/javascript
last-modified: Sun, 28 Aug 2022 22:23:23 GMT
vary: Accept-Encoding
etag: W/"630beadb-ad0c"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.ginospa.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
200 OK 2.0 kB URL HTTP/2 www.ginospa.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP
File type ASCII text, with very long lines (4875)
Hash 9a5a1ffb39b11bd795935974c00aa565
3affcc208f47208c50e0b58b8eb683c28861d4b1
c913524394fe44b5353bce8100ce22256ffe01a41b6b6eea6ee59c3dc8fbd773
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 06:36:37 GMT
vary: Accept-Encoding
etag: W/"628f1ff5-132e"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 10d051ee571c9961a75cc69896f015d9
fa0bac081ed046428c8b9ca173c8de02d4e4ee73
1118675f459294954b08635e5871b0a46a49c0640caac5f5eb2a38474a6c2bb2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1118675F459294954B08635E5871B0A46A49C0640CAAC5F5EB2A38474A6C2BB2"
Last-Modified: Wed, 14 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8831
Expires: Thu, 15 Sep 2022 11:36:43 GMT
Date: Thu, 15 Sep 2022 09:09:32 GMT
Connection: keep-alive
www.ginospa.com/wp-content/themes/ginospa2016/dist/images/content/menu-icon-formule.png
200 OK 1.1 kB URL HTTP/2 www.ginospa.com/wp-content/themes/ginospa2016/dist/images/content/menu-icon-formule.png
IP
File type PNG image data, 26 x 21, 8-bit colormap, non-interlaced\012- data
Hash 1babefec46c351b909d7f6424f7f9a62
77d1dcd6ff2b695863c9c643f52cfb46a192abdb
3013526a414cdd870ee4ff3ab128430e63abb442b191a96f729f7baba5fc57dc
GET /wp-content/themes/ginospa2016/dist/images/content/menu-icon-formule.png HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/wp-content/themes/ginospa2016/dist/styles/main-a11350d929.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: image/png
content-length: 1117
last-modified: Tue, 06 Sep 2022 15:53:59 GMT
etag: "63176d17-45d"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ginospa.com/wp-content/themes/ginospa2016/dist/images/content/menu-icon-shop.png
200 OK 502 B URL HTTP/2 www.ginospa.com/wp-content/themes/ginospa2016/dist/images/content/menu-icon-shop.png
IP
File type PNG image data, 18 x 22, 8-bit colormap, non-interlaced\012- data
Hash ad4985cf75980bfa0871b693a6fce5ab
9a7347e79db66a80d07c7f76e0934dbf49ffa6b0
ca7d491e60921c91c5ca45edcfbb2d9a390e11af0881d899a9c51415aa267e43
GET /wp-content/themes/ginospa2016/dist/images/content/menu-icon-shop.png HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/wp-content/themes/ginospa2016/dist/styles/main-a11350d929.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: image/png
content-length: 502
last-modified: Tue, 06 Sep 2022 15:54:00 GMT
etag: "63176d18-1f6"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-WM759G
200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WM759G
IP
File type ASCII text, with very long lines (10385)
Hash 03568c231b6387d819ee3127b3c70f4e
b29213de57068aad890d68ac30388f47494496e4
2ecf0732c6469b2476237ec9432ed4b4d26617b63758933e7b989d3df3aa4a96
GET /gtm.js?id=GTM-WM759G HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 15 Sep 2022 09:09:32 GMT
expires: Thu, 15 Sep 2022 09:09:32 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.ginospa.com/wp-content/themes/ginospa2016/dist/images/content/menu-icon-heart.png
200 OK 309 B URL HTTP/2 www.ginospa.com/wp-content/themes/ginospa2016/dist/images/content/menu-icon-heart.png
IP
File type PNG image data, 28 x 25, 8-bit colormap, non-interlaced\012- data
Hash 03e6f2095441867473973f1a1b00457f
266bc05f7b2a9a75b88bbfa54557fe9cd511538b
cd7950930c0fd315c8974c3f8071d96ca02a202d1d525febc6d10fc1c590bb16
GET /wp-content/themes/ginospa2016/dist/images/content/menu-icon-heart.png HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/wp-content/themes/ginospa2016/dist/styles/main-a11350d929.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: image/png
content-length: 309
last-modified: Tue, 06 Sep 2022 15:54:00 GMT
etag: "63176d18-135"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ginospa.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
200 OK 11 kB URL HTTP/2 www.ginospa.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP
File type ASCII text, with very long lines (43771)
Hash 801b1891bb168e2938eee6280f6c24c2
6f508f24f4c6f6456ad4c5951e13a652dd26f45b
3c511b98c89c493cbd4b5d2dee0ef28213dd74b52bdc527850b23e73dacb880e
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: text/css
last-modified: Wed, 27 Jul 2022 01:10:59 GMT
vary: Accept-Encoding
etag: W/"62e090a3-15b64"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.ginospa.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 8.6 kB URL HTTP/2 www.ginospa.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
File type ASCII text, with very long lines (11126)
Hash 53ad1466057d03492ec21b56ec8eb24c
3dd7391db172ddf2328cb85801336656f5e50299
83c8563fb7211277a52b0a56f90c5767e9278b535077854302dafb9a37d61ce9
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: application/javascript
last-modified: Tue, 15 Dec 2020 15:42:58 GMT
vary: Accept-Encoding
etag: W/"5fd8d982-2bd8"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
web.webpushs.com/js/push/bc022c5e52f08e7ff4fcd46b74610601_1.js
200 OK 39 kB URL HTTP/2 web.webpushs.com/js/push/bc022c5e52f08e7ff4fcd46b74610601_1.js
IP
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (34908)
Hash 4edd93551ac8ca9343937a76e7bd9f4e
0e1f643e26ab3eedc15a0a0cf77992883a0da1c5
e2227f4637ad9d97c110ef1b89775617642852de98a018650f77931654528a22
GET /js/push/bc022c5e52f08e7ff4fcd46b74610601_1.js HTTP/1.1
Host: web.webpushs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: application/javascript
last-modified: Thu, 25 Nov 2021 11:17:26 GMT
etag: W/"1cfc6-5d19b1e93a978"
vary: Accept-Encoding, Accept-Encoding,User-Agent
access-control-allow-origin: *
x-sp-ma: sp-ma-2
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
expires: Thu, 22 Sep 2022 09:09:32 GMT
cache-control: max-age=604800
x-sp-pr: lpr7
x-accel-expires: @1663837772
server: CDN77-Turbo
x-77-nzt: AblMCQ3TgReh
x-77-nzt-ray: 47TKIBNfscA
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ed1a966e9770807ef8b4f57a5113d29a
d843a3d371ee0424004f68ccc32ce06e6bc6e6c7
4932c01d3db39a9ac2f0f7e2693af95e5a334697edfd8d078fd52e421ba43721
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 09:09:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ginospa.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
200 OK 50 kB URL HTTP/2 www.ginospa.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
File type ASCII text, with very long lines (65447)
Hash 76e1760c4a9b9106807ecb8946a9c1df
307d82048efca04d63da02574f4885291d460d14
d0965499aafc477062f2b6eeb6df8bc041ea0dbeb7905ea7b0f3c45f9504af61
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: application/javascript
last-modified: Wed, 21 Jul 2021 20:34:38 GMT
vary: Accept-Encoding
etag: W/"60f884de-15db1"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
sdk.privacy-center.org/9b248138-4af1-4e45-bbec-34b534d0f290/loader.js?target=www.ginospa.com
200 OK 3.3 kB URL HTTP/2 sdk.privacy-center.org/9b248138-4af1-4e45-bbec-34b534d0f290/loader.js?target=www.ginospa.com
IP
File type Unicode text, UTF-8 text, with very long lines (13503), with no line terminators
Hash da54ebcbd7c4751cd5b9578df07b4fb5
ef87d39b44d0d990bfb79d8186f8dd6f62923497
f8bc3fadb898e2a95adfaf8d2ae7999d378a2823dce989e9ab09f645d17f9579
GET /9b248138-4af1-4e45-bbec-34b534d0f290/loader.js?target=www.ginospa.com HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 3347
server: CloudFront
date: Thu, 15 Sep 2022 09:09:32 GMT
x-didomi-remote-config-source: Lambda
content-encoding: gzip
cache-control: max-age=7200, public
etag: "c6917f6800b0098148c9ffd9c5fbce4c"
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DrT_87XZhCYQsjwI7ipvjKRQxpYLEUcJDJcgqHZ8OwIjtZc2FTUkIw==
X-Firefox-Spdy: h2
www.ginospa.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.6
200 OK 63 kB URL HTTP/2 www.ginospa.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.6
IP
File type ASCII text, with very long lines (1840), with no line terminators
Hash 7b0f9b6a1e82d79838c080859d60add3
ffc77f5a6bde4702837114c12b98ecbd774c0210
ec3d4a08a98886406eed4d07b15ba7ec038417bacd9be4f5adb06a59315ba06b
GET /wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.6 HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: application/javascript
last-modified: Sun, 28 Aug 2022 22:23:23 GMT
vary: Accept-Encoding
etag: W/"630beadb-730"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.ginospa.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
200 OK 21 kB URL HTTP/2 www.ginospa.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
File type ASCII text, with very long lines (6475), with no line terminators
Hash f8ae1a44f6ac2f068a59a400c14b8426
bc7e2fc2b3b64e037e8d051a2fc554b40cc10369
2b32ecd613e5e01ff2857eef027575dd004366f7484e22b87b945e10113db6d5
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 06:36:37 GMT
vary: Accept-Encoding
etag: W/"628f1ff5-194b"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.ginospa.com/wp-content/uploads/2022/08/Banner_Mercedes_2022-08-29_NuovaGLC-1536x768.jpg
200 OK 200 kB URL HTTP/2 www.ginospa.com/wp-content/uploads/2022/08/Banner_Mercedes_2022-08-29_NuovaGLC-1536x768.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1536x768, components 3\012- data
Size 200 kB (199952 bytes)
Hash e6901594849c779f5d35e855becc2abc
ed26a7ca38e5ab7ceb3e4f1878ebd89b41ab7491
98dabc2225f0db64c4710decaab845712969bd6f9dbf7a891e2b073d989d8c9d
GET /wp-content/uploads/2022/08/Banner_Mercedes_2022-08-29_NuovaGLC-1536x768.jpg HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: image/jpeg
content-length: 199952
last-modified: Mon, 29 Aug 2022 10:02:37 GMT
etag: "630c8ebd-30d10"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 6312a93e2d657aaacc1687023b1da43c
1a945152621b78320bf9b080adae963664821d42
c2ed07955ed08c1f68fbc864fdecca2b8d0be47519d369778f6dcdcff606cd0b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 09:09:32 GMT
Last-Modified: Thu, 15 Sep 2022 08:10:35 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qRiINCkcrk8chC0lJoiEMOxy66c4xQsFMPLSlE6ICl4wZ-CszLA2xg==
Age: 3537
webmessenger.ekonsilio.io/manifest.json
200 OK 56 B URL HTTP/2 webmessenger.ekonsilio.io/manifest.json
IP
File type JSON data\012- , ASCII text
Hash 3f3f2cb4858934a4367c28c163466ea2
d8f45f27635f439da78489348299e155bcbe9187
0dcefa3b60e2a64c8042b2e8e83d32f0947acb9c12b6f18b8b9c3cf00f81a216
GET /manifest.json HTTP/1.1
Host: webmessenger.ekonsilio.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ginospa.com
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 56
server: nginx/1.23.1
last-modified: Wed, 14 Sep 2022 11:05:02 GMT
accept-ranges: bytes
date: Thu, 15 Sep 2022 09:09:32 GMT
cache-control: public, max-age=10
etag: "6321b55e-38"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 26bnUcDwvoPf2mcKqDHQ0QAu12M4qnBK39rIU2J-kSfdPHqKflOqfA==
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fa93363cbf33e6924b28be5605efa7f5
ac0c0ea57b0c156523116661afe2d5b604bc9169
14928eb3ed490a2aa3b27ebc982e4fc5f08fe39299a16673a8fae64cca1e44bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14928EB3ED490A2AA3B27EBC982E4FC5F08FE39299A16673A8FAE64CCA1E44BB"
Last-Modified: Wed, 14 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3313
Expires: Thu, 15 Sep 2022 10:04:45 GMT
Date: Thu, 15 Sep 2022 09:09:32 GMT
Connection: keep-alive
cert.home4four.com/v2/pxjs/px.js
200 OK 5.0 kB URL HTTP/1.1 cert.home4four.com/v2/pxjs/px.js
IP
Hash c51b5bc5758418ed6e648bed1af57d49
c1e6320c0831b920652802818bf7e38ac97f357d
dcd6bdb94fed88a709baade496b3460cf980f0956414719d3067e6331eebf30a
GET /v2/pxjs/px.js HTTP/1.1
Host: cert.home4four.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 09:09:35 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
Last-Modified: Wed, 09 Jun 2021 09:35:41 GMT
ETag: "4a1cdb-138f-5c451ff7f6f50"
Accept-Ranges: bytes
Content-Length: 5007
X-Robots-Tag: noindex
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: application/javascript
webmessenger.ekonsilio.io/static/js/main.0159f592.js
200 OK 183 kB URL HTTP/2 webmessenger.ekonsilio.io/static/js/main.0159f592.js
IP
File type ASCII text, with very long lines (65465)
Size 183 kB (183090 bytes)
Hash cb72b35dc605d587bf13305523ad2c50
91587851e5a773e50c0757b9cfd1b7a5f84e6865
1a760fb62d3777b582c98231b35e23aa54f7ba4a2d88176cb801cc58a35b6a33
GET /static/js/main.0159f592.js HTTP/1.1
Host: webmessenger.ekonsilio.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 183090
date: Wed, 14 Sep 2022 11:54:18 GMT
server: nginx/1.23.1
last-modified: Wed, 14 Sep 2022 11:05:01 GMT
etag: "6321b55d-2cb32"
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: o6W_omQHhWYLRHmaY6hjIi1utQWki61y3QeBwwPyPk5PnULJZOUICQ==
age: 76515
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13396
Expires: Thu, 15 Sep 2022 12:52:49 GMT
Date: Thu, 15 Sep 2022 09:09:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13396
Expires: Thu, 15 Sep 2022 12:52:49 GMT
Date: Thu, 15 Sep 2022 09:09:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13396
Expires: Thu, 15 Sep 2022 12:52:49 GMT
Date: Thu, 15 Sep 2022 09:09:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13396
Expires: Thu, 15 Sep 2022 12:52:49 GMT
Date: Thu, 15 Sep 2022 09:09:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f42b72c3fd66a6758ebcf0ca8cc1a046
13d42d455f5131b7b861b97eb3f0e91236d4d222
4a07fcacde77dc890164fda9f295b61af6947b2d7f3f84f64749d93e3a1e5b99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10633
x-amzn-requestid: 2a8ec7f2-8704-440e-9966-ae4643d6aa5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YdyhcF6RIAMFTEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322313c-4d1bfab72580e62231978193;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 19:53:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Dr0K5GobFSc2ooWzPsbe6tfoTbF_NglaVuT8z-cM-B0AufMh_PohhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:13 GMT
age: 46100
etag: "13d42d455f5131b7b861b97eb3f0e91236d4d222"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4833535b1650b0ac875704023b650e66
96ab8cd8e14350f730d26731f3445710324e24e2
d2b5a51e39a4890ba56e819d4d5d1d57d4d3cfc50dde42efdf23b8e9be17d1c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9400
x-amzn-requestid: 8cf35176-18a1-427b-870c-bdae465060c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYM18E-iIAMFcmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ff4f2-427bc0ff6593e71e25b91589;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 03:11:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0nTpbTo79RT78Sin1pTWaq4pRKWZyqnBkZCT2p66wWoW-A1OScJmIg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:09 GMT
age: 46104
etag: "96ab8cd8e14350f730d26731f3445710324e24e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
webmessenger.ekonsilio.io/static/js/279.52d09d86.chunk.js
200 OK 328 kB URL HTTP/2 webmessenger.ekonsilio.io/static/js/279.52d09d86.chunk.js
IP
File type ASCII text, with very long lines (65460)
Size 328 kB (327967 bytes)
Hash 2b4a2e3a8a4000ace40000a1a47f61a1
69be6aa44ce181fa0a7abdfd75a2b0ffd09e7203
412aa2d54a0cb2a3c78c3d5168c8210f8e8555839ab756d8353910c24b26d0aa
GET /static/js/279.52d09d86.chunk.js HTTP/1.1
Host: webmessenger.ekonsilio.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 327967
date: Thu, 15 Sep 2022 04:15:20 GMT
server: nginx/1.23.1
last-modified: Wed, 14 Sep 2022 11:05:01 GMT
etag: "6321b55d-5011f"
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rtCXDHenXOQkRf892xO2uF3EJDZZJj8GpLIVL5PX9aavbSRFZDEN2Q==
age: 17653
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d547c90-3ccc-4c25-a8e5-de1d932a8cfb.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d547c90-3ccc-4c25-a8e5-de1d932a8cfb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aaf675adec05212317877a5f479d11a7
cab4d850cd2bc5b3e1570ae837a58382e6eae5ec
cb4eb5b406f1ec01e3094d0519d8e4e7a469056bb898e2c47d48378e4b2b261d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d547c90-3ccc-4c25-a8e5-de1d932a8cfb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3951
x-amzn-requestid: 65c15365-1bff-4dd2-a651-33683a033e05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE9_oHP_oAMF3Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184397-148253910e5cd21b0e436b09;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:09:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wzHSKob2n4WsbIoi6eJdCptVrefJxBEVANMp-WZSm6HsOI7bPUwaDA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:19:28 GMT
age: 39005
etag: "cab4d850cd2bc5b3e1570ae837a58382e6eae5ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
webmessenger.ekonsilio.io/static/js/69.8c1d1fd8.chunk.js
200 OK 21 kB URL HTTP/2 webmessenger.ekonsilio.io/static/js/69.8c1d1fd8.chunk.js
IP
File type ASCII text, with very long lines (20697)
Hash 8e4f1e775549df9fe1753698c4f2f8ab
8369545329d08397a0e13860a402c6eba955b876
e5e10dc211db9c28910d566a4372ccf35d92c391960bfd850b702aacd211d0a3
GET /static/js/69.8c1d1fd8.chunk.js HTTP/1.1
Host: webmessenger.ekonsilio.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 20743
date: Wed, 14 Sep 2022 11:54:18 GMT
server: nginx/1.23.1
last-modified: Wed, 14 Sep 2022 11:05:01 GMT
etag: "6321b55d-5107"
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jV5v-B97WXyM1fQA1SADdZoRDfU3r7YvvVfpg1URaOqCo0Gg26cONg==
age: 76515
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc482abf3-9a0f-40ae-8d4b-c95977ab3e5f.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc482abf3-9a0f-40ae-8d4b-c95977ab3e5f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ebe7a0235de91cc1bf4cc6baecbf43f5
fb0078b3be78ca41f46c102148b9e801cfacba8e
6b35ef88d4ca58338480a87d0b0143fc4e1885427735d5ea48ba6e99aa882678
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc482abf3-9a0f-40ae-8d4b-c95977ab3e5f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9630
x-amzn-requestid: c48fade7-f2d1-480e-a411-9bfd080b4b92
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXwx8Fe-oAMFtiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fc80c-20c8930c7269503e6195fe72;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 00:00:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bFdVw0FZgpuFUOM1MQPSvXByye8bqcrEXDc6O3rFwQKgUOvLxoT7Xg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:39:14 GMT
age: 79183
etag: "fb0078b3be78ca41f46c102148b9e801cfacba8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a6939786c9343412c9af87efd3f44e0
14131148fda4e8d85b582fd20e76bcc814341bf1
8412c50f0fdc131d9c4422f2d7307fc1ee062c3580a1d754ef71cf84f9727d49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8447
x-amzn-requestid: 6a307dbf-af18-4b40-a2c4-cda4a6e302d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLe84HUzIAMFkUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631adeb8-166dc8b954f4e5b50a0843de;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 06:35:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qQaQeJRgo5OcpjqbzgyZQCl-pYpvj6P_aoB07WGfV0YXyZqv4AQNCg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:42:17 GMT
age: 41236
etag: "14131148fda4e8d85b582fd20e76bcc814341bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e21b4ebb90b6213641c2a966902ca110
a1189f605195854b313b68f653021c458cf99045
399d102ba6a26ec97c9292f6b8ed509bff937b987fc3ef0678eb49bed1dd45cd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 09:09:33 GMT
Last-Modified: Thu, 15 Sep 2022 08:02:46 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hu0bxpgjxxCCtFEfDZMq1SvgpTJ-yB7WU78-BET2YI8m9wnx-h2OZw==
Age: 4007
files.ekonsilio.io/files/webmessenger-styles/62aaf07441b0ab000734044d
200 OK 8.6 kB URL HTTP/2 files.ekonsilio.io/files/webmessenger-styles/62aaf07441b0ab000734044d
IP
Hash 5e73282d60f4997d2119c6a92eeb7b05
2939cfac1f1189c11d4dab75039966b5909eb1af
8bc1d2d45691d3566c9fd6c70398760ed3fb946e0a89c45fff5728c1b268dee2
GET /files/webmessenger-styles/62aaf07441b0ab000734044d HTTP/1.1
Host: files.ekonsilio.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:33 GMT
content-type: text/css
x-request-id: 08f640d7-db8e-4b95-bcab-c1fcf0089911
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.simplelocalize.io/11494a5a46f54bf2a46c2767c73626b0/_production/_index
200 OK 7.9 kB URL HTTP/2 cdn.simplelocalize.io/11494a5a46f54bf2a46c2767c73626b0/_production/_index
IP
File type JSON data\012- , Unicode text, UTF-8 text
Hash a14f119a95c05ebec16851b4d697c4e5
bb50b2990168fefdb6344908aece0e53fc324d0e
6083091cc7803d0f1ab7792e5bee60d157f5503d41334daaf32b25b654634414
GET /11494a5a46f54bf2a46c2767c73626b0/_production/_index HTTP/1.1
Host: cdn.simplelocalize.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ginospa.com/
Origin: https://www.ginospa.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:33 GMT
content-type: application/json; charset=utf-8
content-length: 7873
x-amz-id-2: 71hzOWF5Vfx57Ej8CiIrp3fr9e4dLnp4jmi+YmV46wAz1hgIhoYwG+/MVGNzzBUWf7r0CL5JwZQ=
x-amz-request-id: WQ0WANRCHE50CA47
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 1800
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=120
content-encoding: utf-8
last-modified: Mon, 29 Aug 2022 00:51:46 GMT
etag: "a14f119a95c05ebec16851b4d697c4e5"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkRiGvj7vreZKvjTCXdTRSqSMuBFg630UipltjNz6EecXWOFScPRTV%2FPuwi5b0sEwT62NHW%2BOaoKv0po%2FU470Hf9sbLK2p1kIAvDDuK%2FE6sZ3lIihrWIoHjPmciLPoonxIBgUzZavg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74b039636a87b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 845d3c97bae23faa77d49c3611a1553a
f81adb5532bdfd34fabb8acbbc5d99f5acfe699b
990161346a4e8ed5856dac885d251ab2857187b53f5468d46b2b17a7957f5c5a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "990161346A4E8ED5856DAC885D251AB2857187B53F5468D46B2B17A7957F5C5A"
Last-Modified: Tue, 13 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9223
Expires: Thu, 15 Sep 2022 11:43:16 GMT
Date: Thu, 15 Sep 2022 09:09:33 GMT
Connection: keep-alive
webmessenger.ekonsilio.io/static/js/517.9bd29b91.chunk.js
200 OK 94 kB URL HTTP/2 webmessenger.ekonsilio.io/static/js/517.9bd29b91.chunk.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash fad57b04f1dad18f3ae898b212f99333
5e5a01c211cb4713da1c5bf69c6a5c9d46e96536
0a04358d1b5e04b805aa44ceac083d489f0c4bd1a6623222d606881b30aa4946
GET /static/js/517.9bd29b91.chunk.js HTTP/1.1
Host: webmessenger.ekonsilio.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 93760
date: Thu, 15 Sep 2022 01:29:03 GMT
server: nginx/1.23.1
last-modified: Wed, 14 Sep 2022 11:05:01 GMT
etag: "6321b55d-16e40"
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HYQemjjpJrlXHUUgGiVXbzIeX9wZAFYg0RsS9_5hOkbBZ6EjuKIk-w==
age: 27630
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
webmessenger.ekonsilio.io/static/js/329.ffa732d5.chunk.js
200 OK 4.9 kB URL HTTP/2 webmessenger.ekonsilio.io/static/js/329.ffa732d5.chunk.js
IP
File type ASCII text, with very long lines (4813)
Hash 8987889db6493510a780d8d6650d6705
a746bd7a0e650991749ed597b99c0cbee2e0e2cd
15cdef16bab2deef942fae3ae477ed9dc2efa9de96e3769bcad81e6be9d019b3
GET /static/js/329.ffa732d5.chunk.js HTTP/1.1
Host: webmessenger.ekonsilio.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 4860
date: Thu, 15 Sep 2022 03:08:32 GMT
server: nginx/1.23.1
last-modified: Wed, 14 Sep 2022 11:05:01 GMT
etag: "6321b55d-12fc"
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qzazmjHKEtuhLBZ2KHpug3vZWupZ9KGxMRvSx3L8c8c7GAx4XLVZkg==
age: 21661
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 47f8782bcd01d44097a8decfe6e00a1c
72c3a52a87f4b656772c500f99c0aa48262f5405
9249bf3c142678385e8db67693371798d1757d345b4de54896f4b163dbb9917c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161286
Date: Thu, 15 Sep 2022 09:09:33 GMT
Etag: "6322ad3a-1d7"
Expires: Sat, 17 Sep 2022 05:57:39 GMT
Last-Modified: Thu, 15 Sep 2022 04:42:34 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 38PWzZY33ASY0hU1KOuLnTr9SNpu5M-iuxxuzF3Z2iAty0P0N996QA==
Age: 4505
snap.licdn.com/li.lms-analytics/insight.min.js
200 OK 3.1 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (7751)
Hash 57efbbeb3e1d23c82b677511c67c8b0e
f927ba115ef4be362694c22850ddbdd1c1b054d1
873b38d80c8ff1ffcac23ecdb7fb2d17413ae3c217236d8e1e24574b1c4707c6
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=26950
date: Thu, 15 Sep 2022 09:09:34 GMT
content-length: 3063
x-cdn: AKAM
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Thu, 15 Sep 2022 08:41:12 GMT
expires: Thu, 15 Sep 2022 10:41:12 GMT
cache-control: public, max-age=7200
age: 1702
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d5a5d04d15c71a4e71821b6ddd4110e0
7c5495f9d4165a90ce681ddd1b330675e55a4993
545c765db5e55c1d89bc56d93a3cde1a3b6f5c9d741ad9b58253f9fd7ab24457
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 09:09:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ginospa.com/wp-content/uploads/2016/10/cropped-favicon-1-192x192.png
200 OK 26 kB URL HTTP/2 www.ginospa.com/wp-content/uploads/2016/10/cropped-favicon-1-192x192.png
IP
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash dcbc9f26ea5d9c5b4c0bc1671e305326
502e7e37f14677dc10274b65258d983220080357
35d1faafd07252722c0e0ef3af6a0c9d01ebfcb475c01e47ca33d875375273e0
GET /wp-content/uploads/2016/10/cropped-favicon-1-192x192.png HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Cookie: didomi_token=eyJ1c2VyX2lkIjoiMTgzNDA2OGQtZGI4ZS02OWNkLWIxOGQtYTE3OWI5YjM1ZmQzIiwiY3JlYXRlZCI6IjIwMjItMDktMTVUMDk6MDk6MTcuOTQ1WiIsInVwZGF0ZWQiOiIyMDIyLTA5LTE1VDA5OjA5OjE3Ljk0NVoiLCJ2ZXJzaW9uIjpudWxsfQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:34 GMT
content-type: image/png
content-length: 25695
last-modified: Mon, 17 Oct 2016 07:38:51 GMT
etag: "5804800b-645f"
expires: Fri, 15 Sep 2023 09:09:34 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ginospa.com/wp-content/uploads/2016/10/cropped-favicon-1-32x32.png
200 OK 1.3 kB URL HTTP/2 www.ginospa.com/wp-content/uploads/2016/10/cropped-favicon-1-32x32.png
IP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 524d463306f5b47fab0bc4fd67f4538d
10c04cbd109d67ded018f12ceab4e4b977d99af4
630deec19af170935a2dde71a098eaef0eada95257888b1e7e9e9791e9a717e0
GET /wp-content/uploads/2016/10/cropped-favicon-1-32x32.png HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Cookie: didomi_token=eyJ1c2VyX2lkIjoiMTgzNDA2OGQtZGI4ZS02OWNkLWIxOGQtYTE3OWI5YjM1ZmQzIiwiY3JlYXRlZCI6IjIwMjItMDktMTVUMDk6MDk6MTcuOTQ1WiIsInVwZGF0ZWQiOiIyMDIyLTA5LTE1VDA5OjA5OjE3Ljk0NVoiLCJ2ZXJzaW9uIjpudWxsfQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:34 GMT
content-type: image/png
content-length: 1306
last-modified: Mon, 17 Oct 2016 07:38:52 GMT
etag: "5804800c-51a"
expires: Fri, 15 Sep 2023 09:09:34 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
webmessenger.ekonsilio.io/static/js/529.ded56536.chunk.js
200 OK 82 kB URL HTTP/2 webmessenger.ekonsilio.io/static/js/529.ded56536.chunk.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1aed470b7df15ccd85acd60808639105
fae827fe4a3778eb4197b4bd636b20d97c687f46
71268f5f02ffbcf610aa2918bbdfc43fd174c324304df4bf4fe598f84dd2fe5c
GET /static/js/529.ded56536.chunk.js HTTP/1.1
Host: webmessenger.ekonsilio.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 82094
date: Thu, 15 Sep 2022 04:25:14 GMT
server: nginx/1.23.1
last-modified: Wed, 14 Sep 2022 11:05:01 GMT
etag: "6321b55d-140ae"
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KlS5_5nyUeUVdmJgLMCNmk-yPL0gCYq3a7pSvQ1cMvyNLGympCDHpw==
age: 17060
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
webmessenger.ekonsilio.io/static/js/722.7e6518f5.chunk.js
200 OK 2.2 kB URL HTTP/2 webmessenger.ekonsilio.io/static/js/722.7e6518f5.chunk.js
IP
File type ASCII text, with very long lines (2107)
Hash 80cb337bd0af67d86dd778eae7d51bee
93c158ddd123957032e6545681a0d97a0005f131
f343821e536410f47c65d070f3a18a80b065be2d76ecdd55bf1a50febeabccfe
GET /static/js/722.7e6518f5.chunk.js HTTP/1.1
Host: webmessenger.ekonsilio.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 2154
date: Thu, 15 Sep 2022 05:04:34 GMT
server: nginx/1.23.1
last-modified: Wed, 14 Sep 2022 11:05:01 GMT
etag: "6321b55d-86a"
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Zz7J_NCroGS5Yizvxd8D4I7qToJ6cJOtuHnWD64ZpQGxQoTBLhV0cA==
age: 14700
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__it.js
200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__it.js
IP
File type ASCII text, with very long lines (680)
Size 158 kB (158162 bytes)
Hash be8572994d6be6238204f7c9bf5ffd8e
c5416cab95ed2287fc5b7909362cd7826681847e
ed21d7a65384efb71667defe2183225ecc8c040e5c9c0f4dd8c89a90a490742e
GET /recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__it.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ginospa.com
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 20:17:04 GMT
expires: Wed, 13 Sep 2023 20:17:04 GMT
cache-control: public, max-age=31536000
age: 132750
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js-tag.zemanta.com/zcpt.js
200 OK 3.7 kB URL HTTP/2 js-tag.zemanta.com/zcpt.js
IP
Hash 11d4f55c21f995a2e2cc6f49ddb2731a
79a41bad08c20da6073920d5e686d474abcb127d
999f6f0db4de745a8d71b44d6997f5acd0e97a866a07f454fd432709c69d7df1
GET /zcpt.js HTTP/1.1
Host: js-tag.zemanta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:34 GMT
content-type: application/javascript
x-amz-id-2: /aaBaQKaygIqSEaGz63ohFGe+Ardx83cGJlnRvT1wVyx6urCiyClsVTuiVMHeIltOTQ9OsvDxwg=
x-amz-request-id: HGTTK1W16QQM60WZ
last-modified: Tue, 13 Sep 2022 07:47:59 GMT
etag: W/"6376a488d713d6cf8cf3d1ebfb5e6361"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6259
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b0396889d6b4f4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
webmessenger.ekonsilio.io/static/js/856.24f4eef7.chunk.js
200 OK 6.3 kB URL HTTP/2 webmessenger.ekonsilio.io/static/js/856.24f4eef7.chunk.js
IP
File type ASCII text, with very long lines (6208)
Hash 2f0d430d7eeb2f350928e3c1143feea3
bd8ed60a9c343275b5875d0055c4eee022d345f4
d087bad5214609330a0a1fedf1edf6d2447d35c4ece04e3072800d3943ee6a50
GET /static/js/856.24f4eef7.chunk.js HTTP/1.1
Host: webmessenger.ekonsilio.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 6255
date: Thu, 15 Sep 2022 05:04:34 GMT
server: nginx/1.23.1
last-modified: Wed, 14 Sep 2022 11:05:01 GMT
etag: "6321b55d-186f"
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Zwrslap5Bj_xzFEWAksYyjJVEdYoTJnpOVt7FKiOYdQyPSwIIc03Cw==
age: 14700
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
www.ginospa.com/wp-content/plugins/easy-swipebox/public/css/swipebox.min.css?ver=1.1.2
200 OK 8.9 kB URL HTTP/2 www.ginospa.com/wp-content/plugins/easy-swipebox/public/css/swipebox.min.css?ver=1.1.2
IP
File type ASCII text, with very long lines (4308), with no line terminators
Hash c2d3fd8a3efb1833053beac77ccddea9
eb6d2163f3dbcd8b3cac3939218e1211fa0d2dd9
f6eb0ff2e30051d743e5be68c343cdbe76dd2a91e2a95747cbab537587a32306
GET /wp-content/plugins/easy-swipebox/public/css/swipebox.min.css?ver=1.1.2 HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: text/css
last-modified: Mon, 08 Mar 2021 08:30:12 GMT
vary: Accept-Encoding
etag: W/"6045e094-10d4"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
js-eu1.hsadspixel.net/fb.js
200 OK 25 kB URL HTTP/2 js-eu1.hsadspixel.net/fb.js
IP
File type ASCII text, with very long lines (5272)
Hash ba4cbb9dae2669e3b32f3362851d225c
fd7733d130a6f1a6f62958ef49e73df9670cbad6
2d183e7dcf27fddf4f4b1b60d5d17ad6edc8ba4df10473b2b307912ff7eb54a7
GET /fb.js HTTP/1.1
Host: js-eu1.hsadspixel.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:34 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 29 Aug 2022 02:24:13 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: 7UJo2wwrqBK17_VnZoHwOb7a4zSK2Hcf
etag: W/"b87a46225f6f8c23b129956fa811f1ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: quTYyJH-faxOXhiEOerqiqr-FpOCPiUzKIkcdJ5c92KEJsSRySeovQ==
age: 212
cache-control: max-age=600
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.291/bundles/pixels-release.js&cfRay=74b0343b79fa98ee-FRA
x-hs-target-asset: adsscriptloaderstatic/static-1.291/bundles/pixels-release.js
x-hs-cache-status: HIT
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 74b03969df280d36-ARN
content-encoding: br
X-Firefox-Spdy: h2
js-eu1.hs-banner.com/25303312.js
200 OK 15 kB URL HTTP/2 js-eu1.hs-banner.com/25303312.js
IP
File type Unicode text, UTF-8 text, with very long lines (60657)
Hash 812c0d35cd37bb7cbe1fec78ba38f11a
0f8978b5c9dfbff03eff4a92faeee8ef5b3cc930
3b069837663b8b0cf1c07a5656206c8de5145fccb942ac6a5a9f87b18b31ce35
GET /25303312.js HTTP/1.1
Host: js-eu1.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:34 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: 1Wri14r6Pvs0fn23oeL9SRe3yNYCNVV6HCHT1gge0eI3D1k8ZZlovcEdqjqJgc9Sm9zpm4FptFU=
x-amz-request-id: W4RMGW3K40KNZSC0
last-modified: Tue, 30 Aug 2022 21:38:56 GMT
etag: W/"1e87646ff524bdb6afe4f0a75b34b9b8"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: WZBhHXpoEKn0jskFdH.YUHHGHhu3EQTh
access-control-allow-origin: https://www.ginowrc.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
expires: Thu, 15 Sep 2022 09:14:34 GMT
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b03969ea4d95fd-ARN
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 12:31:58 GMT
expires: Sun, 10 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 419856
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 00:48:31 GMT
expires: Sat, 09 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 548463
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
p1.zemanta.com/v2/p/js/50430/PAGE_VIEW/?bust=04462531992034109&optOut=false
200 OK 26 B URL HTTP/2 p1.zemanta.com/v2/p/js/50430/PAGE_VIEW/?bust=04462531992034109&optOut=false
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /v2/p/js/50430/PAGE_VIEW/?bust=04462531992034109&optOut=false HTTP/1.1
Host: p1.zemanta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:34 GMT
content-type: image/gif
content-length: 26
x-robots-tag: none
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b0396a5bc3b4f4-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 20620ba615dba1de34528390492c3f53
2ca43d3a828682e10eb7638972b79b7136395e2b
12cf30cf1de58b4bab8af4a5d159b42909c554ae7b34e6f7361d9a49f1e861b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 09:09:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23716524-1&cid=1861397205.1663232959&jid=290295532&gjid=569645837&_gid=708035365.1663232959&_u=YEBAAEAAAAAAAC~&z=1444628202
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23716524-1&cid=1861397205.1663232959&jid=290295532&gjid=569645837&_gid=708035365.1663232959&_u=YEBAAEAAAAAAAC~&z=1444628202
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23716524-1&cid=1861397205.1663232959&jid=290295532&gjid=569645837&_gid=708035365.1663232959&_u=YEBAAEAAAAAAAC~&z=1444628202 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.ginospa.com
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.ginospa.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 15 Sep 2022 09:09:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D84054%26time%3D1663232959264%26url%3Dhttps%253A%252F%252Fwww.ginospa.com%252Fbusiness-ncc%252Fmercedes-classe-a-business-e-ncc%252Fnuovo-mercedes-glc%252F%253Futm_source%253Ddatawork%2526utm_medium%253Ddem%2526utm_content%253Dmercedes%2526utm_campaign%253Dglc-gla%26liSync%3Dtrue
302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D84054%26time%3D1663232959264%26url%3Dhttps%253A%252F%252Fwww.ginospa.com%252Fbusiness-ncc%252Fmercedes-classe-a-business-e-ncc%252Fnuovo-mercedes-glc%252F%253Futm_source%253Ddatawork%2526utm_medium%253Ddem%2526utm_content%253Dmercedes%2526utm_campaign%253Dglc-gla%26liSync%3Dtrue
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D84054%26time%3D1663232959264%26url%3Dhttps%253A%252F%252Fwww.ginospa.com%252Fbusiness-ncc%252Fmercedes-classe-a-business-e-ncc%252Fnuovo-mercedes-glc%252F%253Futm_source%253Ddatawork%2526utm_medium%253Ddem%2526utm_content%253Dmercedes%2526utm_campaign%253Dglc-gla%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ginospa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=84054&time=1663232959264&url=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F%3Futm_source%3Ddatawork%26utm_medium%3Ddem%26utm_content%3Dmercedes%26utm_campaign%3Dglc-gla&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&c5b25251-bf43-4354-8a9d-cef740372d9d"; Domain=.linkedin.com; Expires=Fri, 15-Sep-2023 09:09:34 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202209150909341d59a17c-8ced-4741-8768-bed7ee6edfc7AQEZcS03mAaP8Dgzg5zMEWYx_n0ZbSQM"; Domain=.www.linkedin.com; Expires=Fri, 15-Sep-2023 09:09:34 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjMyMzI5NzQ7MjswMjG0jmZVfsWQht0fADHkD/q2Jx3GyCK3oTSVZLyf9AlqIg==; Domain=.linkedin.com; Expires=Tue, 14 Mar 2023 09:09:34 GMT; Path=/; Secure; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2384:u=1:x=1:i=1663232974:t=1663319374:v=2:sig=AQGWfyOOg3O-z4HzxrW2DuCAkf99jJ5j"; Expires=Fri, 16 Sep 2022 09:09:34 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXos5ql+9j62V56EQLRyQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: E3F5D96D42924170A59AA4569FA5197B Ref B: OSL30EDGE0311 Ref C: 2022-09-15T09:09:34Z
date: Thu, 15 Sep 2022 09:09:34 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 20620ba615dba1de34528390492c3f53
2ca43d3a828682e10eb7638972b79b7136395e2b
12cf30cf1de58b4bab8af4a5d159b42909c554ae7b34e6f7361d9a49f1e861b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 09:09:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=84054&time=1663232959264&url=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F%3Futm_source%3Ddatawork%26utm_medium%3Ddem%26utm_content%3Dmercedes%26utm_campaign%3Dglc-gla&liSync=true
200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=84054&time=1663232959264&url=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F%3Futm_source%3Ddatawork%26utm_medium%3Ddem%26utm_content%3Dmercedes%26utm_campaign%3Dglc-gla&liSync=true
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=84054&time=1663232959264&url=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F%3Futm_source%3Ddatawork%26utm_medium%3Ddem%26utm_content%3Dmercedes%26utm_campaign%3Dglc-gla&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ginospa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&ca3a1e3a-6dbb-419b-8ce6-154ddce5273a"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 15-Sep-2023 09:09:35 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2384:u=1:x=1:i=1663232975:t=1663319375:v=2:sig=AQHty9tmp4FufBHOslf3pytuVcIFO97H"; Expires=Fri, 16 Sep 2022 09:09:35 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXos5qofwwlpyE1ohcDVQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 7BBF64EC5CC44BB2A9849C10B666F0DF Ref B: OSL30EDGE0311 Ref C: 2022-09-15T09:09:35Z
date: Thu, 15 Sep 2022 09:09:34 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a8b2bb270d78a6dddeb5b7fa01bd896c
eee28c4dd10c090f100c6ed383392b67d9fb9200
5c929c1a5e85ed508916eda62cccedb3ef1a5f407468596fa2726c476e2a9340
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 09:09:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23716524-1&cid=1861397205.1663232959&jid=290295532&_u=YEBAAEAAAAAAAC~&z=980357950
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23716524-1&cid=1861397205.1663232959&jid=290295532&_u=YEBAAEAAAAAAAC~&z=980357950
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23716524-1&cid=1861397205.1663232959&jid=290295532&_u=YEBAAEAAAAAAAC~&z=980357950 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 09:09:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a8b2bb270d78a6dddeb5b7fa01bd896c
eee28c4dd10c090f100c6ed383392b67d9fb9200
5c929c1a5e85ed508916eda62cccedb3ef1a5f407468596fa2726c476e2a9340
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 09:09:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0dfd060e0fb8dec42e8f52f8db247b61
d6f33b6390aa9a4b34375d58009977926bc1fff3
17e3d9698e2cd4caf0cbf66b71393b473300fb9a8a4b6f7b97f421e93d54ec44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 09:09:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=1824046950.1663232960&url=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F>m=2oa9e0&did=dMTc4Zm%2CdZTQ1Zm&gdid=dMTc4Zm.dZTQ1Zm
200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=1824046950.1663232960&url=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F>m=2oa9e0&did=dMTc4Zm%2CdZTQ1Zm&gdid=dMTc4Zm.dZTQ1Zm
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /pagead/landing?gcs=G100&gcd=G100&rnd=1824046950.1663232960&url=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F>m=2oa9e0&did=dMTc4Zm%2CdZTQ1Zm&gdid=dMTc4Zm.dZTQ1Zm HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ginospa.com
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 09:09:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0dfd060e0fb8dec42e8f52f8db247b61
d6f33b6390aa9a4b34375d58009977926bc1fff3
17e3d9698e2cd4caf0cbf66b71393b473300fb9a8a4b6f7b97f421e93d54ec44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 09:09:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.ekonsilio.com/5e732c663f69f9001682809f-5e732c7b3f69f900168280a0.js
200 OK 1.6 kB URL HTTP/2 script.ekonsilio.com/5e732c663f69f9001682809f-5e732c7b3f69f900168280a0.js
IP
Hash 100f5e19e49838d34e1748b9fadae34d
85144bb4f3e169beadce0fa800451f010dec47be
d95747feefaf35f0842d63ed76e4460be93cf8d7a49a899954545ecb13edf7ac
GET /5e732c663f69f9001682809f-5e732c7b3f69f900168280a0.js HTTP/1.1
Host: script.ekonsilio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: application/javascript; charset=UTF-8
x-request-id: d929f9d82fc425b200f8067a016b8b64
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
www.ginospa.com/sp-push-worker-fb.js
200 OK 27 kB URL HTTP/2 www.ginospa.com/sp-push-worker-fb.js
IP
Hash 5e87097b0ecaa06ec1c1d4fafed83c00
a74501db400ea6592e40e8faeca8728a064b1a4f
224d1acb5e219846b41e27559831e63c47c805ce0dbddabf5029f17877f1b2f0
GET /sp-push-worker-fb.js HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Cookie: didomi_token=eyJ1c2VyX2lkIjoiMTgzNDA2OGQtZGI4ZS02OWNkLWIxOGQtYTE3OWI5YjM1ZmQzIiwiY3JlYXRlZCI6IjIwMjItMDktMTVUMDk6MDk6MTcuOTQ1WiIsInVwZGF0ZWQiOiIyMDIyLTA5LTE1VDA5OjA5OjE3Ljk0NVoiLCJ2ZXJzaW9uIjpudWxsfQ==; _ga=GA1.2.1861397205.1663232959; _gid=GA1.2.708035365.1663232959; _gat_UA-23716524-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:35 GMT
content-type: application/javascript
last-modified: Mon, 17 Jun 2019 15:13:46 GMT
vary: Accept-Encoding
etag: W/"5d07ae2a-49"
expires: Fri, 15 Sep 2023 09:09:35 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 74cf77ca0dd7e4f96dfea6ceb4536e65
fa0492bed3fa3b15cc0380e3692320088aa7b217
94f64669694fa90640f8ee8c22f1cb792166c18bab72200a991bc6eaf8f09453
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4598
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 09:09:35 GMT
Last-Modified: Thu, 15 Sep 2022 07:52:57 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
track-eu1.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=931822577&v=1.1&a=25303312&rcu=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F&pu=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F%3Futm_source%3Ddatawork%26utm_medium%3Ddem%26utm_content%3Dmercedes%26utm_campaign%3Dglc-gla&t=Nuovo+Mercedes+GLC+%7C+Gino+Spa&cts=1663232960445&vi=c05cbbc7207a01608d44da9dd9b51be9&nc=true&u=115355353.c05cbbc7207a01608d44da9dd9b51be9.1663232960442.1663232960442.1663232960442.1&b=115355353.1.1663232960442&cc=15
200 OK 45 B URL HTTP/2 track-eu1.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=931822577&v=1.1&a=25303312&rcu=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F&pu=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F%3Futm_source%3Ddatawork%26utm_medium%3Ddem%26utm_content%3Dmercedes%26utm_campaign%3Dglc-gla&t=Nuovo+Mercedes+GLC+%7C+Gino+Spa&cts=1663232960445&vi=c05cbbc7207a01608d44da9dd9b51be9&nc=true&u=115355353.c05cbbc7207a01608d44da9dd9b51be9.1663232960442.1663232960442.1663232960442.1&b=115355353.1.1663232960442&cc=15
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c8817d472077ebfc04593c1fa019d32d
e1e86f41c86c7b9cd2e8b76c6a925a1a3e7e3247
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=931822577&v=1.1&a=25303312&rcu=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F&pu=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F%3Futm_source%3Ddatawork%26utm_medium%3Ddem%26utm_content%3Dmercedes%26utm_campaign%3Dglc-gla&t=Nuovo+Mercedes+GLC+%7C+Gino+Spa&cts=1663232960445&vi=c05cbbc7207a01608d44da9dd9b51be9&nc=true&u=115355353.c05cbbc7207a01608d44da9dd9b51be9.1663232960442.1663232960442.1663232960442.1&b=115355353.1.1663232960442&cc=15 HTTP/1.1
Host: track-eu1.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:36 GMT
content-type: image/gif
content-length: 45
cf-ray: 74b039779d701695-ARN
accept-ranges: bytes
cache-control: no-cache, no-store, no-transform
last-modified: Thu, 15 Sep 2022 09:09:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-hubspot-correlation-id: ac19decd-4cf1-4b24-92d1-cfed1c496ac0
x-robots-tag: none
set-cookie: __cf_bm=4wbEwdwSsLB79pjHeuTQHaQGj0xWEqAh231nJuJXPpg-1663232976-0-AaBBtATPjJQR0x/x8raV88RaXa7t2qfrswCZyGQc4lwmfCax0T11gbQfD2gJ08sigDJ/jsEsELWn9MOoJ+TKLD8=; path=/; expires=Thu, 15-Sep-22 09:39:36 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mw8SJr%2B%2FzP4%2FIPsGhAZbA%2FIAyRrhw19nd6I4cD3Zlp7b%2Bea0VLOoKveDehlTtdfKUbalbbxKV2qN1OtB%2BdISgvPBmdO0k3cME9OVuf68OKHfXc%2B0pO4rrFgGpcAgzP7ByiMk1QqcAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=477704512435083&ev=PageView&dl=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F%3Futm_source%3Ddatawork%26utm_medium%3Ddem%26utm_content%3Dmercedes%26utm_campaign%3Dglc-gla&rl=&if=false&ts=1663232961595&sw=1280&sh=1024&ud[external_id]=c05cbbc7207a01608d44da9dd9b51be9&v=2.9.81&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1663232961594.62517911&it=1663232960660&coo=false&rqm=GET
200 OK 86 kB URL HTTP/2 www.facebook.com/tr/?id=477704512435083&ev=PageView&dl=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F%3Futm_source%3Ddatawork%26utm_medium%3Ddem%26utm_content%3Dmercedes%26utm_campaign%3Dglc-gla&rl=&if=false&ts=1663232961595&sw=1280&sh=1024&ud[external_id]=c05cbbc7207a01608d44da9dd9b51be9&v=2.9.81&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1663232961594.62517911&it=1663232960660&coo=false&rqm=GET
IP
File type gzip compressed data, from Unix\012- data
Hash 1125de4d823d7ae2583da09cfb6b5167
b72b6743a9b7d20e32ad72f7700c96887a99c8e3
faf7b31cc8416d7ce3645151bbd4c09acd3476be04c17c41b566e566e4a34513
GET /tr/?id=477704512435083&ev=PageView&dl=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F%3Futm_source%3Ddatawork%26utm_medium%3Ddem%26utm_content%3Dmercedes%26utm_campaign%3Dglc-gla&rl=&if=false&ts=1663232961595&sw=1280&sh=1024&ud[external_id]=c05cbbc7207a01608d44da9dd9b51be9&v=2.9.81&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1663232961594.62517911&it=1663232960660&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Thu, 15 Sep 2022 09:09:36 GMT
expires: Thu, 15 Sep 2022 09:09:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=679529393154343&ev=PageView&dl=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F%3Futm_source%3Ddatawork%26utm_medium%3Ddem%26utm_content%3Dmercedes%26utm_campaign%3Dglc-gla&rl=&if=false&ts=1663232961598&sw=1280&sh=1024&ud[external_id]=c05cbbc7207a01608d44da9dd9b51be9&v=2.9.81&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1663232961594.62517911&it=1663232960660&coo=false&rqm=GET
200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=679529393154343&ev=PageView&dl=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F%3Futm_source%3Ddatawork%26utm_medium%3Ddem%26utm_content%3Dmercedes%26utm_campaign%3Dglc-gla&rl=&if=false&ts=1663232961598&sw=1280&sh=1024&ud[external_id]=c05cbbc7207a01608d44da9dd9b51be9&v=2.9.81&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1663232961594.62517911&it=1663232960660&coo=false&rqm=GET
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=679529393154343&ev=PageView&dl=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F%3Futm_source%3Ddatawork%26utm_medium%3Ddem%26utm_content%3Dmercedes%26utm_campaign%3Dglc-gla&rl=&if=false&ts=1663232961598&sw=1280&sh=1024&ud[external_id]=c05cbbc7207a01608d44da9dd9b51be9&v=2.9.81&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1663232961594.62517911&it=1663232960660&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Thu, 15 Sep 2022 09:09:36 GMT
expires: Thu, 15 Sep 2022 09:09:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=534708731539662&ev=PageView&dl=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F%3Futm_source%3Ddatawork%26utm_medium%3Ddem%26utm_content%3Dmercedes%26utm_campaign%3Dglc-gla&rl=&if=false&ts=1663232961597&sw=1280&sh=1024&ud[external_id]=c05cbbc7207a01608d44da9dd9b51be9&v=2.9.81&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1663232961594.62517911&it=1663232960660&coo=false&rqm=GET
200 OK 86 kB URL HTTP/2 www.facebook.com/tr/?id=534708731539662&ev=PageView&dl=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F%3Futm_source%3Ddatawork%26utm_medium%3Ddem%26utm_content%3Dmercedes%26utm_campaign%3Dglc-gla&rl=&if=false&ts=1663232961597&sw=1280&sh=1024&ud[external_id]=c05cbbc7207a01608d44da9dd9b51be9&v=2.9.81&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1663232961594.62517911&it=1663232960660&coo=false&rqm=GET
IP
File type gzip compressed data, from Unix\012- data
Hash e466311a29b28468f68fbf3c0c030788
df16ebe7998efffabc184257a1613cbdc7653a65
75ccf186d07c52f62e79f126247df6d84f10d87c168b317daf7d857434ecd7dd
GET /tr/?id=534708731539662&ev=PageView&dl=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F%3Futm_source%3Ddatawork%26utm_medium%3Ddem%26utm_content%3Dmercedes%26utm_campaign%3Dglc-gla&rl=&if=false&ts=1663232961597&sw=1280&sh=1024&ud[external_id]=c05cbbc7207a01608d44da9dd9b51be9&v=2.9.81&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1663232961594.62517911&it=1663232960660&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Thu, 15 Sep 2022 09:09:36 GMT
expires: Thu, 15 Sep 2022 09:09:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=942639266354086&ev=PageView&dl=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F%3Futm_source%3Ddatawork%26utm_medium%3Ddem%26utm_content%3Dmercedes%26utm_campaign%3Dglc-gla&rl=&if=false&ts=1663232961601&sw=1280&sh=1024&ud[external_id]=c05cbbc7207a01608d44da9dd9b51be9&v=2.9.81&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1663232961594.62517911&it=1663232960660&coo=false&rqm=GET
200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=942639266354086&ev=PageView&dl=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F%3Futm_source%3Ddatawork%26utm_medium%3Ddem%26utm_content%3Dmercedes%26utm_campaign%3Dglc-gla&rl=&if=false&ts=1663232961601&sw=1280&sh=1024&ud[external_id]=c05cbbc7207a01608d44da9dd9b51be9&v=2.9.81&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1663232961594.62517911&it=1663232960660&coo=false&rqm=GET
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=942639266354086&ev=PageView&dl=https%3A%2F%2Fwww.ginospa.com%2Fbusiness-ncc%2Fmercedes-classe-a-business-e-ncc%2Fnuovo-mercedes-glc%2F%3Futm_source%3Ddatawork%26utm_medium%3Ddem%26utm_content%3Dmercedes%26utm_campaign%3Dglc-gla&rl=&if=false&ts=1663232961601&sw=1280&sh=1024&ud[external_id]=c05cbbc7207a01608d44da9dd9b51be9&v=2.9.81&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1663232961594.62517911&it=1663232960660&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Thu, 15 Sep 2022 09:09:36 GMT
expires: Thu, 15 Sep 2022 09:09:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
200 OK 35 B URL HTTP/2 forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1 HTTP/1.1
Host: forms-eu1.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:36 GMT
content-type: image/gif
content-length: 35
x-trace: 2B91301B38CA1E844EA409E51C4CB4E9415FB7BE6E000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: Accept-Encoding
x-hubspot-correlation-id: 245f7cfb-eaf8-4a0f-9d75-b95dac9f6681
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74b039788f289927-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
forms-eu1.hubspot.com/collected-forms/v1/config/json?portalId=25303312&utk=
200 OK 102 B URL HTTP/2 forms-eu1.hubspot.com/collected-forms/v1/config/json?portalId=25303312&utk=
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 874204be6ae7da82dbf23c05c882adfb
0a584d737b23de6bbe2a83ce5a93c5b47e541183
347851242833a61f2b05e38771ba993534e7bb6a9ce7c88bb05331bdd6eb6740
GET /collected-forms/v1/config/json?portalId=25303312&utk= HTTP/1.1
Host: forms-eu1.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ginospa.com
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:35 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding
x-hubspot-correlation-id: 9b30fe26-54fe-47e4-ac6a-cdf73661bddf
access-control-allow-credentials: false
access-control-allow-origin: https://www.ginospa.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: *
access-control-max-age: 180
x-robots-tag: none
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=pDj3BNE7YujMf7aF8NH4piuGZEWG.UdTDtdTY79PxJg-1663232975-0-Aaei7aOkaVu5/Zm/os2t/tY8S1QPQeIo69122oV7zA5avzMG6Fvjft3DH52akIoveYcOsgIA4ATqrdW7GbU1Pvk=; path=/; expires=Thu, 15-Sep-22 09:39:35 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8jEWu9ZG7k%2FQZj8dqhsEV1YroE2FMuFtBlm%2FlNsPkynp7fjD82DCrDqyXCDImI5xfnxquq6fCNxnM5T2zajj9Yj%2FAIPtj5ldm82IAZBsM8zvYkqSdontZV%2FHzUGBduDem2RIY3DZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74b039715bed95f4-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
web.webpushs.com/dist/css/push/sendpulse-prompt.min.css?v=151665792000000
200 OK 20 kB URL HTTP/2 web.webpushs.com/dist/css/push/sendpulse-prompt.min.css?v=151665792000000
IP
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (48752), with no line terminators
Hash b15aa6dd7e5b361cca526920cb167171
959a2ff58a34e6b618540bb0cc6f0230171897a9
ddca0934c8e17b24f539158a3c939892ad4cff91adfc632672fcc3519accac26
GET /dist/css/push/sendpulse-prompt.min.css?v=151665792000000 HTTP/1.1
Host: web.webpushs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:38 GMT
content-type: text/css
last-modified: Tue, 08 Feb 2022 10:04:32 GMT
etag: W/"be70-5d77ed7f447b8"
vary: Accept-Encoding, Accept-Encoding,User-Agent
access-control-allow-origin: *
x-sp-ma: sp-ma-2
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-sp-pr: lpr7
x-accel-expires: @1664236948
server: CDN77-Turbo
x-77-nzt: AblMCQ3yxML/PoAAAA
x-77-nzt-ray: 5hIgoYUXP5Q
x-cache: HIT
x-age: 32830
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
livechat.ekonsilio.io/style/62aafac19f7bd30007c30e7d?origin=https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
200 OK 0 B URL HTTP/2 livechat.ekonsilio.io/style/62aafac19f7bd30007c30e7d?origin=https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
IP
GET /style/62aafac19f7bd30007c30e7d?origin=https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla HTTP/1.1
Host: livechat.ekonsilio.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ginospa.com
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Thu, 15 Sep 2022 09:09:32 GMT
x-request-id: f4478240-aaf2-435c-b6b9-0ce7cd35405c
cache-control: public, max-age=10, must-revalidate
vary: Accept-Encoding
access-control-allow-origin: *
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oGfl_k0HZLEWBcBTI4MXstdEmqN6d93u2odu1dH3Szflb8_TYpPaZg==
X-Firefox-Spdy: h2
www.ginospa.com/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6
200 OK 0 B URL HTTP/2 www.ginospa.com/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6
IP
GET /wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6 HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: application/javascript
last-modified: Sun, 19 Dec 2021 23:13:20 GMT
vary: Accept-Encoding
etag: W/"61bfbc90-609e"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.ginospa.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
200 OK 0 B URL HTTP/2 www.ginospa.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 06:36:37 GMT
vary: Accept-Encoding
etag: W/"628f1ff5-27ee"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.ginospa.com/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
200 OK 0 B URL HTTP/2 www.ginospa.com/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
IP
GET /wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5 HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 06:36:37 GMT
vary: Accept-Encoding
etag: W/"628f1ff5-9cc"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.ginospa.com/wp-content/plugins/blu_veicoli_frontend/bollini.css?ver=1649062018
200 OK 0 B URL HTTP/2 www.ginospa.com/wp-content/plugins/blu_veicoli_frontend/bollini.css?ver=1649062018
IP
GET /wp-content/plugins/blu_veicoli_frontend/bollini.css?ver=1649062018 HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: text/css
last-modified: Mon, 04 Apr 2022 08:46:58 GMT
vary: Accept-Encoding
etag: W/"624ab082-e9b"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
js-eu1.hs-analytics.net/analytics/1663232700000/25303312.js
200 OK 0 B URL HTTP/2 js-eu1.hs-analytics.net/analytics/1663232700000/25303312.js
IP
GET /analytics/1663232700000/25303312.js HTTP/1.1
Host: js-eu1.hs-analytics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:35 GMT
content-type: text/javascript
x-amz-id-2: RSNh72KjW6wiPaj6Jl0TwHdSD6jThZAMr+CHOaughm3mQiACc9woN6vNHmVuIh2CvjN2gkdGGKk=
x-amz-request-id: RV9V88W2KQJ62MY0
last-modified: Wed, 31 Aug 2022 11:59:34 GMT
etag: W/"48b6d45c24a0f0f421ab7b5d686f90ad"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
access-control-allow-credentials: false
expires: Thu, 15 Sep 2022 09:14:35 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b0396f5dbb990f-ARN
content-encoding: br
X-Firefox-Spdy: h2
www.ginospa.com/wp-content/themes/ginospa2016/dist/scripts/main-dbd2cb6090.js
200 OK 0 B URL HTTP/2 www.ginospa.com/wp-content/themes/ginospa2016/dist/scripts/main-dbd2cb6090.js
IP
GET /wp-content/themes/ginospa2016/dist/scripts/main-dbd2cb6090.js HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: application/javascript
last-modified: Tue, 06 Sep 2022 15:53:59 GMT
vary: Accept-Encoding
etag: W/"63176d17-1598b"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.ginospa.com/wp-content/plugins/easy-swipebox/public/js/jquery.init.js?ver=1.1.2
200 OK 0 B URL HTTP/2 www.ginospa.com/wp-content/plugins/easy-swipebox/public/js/jquery.init.js?ver=1.1.2
IP
GET /wp-content/plugins/easy-swipebox/public/js/jquery.init.js?ver=1.1.2 HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: application/javascript
last-modified: Mon, 08 Mar 2021 08:30:12 GMT
vary: Accept-Encoding
etag: W/"6045e094-91b"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.ginospa.com/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff
200 OK 0 B URL HTTP/2 www.ginospa.com/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff
IP
GET /wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 06:36:37 GMT
vary: Accept-Encoding
etag: W/"628f1ff5-1f2"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.linkclickcounter.com/url_redirect.php?c=3WmR4vk
302 Found 0 B URL HTTP/2 www.linkclickcounter.com/url_redirect.php?c=3WmR4vk
IP
GET /url_redirect.php?c=3WmR4vk HTTP/1.1
Host: www.linkclickcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 15 Sep 2022 09:09:31 GMT
content-type: text/html; charset=UTF-8
location: http://inmu.wicapaha-ogle.com/aff_c?offer_id=1802&aff_id=1753&source=5234&aff_sub5=56916&file_id=13320&url_id=13386
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dm6%2B%2BmvtvYDzXRjxLxH2osGFQSAVWM2mzq2MYCQscijeO%2FQmCAeZIbd5qapyYSy8XmsyxnElQNfWRJu%2F7COGuTMZKSPvly0E3p4E82O1HZ4nDSxZoS8R2cjhqHzE3JbkkR9pr9Y6hvAeY4c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74b03954efbab505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.ginospa.com/wp-content/themes/ginospa2016/dist/fonts/icomoon.ttf?lrrxmo
200 OK 0 B URL HTTP/2 www.ginospa.com/wp-content/themes/ginospa2016/dist/fonts/icomoon.ttf?lrrxmo
IP
GET /wp-content/themes/ginospa2016/dist/fonts/icomoon.ttf?lrrxmo HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/wp-content/themes/ginospa2016/dist/styles/main-a11350d929.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: application/x-font-ttf
last-modified: Tue, 06 Sep 2022 15:53:59 GMT
vary: Accept-Encoding
etag: W/"63176d17-2414"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
livechat.ekonsilio.io/language/62aafac19f7bd30007c30e7d
200 OK 0 B URL HTTP/2 livechat.ekonsilio.io/language/62aafac19f7bd30007c30e7d
IP
GET /language/62aafac19f7bd30007c30e7d HTTP/1.1
Host: livechat.ekonsilio.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ginospa.com/
Origin: https://www.ginospa.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Thu, 15 Sep 2022 09:09:27 GMT
x-request-id: 8d75974a-a0ec-4b26-84af-4aae0ba86c8e
cache-control: public, max-age=10, must-revalidate
vary: Accept-Encoding
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HdbHdG2gLry5R2TjFEYolScO2TcP1ctjSMbxR0xmHbStw2JeosXxgA==
age: 6
X-Firefox-Spdy: h2
api.livechat.ekonsilio.io/integration/62aafac19f7bd30007c30e7d/operator
200 OK 0 B URL HTTP/2 api.livechat.ekonsilio.io/integration/62aafac19f7bd30007c30e7d/operator
IP
GET /integration/62aafac19f7bd30007c30e7d/operator HTTP/1.1
Host: api.livechat.ekonsilio.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ginospa.com
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:34 GMT
content-type: application/json; charset=utf-8
x-request-id: 4e919e0b-bebb-41c4-b59e-76945ac4d87d
access-control-allow-origin: https://www.ginospa.com
vary: Origin, Accept-Encoding
access-control-expose-headers:
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-max-age: 3600
X-Firefox-Spdy: h2
js-eu1.hscollectedforms.net/collectedforms.js
200 OK 0 B URL HTTP/2 js-eu1.hscollectedforms.net/collectedforms.js
IP
GET /collectedforms.js HTTP/1.1
Host: js-eu1.hscollectedforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ginospa.com
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:34 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
etag: W/"7a468b833be86c01bc8dfd455308f792"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: RefreshHit from cloudfront
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: ZLT9hYB7HCxi8kCU9YCfsxB7Feujp8eP8U70jtFqN57xn_qlDUvLkQ==
cache-control: s-maxage=86400, max-age=0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=74ab129b492e10ef-FRA
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js
x-hs-cache-status: MISS
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 54018
server: cloudflare
cf-ray: 74b03969db0f9906-ARN
content-encoding: br
X-Firefox-Spdy: h2
www.ginospa.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
200 OK 0 B URL HTTP/2 www.ginospa.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 06:36:37 GMT
vary: Accept-Encoding
etag: W/"628f1ff5-4ac6"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.ginospa.com/sp-push-worker-fb.js
200 OK 0 B URL HTTP/2 www.ginospa.com/sp-push-worker-fb.js
IP
GET /sp-push-worker-fb.js HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: didomi_token=eyJ1c2VyX2lkIjoiMTgzNDA2OGQtZGI4ZS02OWNkLWIxOGQtYTE3OWI5YjM1ZmQzIiwiY3JlYXRlZCI6IjIwMjItMDktMTVUMDk6MDk6MTcuOTQ1WiIsInVwZGF0ZWQiOiIyMDIyLTA5LTE1VDA5OjA5OjE3Ljk0NVoiLCJ2ZXJzaW9uIjpudWxsfQ==; _ga=GA1.2.1861397205.1663232959; _gid=GA1.2.708035365.1663232959; _gat_UA-23716524-1=1; __hstc=115355353.c05cbbc7207a01608d44da9dd9b51be9.1663232960442.1663232960442.1663232960442.1; hubspotutk=c05cbbc7207a01608d44da9dd9b51be9; __hssrc=1; __hssc=115355353.1.1663232960442; _fbp=fb.1.1663232961594.62517911
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:38 GMT
content-type: application/javascript
last-modified: Mon, 17 Jun 2019 15:13:46 GMT
vary: Accept-Encoding
etag: W/"5d07ae2a-49"
expires: Fri, 15 Sep 2023 09:09:38 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
js-eu1.hs-scripts.com/25303312.js?integration=WordPress&ver=8.11.161
200 OK 0 B URL HTTP/2 js-eu1.hs-scripts.com/25303312.js?integration=WordPress&ver=8.11.161
IP
GET /25303312.js?integration=WordPress&ver=8.11.161 HTTP/1.1
Host: js-eu1.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:33 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B2B6C97B0F955B45499D5CD23A55BB0E235C8F91B000000000000000000
cache-control: public, max-age=30
vary: Accept-Encoding
x-hubspot-correlation-id: d4004bd8-5171-4b55-b2bd-9abd58d66a39
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://www.ginospa.com
cf-cache-status: EXPIRED
last-modified: Thu, 15 Sep 2022 08:45:17 GMT
server: cloudflare
cf-ray: 74b03962bc8b9933-ARN
content-encoding: br
X-Firefox-Spdy: h2
www.ginospa.com/wp-content/plugins/easy-swipebox/public/js/jquery.swipebox.min.js?ver=1.1.2
200 OK 0 B URL HTTP/2 www.ginospa.com/wp-content/plugins/easy-swipebox/public/js/jquery.swipebox.min.js?ver=1.1.2
IP
GET /wp-content/plugins/easy-swipebox/public/js/jquery.swipebox.min.js?ver=1.1.2 HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: application/javascript
last-modified: Mon, 08 Mar 2021 08:30:12 GMT
vary: Accept-Encoding
etag: W/"6045e094-3342"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=25303312
200 OK 0 B URL HTTP/2 api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=25303312
IP
GET /hs-script-loader-public/v1/config/pixel/json?portalId=25303312 HTTP/1.1
Host: api-eu1.hubapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ginospa.com
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:34 GMT
content-type: application/json;charset=utf-8
x-trace: 2B6687690BA576A059EBEC463A08BCD4DDE58AF2FB000000000000000000
vary: Accept-Encoding
x-hubspot-correlation-id: fede451e-1b73-45c8-9cd6-8c4b5b782aae
access-control-allow-credentials: false
access-control-allow-origin: https://www.ginospa.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: *
access-control-max-age: 180
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PU0rO9Km8Yr3KHf2OPs26sOLs407HMBlnt7T%2BGik4s2VwRGh%2BhxoMo%2Fghz%2FZCwOr1KQiHGkMQakNNmr3FvGEbNefK0BKlVVIAKkhoVjDEDeQOd%2FxB5H9%2Fo%2FcpIVS381T%2FswZWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74b0396a9919fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sdk.privacy-center.org/ui-gdpr-it.6222d536829fa1b71933e82be9a47937fca53799.js
200 OK 0 B URL HTTP/2 sdk.privacy-center.org/ui-gdpr-it.6222d536829fa1b71933e82be9a47937fca53799.js
IP
GET /ui-gdpr-it.6222d536829fa1b71933e82be9a47937fca53799.js HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 13 Sep 2022 11:20:56 GMT
last-modified: Tue, 13 Sep 2022 11:04:32 GMT
etag: W/"04ff005ff149d069bf8e995c31c51126"
x-amz-server-side-encryption: AES256
x-amz-meta-s3cmd-attrs: atime:1663066776/ctime:1663066776/gid:0/gname:root/md5:04ff005ff149d069bf8e995c31c51126/mode:33188/mtime:1663066776/uid:0/uname:root
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hFwD9OnHfFMc083DEBLFf1Rt-IeIo8O8VBDNmacpLKPthUsiw6ItEg==
age: 164917
X-Firefox-Spdy: h2
api.livechat.ekonsilio.io/integration/62aafac19f7bd30007c30e7d/behaviors
200 OK 0 B URL HTTP/2 api.livechat.ekonsilio.io/integration/62aafac19f7bd30007c30e7d/behaviors
IP
GET /integration/62aafac19f7bd30007c30e7d/behaviors HTTP/1.1
Host: api.livechat.ekonsilio.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ginospa.com
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:34 GMT
content-type: application/json; charset=utf-8
x-request-id: c0902cd8-d92d-4f76-a99e-45ba83a9440d
access-control-allow-origin: https://www.ginospa.com
vary: Origin, Accept-Encoding
access-control-expose-headers:
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-max-age: 3600
content-encoding: gzip
X-Firefox-Spdy: h2
www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
200 OK 0 B URL HTTP/2 www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
IP
GET /business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-cache-enabled: True
link: <https://www.ginospa.com/wp-json/>; rel="https://api.w.org/", <https://www.ginospa.com/wp-json/wp/v2/pages/38702>; rel="alternate"; type="application/json", <https://www.ginospa.com/?p=38702>; rel=shortlink
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.ginospa.com/wp-content/themes/ginospa2016/dist/styles/main-a11350d929.css
200 OK 0 B URL HTTP/2 www.ginospa.com/wp-content/themes/ginospa2016/dist/styles/main-a11350d929.css
IP
GET /wp-content/themes/ginospa2016/dist/styles/main-a11350d929.css HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: text/css
last-modified: Tue, 06 Sep 2022 15:53:57 GMT
vary: Accept-Encoding
etag: W/"63176d15-c6136"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.ginospa.com/wp-content/uploads/2022/07/1600-1-940x627.png
200 OK 0 B URL HTTP/2 www.ginospa.com/wp-content/uploads/2022/07/1600-1-940x627.png
IP
GET /wp-content/uploads/2022/07/1600-1-940x627.png HTTP/1.1
Host: www.ginospa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/business-ncc/mercedes-classe-a-business-e-ncc/nuovo-mercedes-glc/?utm_source=datawork&utm_medium=dem&utm_content=mercedes&utm_campaign=glc-gla
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: image/png
content-length: 775396
last-modified: Fri, 15 Jul 2022 10:30:29 GMT
etag: "62d141c5-bd4e4"
expires: Fri, 15 Sep 2023 09:09:32 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
a.omappapi.com/app/js/api.min.css
200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/api.min.css
IP
ASN #34989 ServeTheWorld AS
GET /app/js/api.min.css HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ginospa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 09:09:32 GMT
content-type: text/css
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"fdfc47d7f4872c3530f2516e9f42a6ed"
last-modified: Mon, 12 Sep 2022 17:13:35 GMT
perma-cache: MISS
x-amz-id-2: Do8mk0MqaxfDBFGdXoCdlY0ZjjAhZcFhCKAtOU7+WP8jqTExBX+xVN/mSbJtHfj1sPLUhOoTWlk=
x-amz-request-id: DFBHR18CVVGEK7SV
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 17:08:47
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 653a3876bb15f7cf412cc8dd86265d75
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
217.160.0.221
104.17.24.14
172.65.240.166
23.36.76.121
185.76.9.18
54.74.34.137
178.255.74.104
93.184.220.29
35.214.203.203
135.125.83.16