kroffers.it/snd/IT---.html
94.23.64.4200 OK 1.2 kB URL HTTP/1.1 kroffers.it/snd/IT---.html
IP 94.23.64.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (472)
Hash f4a0490e169917a951cb112030836a96
6d38c75a69516659905e86dbe6e59647af80dfda
358cdd678501d0704b17ff3ff69a886bdef1efb36c97ff45f36ebf6bfa479fb1
GET /snd/IT---.html HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:33 GMT
content-type: text/html
content-length: 1191
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:5F5E_5E174004:0050_63170169_1FF4:2B106
x-iplb-instance: 31974
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 08:04:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WuMwYcfcKjIfD-XQNAIweGtq_diANztL5g5wGkSe5pOhmtT2x-vRcg==
Age: 617
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12758
Expires: Tue, 06 Sep 2022 11:47:12 GMT
Date: Tue, 06 Sep 2022 08:14:34 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9RwtGJmK3hX-tc5oAJ6XJH4kO2KsBGXu4BCNNOGaUw8jU0mYTV1mBg==
age: 25157
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e496a4ae2f2470f7ba64aeb3b41d6e6
9dc184be61beecbeac392be25cb2d4e0ced8d440
778bb7b7218fa885f5a65ae5d9cd8f872239d549838eef8c9c31fc4033cc6848
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "778BB7B7218FA885F5A65AE5D9CD8F872239D549838EEF8C9C31FC4033CC6848"
Last-Modified: Sun, 04 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14016
Expires: Tue, 06 Sep 2022 12:08:10 GMT
Date: Tue, 06 Sep 2022 08:14:34 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e496a4ae2f2470f7ba64aeb3b41d6e6
9dc184be61beecbeac392be25cb2d4e0ced8d440
778bb7b7218fa885f5a65ae5d9cd8f872239d549838eef8c9c31fc4033cc6848
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "778BB7B7218FA885F5A65AE5D9CD8F872239D549838EEF8C9C31FC4033CC6848"
Last-Modified: Sun, 04 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14016
Expires: Tue, 06 Sep 2022 12:08:10 GMT
Date: Tue, 06 Sep 2022 08:14:34 GMT
Connection: keep-alive
kroffers.it/favicon.ico
94.23.64.4404 Not Found 196 B IP 94.23.64.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /favicon.ico HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/snd/IT---.html
HTTP/1.1 404 Not Found
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: text/html; charset=iso-8859-1
content-length: 196
server: Apache
x-iplb-request-id: 5B5A2A9A:5F5E_5E174004:0050_63170169_1FF7:2B106
x-iplb-instance: 31974
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e496a4ae2f2470f7ba64aeb3b41d6e6
9dc184be61beecbeac392be25cb2d4e0ced8d440
778bb7b7218fa885f5a65ae5d9cd8f872239d549838eef8c9c31fc4033cc6848
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "778BB7B7218FA885F5A65AE5D9CD8F872239D549838EEF8C9C31FC4033CC6848"
Last-Modified: Sun, 04 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14016
Expires: Tue, 06 Sep 2022 12:08:10 GMT
Date: Tue, 06 Sep 2022 08:14:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e496a4ae2f2470f7ba64aeb3b41d6e6
9dc184be61beecbeac392be25cb2d4e0ced8d440
778bb7b7218fa885f5a65ae5d9cd8f872239d549838eef8c9c31fc4033cc6848
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "778BB7B7218FA885F5A65AE5D9CD8F872239D549838EEF8C9C31FC4033CC6848"
Last-Modified: Sun, 04 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14016
Expires: Tue, 06 Sep 2022 12:08:10 GMT
Date: Tue, 06 Sep 2022 08:14:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e496a4ae2f2470f7ba64aeb3b41d6e6
9dc184be61beecbeac392be25cb2d4e0ced8d440
778bb7b7218fa885f5a65ae5d9cd8f872239d549838eef8c9c31fc4033cc6848
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "778BB7B7218FA885F5A65AE5D9CD8F872239D549838EEF8C9C31FC4033CC6848"
Last-Modified: Sun, 04 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14016
Expires: Tue, 06 Sep 2022 12:08:10 GMT
Date: Tue, 06 Sep 2022 08:14:34 GMT
Connection: keep-alive
kroffers.it/campaign/ToyotaGammaNLSettYarisHybGR.html
94.23.64.4200 OK 6.1 kB URL HTTP/1.1 kroffers.it/campaign/ToyotaGammaNLSettYarisHybGR.html
IP 94.23.64.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1211)
Hash 89a72dc94d4486e4c95863a6e4d237af
0aa4f554ea49286c5344bcdf882c2c226f4003dc
c27a2c97c010dc42ebfcbea622080ec3c4475f2917ce33eafe2ba0ed0e0f1295
GET /campaign/ToyotaGammaNLSettYarisHybGR.html HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: text/html
content-length: 6093
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:5F5E_5E174004:0050_6317016A_2006:2B106
x-iplb-instance: 31974
kroffers.it/campaign/eBayPromoPeAcpcRD/eBay_Promo_P&A_LugSet22_Krumbo_Marketing_LTD-Krumbo_Marketing.html
94.23.64.4200 OK 4.0 kB URL HTTP/1.1 kroffers.it/campaign/eBayPromoPeAcpcRD/eBay_Promo_P&A_LugSet22_Krumbo_Marketing_LTD-Krumbo_Marketing.html
IP 94.23.64.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (571)
Hash 53fbce0a2d6f8e03235869d432134e21
2eaf9e4fc2f7989ecbde83a34119d660a8b8deac
782159beec3968fd512b47ee1f52d7996eaafb0bc53ba4f7ab43fdb8b750ff4b
GET /campaign/eBayPromoPeAcpcRD/eBay_Promo_P&A_LugSet22_Krumbo_Marketing_LTD-Krumbo_Marketing.html HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: text/html
content-length: 4027
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:921C_5E174004:0050_6317016A_8EDE:33D0
x-iplb-instance: 31956
kroffers.it/campaign/Lexus%20CPM%20G3%20Iva%20Settembre%202022_UX_IVARD/Lexus_CPM_G3_Iva_Settembre_2022__Krumbo_Marketing_LTD-Krumbo_Marketing.html
94.23.64.4200 OK 778 B URL HTTP/1.1 kroffers.it/campaign/Lexus%20CPM%20G3%20Iva%20Settembre%202022_UX_IVARD/Lexus_CPM_G3_Iva_Settembre_2022__Krumbo_Marketing_LTD-Krumbo_Marketing.html
IP 94.23.64.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (322)
Hash 834a096deacb9239059a2a57a04c0efd
1c0f0063b5022e5ef2063ae4ef00003f2b21d316
b8db7974957f73918347e8b76b0650a6f03e628bbdf69ad64b5368952b8534d6
GET /campaign/Lexus%20CPM%20G3%20Iva%20Settembre%202022_UX_IVARD/Lexus_CPM_G3_Iva_Settembre_2022__Krumbo_Marketing_LTD-Krumbo_Marketing.html HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: text/html
content-length: 778
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:F2BD_5E174004:0050_6317016A_405F:19DAE
x-iplb-instance: 32001
kroffers.it/campaign/ALDcpcP.html
94.23.64.4200 OK 1.7 kB URL HTTP/1.1 kroffers.it/campaign/ALDcpcP.html
IP 94.23.64.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (645)
Hash 3ca524d0666570449edc0844635d0a71
632ee945d5057f1dcb8d3070d2771212000ea156
1dd41b6a889dff416037ab88f5d6bb7a3fd60fc409e4a2c7c85a8e393219ea5b
GET /campaign/ALDcpcP.html HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: text/html
content-length: 1678
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:595C_5E174004:0050_6317016A_119F:5369
x-iplb-instance: 31947
kroffers.it/campaign/FCAMoparRD/Fca_Mopar_CPL_Settembre_2022_Krumbo_Marketing_LTD-Krumbo_Marketing.html
94.23.64.4200 OK 2.2 kB URL HTTP/1.1 kroffers.it/campaign/FCAMoparRD/Fca_Mopar_CPL_Settembre_2022_Krumbo_Marketing_LTD-Krumbo_Marketing.html
IP 94.23.64.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1253)
Hash 46017110db1a939b653292f227edc4f1
70206f050d7a11d4fdd94c8321cf5428fd30d490
cd127a67aebef1faabdaeb4bc0013f8fbf58eefc7db1ef164b42c04027f96d72
GET /campaign/FCAMoparRD/Fca_Mopar_CPL_Settembre_2022_Krumbo_Marketing_LTD-Krumbo_Marketing.html HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: text/html
content-length: 2177
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:76AC_5E174004:0050_6317016A_3821:2B107
x-iplb-instance: 31974
kroffers.it/campaign/LexusGammaNLNXSettembreRD.html
94.23.64.4200 OK 6.2 kB URL HTTP/1.1 kroffers.it/campaign/LexusGammaNLNXSettembreRD.html
IP 94.23.64.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1211)
Hash 2c9128d0acb620231331d2300a89f95f
fab1a73427efc67bd0a3b348a9f3fa1a9cd44741
d13061537fba5a01fe15e8366958015a230c4bcca30d2c463e2f6ed253b20f1b
GET /campaign/LexusGammaNLNXSettembreRD.html HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: text/html
content-length: 6209
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:DA48_5E174004:0050_6317016A_52A4:F907
x-iplb-instance: 31965
kroffers.it/campaign/300x250NLGammaYairsHybGRSet.jpg
94.23.64.4200 OK 30 kB URL HTTP/1.1 kroffers.it/campaign/300x250NLGammaYairsHybGRSet.jpg
IP 94.23.64.4:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 300x250, components 3\012- data
Hash e6d9214687e63212652df8df41575846
d8cdb3be9062fdb29887edd56de66bb1d233158f
8721829a481aa66bf9ca9f6815b6b8c7be4950c10d192419c905619823a4c5c8
GET /campaign/300x250NLGammaYairsHybGRSet.jpg HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/ToyotaGammaNLSettYarisHybGR.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/jpeg
content-length: 30359
server: Apache
last-modified: Fri, 02 Sep 2022 12:35:41 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:5F5E_5E174004:0050_6317016A_200D:2B106
x-iplb-instance: 31974
kroffers.it/campaign/eBayPromoPeAcpcRD/0_DEM_Refine_PandA_Logo_01.jpg
94.23.64.4200 OK 8.2 kB URL HTTP/1.1 kroffers.it/campaign/eBayPromoPeAcpcRD/0_DEM_Refine_PandA_Logo_01.jpg
IP 94.23.64.4:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x132, components 3\012- data
Hash e527afb19dba63dac34ec517a9418658
0e930f59c9780bce9cd3748111659572deaeb60c
6dc4b8b07c5ee280aedab45af8f58832d1aa403d5ba65571008eb2d970a9e82d
GET /campaign/eBayPromoPeAcpcRD/0_DEM_Refine_PandA_Logo_01.jpg HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/eBayPromoPeAcpcRD/eBay_Promo_P&A_LugSet22_Krumbo_Marketing_LTD-Krumbo_Marketing.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/jpeg
content-length: 8201
server: Apache
last-modified: Thu, 01 Sep 2022 07:26:19 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:DA48_5E174004:0050_6317016A_52A5:F907
x-iplb-instance: 31965
kroffers.it/campaign/eBayPromoPeAcpcRD/0_DEM_Refine_PandA_Logo_02.jpg
94.23.64.4200 OK 2.1 kB URL HTTP/1.1 kroffers.it/campaign/eBayPromoPeAcpcRD/0_DEM_Refine_PandA_Logo_02.jpg
IP 94.23.64.4:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x132, components 3\012- data
Hash ca7b953b7de7e45eabe3ef7b3f0930dc
243b3ecb41ed956011295eefa864078fc220cfee
c95576776676e1eaf9e5b70e34b7553280e5bfa06e5822ccff7b556e9edd1dec
GET /campaign/eBayPromoPeAcpcRD/0_DEM_Refine_PandA_Logo_02.jpg HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/eBayPromoPeAcpcRD/eBay_Promo_P&A_LugSet22_Krumbo_Marketing_LTD-Krumbo_Marketing.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/jpeg
content-length: 2065
server: Apache
last-modified: Thu, 01 Sep 2022 07:26:19 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:76AC_5E174004:0050_6317016A_3822:2B107
x-iplb-instance: 31974
kroffers.it/campaign/eBayPromoPeAcpcRD/Header_D_1200_03.jpg
94.23.64.4200 OK 33 kB URL HTTP/1.1 kroffers.it/campaign/eBayPromoPeAcpcRD/Header_D_1200_03.jpg
IP 94.23.64.4:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 270x600, components 3\012- data
Hash 28547f9539646b7cf2c9c86acfeb94aa
4af0ff2af9ea5bbb765a1020f5f6d68950071558
248a46e1272d20706600cd4009f89d42d51f9d8587c6d063872ffe5733d4fcb5
GET /campaign/eBayPromoPeAcpcRD/Header_D_1200_03.jpg HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/eBayPromoPeAcpcRD/eBay_Promo_P&A_LugSet22_Krumbo_Marketing_LTD-Krumbo_Marketing.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/jpeg
content-length: 33335
server: Apache
last-modified: Thu, 01 Sep 2022 07:26:17 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:5F5E_5E174004:0050_6317016A_200E:2B106
x-iplb-instance: 31974
rdl.altervista.org/wp-content/Newsletter/BMW%20ITALY%201272-1%20RDL%20-R.html
136.243.138.245200 OK 3.8 kB URL HTTP/1.1 rdl.altervista.org/wp-content/Newsletter/BMW%20ITALY%201272-1%20RDL%20-R.html
IP 136.243.138.245:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1344)
Hash ac080dde540652cab6528777dda1364d
182dc5a8e278272e6a6b4d701788bb605350e98d
2accefcc13747b333f4d572f95c499e376df218a61ab33f2197c21f0acc77972
GET /wp-content/Newsletter/BMW%20ITALY%201272-1%20RDL%20-R.html HTTP/1.1
Host: rdl.altervista.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 08:14:34 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 10:11:33 GMT
ETag: "456b-5e7aef45d8f2b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3786
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: text/html
kroffers.it/campaign/eBayPromoPeAcpcRD/0_DEM_Refine_PandA_DownloadAPP_GooglePlay.png
94.23.64.4200 OK 5.1 kB URL HTTP/1.1 kroffers.it/campaign/eBayPromoPeAcpcRD/0_DEM_Refine_PandA_DownloadAPP_GooglePlay.png
IP 94.23.64.4:0
File type PNG image data, 224 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash aafc5d27ddfee384f15129d716726cc7
9800ca4d2d1c8b2ae0957f141b89bf0277e467e5
0520163be2bd936ada473c72ecbf67a39b62d1133836ee8931353f9910d3fdd5
GET /campaign/eBayPromoPeAcpcRD/0_DEM_Refine_PandA_DownloadAPP_GooglePlay.png HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/eBayPromoPeAcpcRD/eBay_Promo_P&A_LugSet22_Krumbo_Marketing_LTD-Krumbo_Marketing.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/png
content-length: 5114
server: Apache
last-modified: Thu, 01 Sep 2022 07:26:19 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:DA48_5E174004:0050_6317016A_52AA:F907
x-iplb-instance: 31965
kroffers.it/campaign/eBayPromoPeAcpcRD/Header_D_1200_01.jpg
94.23.64.4200 OK 34 kB URL HTTP/1.1 kroffers.it/campaign/eBayPromoPeAcpcRD/Header_D_1200_01.jpg
IP 94.23.64.4:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 330x600, components 3\012- data
Hash 1c3e30864bf77f18699893a581202416
71621abeab614566b0fd0cf3150de45f77de5f66
a04ea5e8d951d682dcd092b23abe9a08b4d1f281cd87945f2ba21d2b1248c3a1
GET /campaign/eBayPromoPeAcpcRD/Header_D_1200_01.jpg HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/eBayPromoPeAcpcRD/eBay_Promo_P&A_LugSet22_Krumbo_Marketing_LTD-Krumbo_Marketing.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/jpeg
content-length: 33878
server: Apache
last-modified: Thu, 01 Sep 2022 07:26:16 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:595C_5E174004:0050_6317016A_11A0:5369
x-iplb-instance: 31947
kroffers.it/campaign/eBayPromoPeAcpcRD/0_DEM_Refine_PandA_DownloadAPP_Apple.png
94.23.64.4200 OK 3.3 kB URL HTTP/1.1 kroffers.it/campaign/eBayPromoPeAcpcRD/0_DEM_Refine_PandA_DownloadAPP_Apple.png
IP 94.23.64.4:0
File type PNG image data, 224 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash c4fadcd657348ea1fa6a86917a147616
f146f897892695f8e943dc117117d7763934cc0c
1107c929a5c91510cb8c5097fa376cc1f473d89aeb214dabfe25c931d05fce35
GET /campaign/eBayPromoPeAcpcRD/0_DEM_Refine_PandA_DownloadAPP_Apple.png HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/eBayPromoPeAcpcRD/eBay_Promo_P&A_LugSet22_Krumbo_Marketing_LTD-Krumbo_Marketing.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/png
content-length: 3347
server: Apache
last-modified: Thu, 01 Sep 2022 07:26:19 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:76AC_5E174004:0050_6317016A_3828:2B107
x-iplb-instance: 31974
kroffers.it/campaign/eBayPromoPeAcpcRD/spacer.gif
94.23.64.4200 OK 43 B URL HTTP/1.1 kroffers.it/campaign/eBayPromoPeAcpcRD/spacer.gif
IP 94.23.64.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /campaign/eBayPromoPeAcpcRD/spacer.gif HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/eBayPromoPeAcpcRD/eBay_Promo_P&A_LugSet22_Krumbo_Marketing_LTD-Krumbo_Marketing.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/gif
content-length: 43
server: Apache
last-modified: Thu, 01 Sep 2022 07:26:17 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:5F5E_5E174004:0050_6317016A_2013:2B106
x-iplb-instance: 31974
href.li/?http://kroffers.it/campaign/FCAMoparRD/Fca_Mopar_CPL_Settembre_2022_Krumbo_Marketing_LTD-Krumbo_Marketing.html
192.0.78.27200 OK 310 B URL HTTP/2 href.li/?http://kroffers.it/campaign/FCAMoparRD/Fca_Mopar_CPL_Settembre_2022_Krumbo_Marketing_LTD-Krumbo_Marketing.html
IP 192.0.78.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e1e4758c1708ee693468e6a39bf773c5
616ddcab41b7e90bc7c971f45c1ad708a0cdb422
06707225ddf6260c69a624724632ececf1ad36185b4ae3f662bbc43f44030f98
GET /?http://kroffers.it/campaign/FCAMoparRD/Fca_Mopar_CPL_Settembre_2022_Krumbo_Marketing_LTD-Krumbo_Marketing.html HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca
X-Firefox-Spdy: h2
kroffers.it/campaign/FCAMoparRD/loghi.png
94.23.64.4200 OK 13 kB URL HTTP/1.1 kroffers.it/campaign/FCAMoparRD/loghi.png
IP 94.23.64.4:0
File type PNG image data, 220 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 46f0a844771f025914425ebb2019d8d6
1cdf2127b3c1090ea68ca94f296e44f6f0977dd3
fb48c2e3e285f97d0383c8d5886864781a0c1f754ebddada97b19f54f430a5e3
GET /campaign/FCAMoparRD/loghi.png HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/FCAMoparRD/Fca_Mopar_CPL_Settembre_2022_Krumbo_Marketing_LTD-Krumbo_Marketing.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/png
content-length: 13323
server: Apache
last-modified: Tue, 30 Aug 2022 13:44:25 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:DA48_5E174004:0050_6317016A_52AD:F907
x-iplb-instance: 31965
kroffers.it/campaign/FCAMoparRD/alfa.jpg
94.23.64.4200 OK 2.8 kB URL HTTP/1.1 kroffers.it/campaign/FCAMoparRD/alfa.jpg
IP 94.23.64.4:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x47, components 3\012- data
Hash fd57e839bfb48e48fb3ce2a0b7f29a58
f2111721b0ed75074d7cfec225f9c35486fa09d1
72d6086fd1836f6d8006ead2803cf7a0139b3ab361ef58c24fe27f0bedfde243
GET /campaign/FCAMoparRD/alfa.jpg HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/FCAMoparRD/Fca_Mopar_CPL_Settembre_2022_Krumbo_Marketing_LTD-Krumbo_Marketing.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/jpeg
content-length: 2752
server: Apache
last-modified: Tue, 30 Aug 2022 13:44:26 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:76AC_5E174004:0050_6317016A_382D:2B107
x-iplb-instance: 31974
kroffers.it/campaign/FCAMoparRD/fiat.jpg
94.23.64.4200 OK 1.1 kB URL HTTP/1.1 kroffers.it/campaign/FCAMoparRD/fiat.jpg
IP 94.23.64.4:0
File type JPEG image data, baseline, precision 8, 50x47, components 3\012- data
Hash 748b23319bbc84d807499402cb414500
6cf5a32c7375c86be9ff103198d85b577afb0c55
d41cde338632209f2490e889fc20160412005d114b1607bec0871331a0b95356
GET /campaign/FCAMoparRD/fiat.jpg HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/FCAMoparRD/Fca_Mopar_CPL_Settembre_2022_Krumbo_Marketing_LTD-Krumbo_Marketing.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/jpeg
content-length: 1078
server: Apache
last-modified: Tue, 30 Aug 2022 13:44:25 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:5F5E_5E174004:0050_6317016A_2014:2B106
x-iplb-instance: 31974
kroffers.it/campaign/eBayPromoPeAcpcRD/img/Header_D_600.jpg
94.23.64.4404 Not Found 196 B URL HTTP/1.1 kroffers.it/campaign/eBayPromoPeAcpcRD/img/Header_D_600.jpg
IP 94.23.64.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /campaign/eBayPromoPeAcpcRD/img/Header_D_600.jpg HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/eBayPromoPeAcpcRD/eBay_Promo_P&A_LugSet22_Krumbo_Marketing_LTD-Krumbo_Marketing.html
HTTP/1.1 404 Not Found
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: text/html; charset=iso-8859-1
content-length: 196
server: Apache
x-iplb-request-id: 5B5A2A9A:921C_5E174004:0050_6317016A_8EEC:33D0
x-iplb-instance: 31956
kroffers.it/campaign/eBayPromoPeAcpcRD/Header_D_1200_02.jpg
94.23.64.4200 OK 121 kB URL HTTP/1.1 kroffers.it/campaign/eBayPromoPeAcpcRD/Header_D_1200_02.jpg
IP 94.23.64.4:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x600, components 3\012- data
Size 121 kB (120998 bytes)
Hash 8d6d7a47221b4e63b468c1e5a065220b
cca222c32d18d32c1b36ab140100de8452a0ec55
2bd693bcdad2c2ab5b40aafcd4664032bf2b96fc30947480d99ccf34d473698f
GET /campaign/eBayPromoPeAcpcRD/Header_D_1200_02.jpg HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/eBayPromoPeAcpcRD/eBay_Promo_P&A_LugSet22_Krumbo_Marketing_LTD-Krumbo_Marketing.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/jpeg
content-length: 120998
server: Apache
last-modified: Thu, 01 Sep 2022 07:26:17 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:F2BD_5E174004:0050_6317016A_4061:19DAE
x-iplb-instance: 32001
kroffers.it/campaign/Toyota%20gamma%20Dem%20CP-01668667%20Settembre%202022%20_2_aygoxRD/Toyota_gamma_Dem_CP-01668667_Settembre_2022___2_Krumbo_Marketing_LTD-Krumbo_Marketing.html
94.23.64.4200 OK 567 B URL HTTP/1.1 kroffers.it/campaign/Toyota%20gamma%20Dem%20CP-01668667%20Settembre%202022%20_2_aygoxRD/Toyota_gamma_Dem_CP-01668667_Settembre_2022___2_Krumbo_Marketing_LTD-Krumbo_Marketing.html
IP 94.23.64.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (314)
Hash 452ae92551471b5fbca03dbaa1e4f57d
94dfadaa99120abb3024e3fc57a2b4d2e4617fa9
a64cb7a1d7b1342cf1841e7321f3eae022038df5d518fc51bc0969eaf13cf2a7
GET /campaign/Toyota%20gamma%20Dem%20CP-01668667%20Settembre%202022%20_2_aygoxRD/Toyota_gamma_Dem_CP-01668667_Settembre_2022___2_Krumbo_Marketing_LTD-Krumbo_Marketing.html HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: text/html
content-length: 567
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:76AC_5E174004:0050_6317016A_3830:2B107
x-iplb-instance: 31974
kroffers.it/campaign/FCAMoparRD/visual.jpg
94.23.64.4200 OK 236 kB URL HTTP/1.1 kroffers.it/campaign/FCAMoparRD/visual.jpg
IP 94.23.64.4:0
File type PNG image data, 550 x 230, 8-bit/color RGBA, non-interlaced\012- data
Size 236 kB (235464 bytes)
Hash 23a8fffdd6d342d9afe11e1b198920bc
22228512ba1b230a785e2e2f17bcc4bc9c24f8d5
bac377ddc6c30ceb20a78863a19656f3e3cc09c9f60718edc385edbe71b4b316
GET /campaign/FCAMoparRD/visual.jpg HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/FCAMoparRD/Fca_Mopar_CPL_Settembre_2022_Krumbo_Marketing_LTD-Krumbo_Marketing.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/jpeg
content-length: 235464
server: Apache
last-modified: Tue, 30 Aug 2022 13:44:26 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:595C_5E174004:0050_6317016A_11A1:5369
x-iplb-instance: 31947
kroffers.it/campaign/Toyota%20gamma%20Dem%20CP-01668667%20Settembre%202022%20_2_aygoxRD/DEM_550x700.jpg
94.23.64.4200 OK 119 kB URL HTTP/1.1 kroffers.it/campaign/Toyota%20gamma%20Dem%20CP-01668667%20Settembre%202022%20_2_aygoxRD/DEM_550x700.jpg
IP 94.23.64.4:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 550x700, components 3\012- data
Size 119 kB (119185 bytes)
Hash 598fa28f20279f75e00a3529ee2135a9
bfab2240fa9e8199afec47c223d35d174277d7b6
7f7335501e8101d5751c4c0baa6a27a6dbf11a160e3f4015cc05b54f3a6191ba
GET /campaign/Toyota%20gamma%20Dem%20CP-01668667%20Settembre%202022%20_2_aygoxRD/DEM_550x700.jpg HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/Toyota%20gamma%20Dem%20CP-01668667%20Settembre%202022%20_2_aygoxRD/Toyota_gamma_Dem_CP-01668667_Settembre_2022___2_Krumbo_Marketing_LTD-Krumbo_Marketing.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/jpeg
content-length: 119185
server: Apache
last-modified: Mon, 05 Sep 2022 07:39:56 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:595C_5E174004:0050_6317016A_11A2:5369
x-iplb-instance: 31947
blogdilifestyle.it/wp-content/uploads/2022/05/fabrizio-corona-ansa.jpg
104.21.16.114200 OK 50 kB URL HTTP/2 blogdilifestyle.it/wp-content/uploads/2022/05/fabrizio-corona-ansa.jpg
IP 104.21.16.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 738x462, components 3\012- data
Hash 782af46bbaafa6d2362bedf151a00409
689c8366b6baf8a95415a8bef1c864bee6abb7d7
347ad349cb427bfcce744184f8e08b2dadc9ee294acd090d00e03b1da778669e
GET /wp-content/uploads/2022/05/fabrizio-corona-ansa.jpg HTTP/1.1
Host: blogdilifestyle.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/jpeg
content-length: 50003
last-modified: Mon, 02 May 2022 08:17:43 GMT
etag: "626f93a7-c353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTKaqjpQDb2tjwLc8mMZyWS7GC81RisVBMlYquN6nJU9DLaJHW4tRc24JogUlmwaCtarVhPa5McU61hFmt80Yerj5UfFcT7qtYGInmcl0fwGc%2F2kDGdN1nI6GSCX2jfDldpvr%2Fo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7465c079dd28b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kroffers.it/campaign/FCAMoparRD/jeep.jpg
94.23.64.4200 OK 1.8 kB URL HTTP/1.1 kroffers.it/campaign/FCAMoparRD/jeep.jpg
IP 94.23.64.4:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 78x41, components 3\012- data
Hash da84ed8f908ca9abb9648062fc31a158
ff0f9739b000d8bc6f64d944a1fbe12d5865deb5
0bd307d32b0c6a17a6b4b0f0b469c43107de102125d0e21bafe4a453abac2ee6
GET /campaign/FCAMoparRD/jeep.jpg HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/FCAMoparRD/Fca_Mopar_CPL_Settembre_2022_Krumbo_Marketing_LTD-Krumbo_Marketing.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/jpeg
content-length: 1785
server: Apache
last-modified: Tue, 30 Aug 2022 13:44:25 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:F2BD_5E174004:0050_6317016A_407C:19DAE
x-iplb-instance: 32001
kroffers.it/campaign/FCAMoparRD/lancia.jpg
94.23.64.4200 OK 1.2 kB URL HTTP/1.1 kroffers.it/campaign/FCAMoparRD/lancia.jpg
IP 94.23.64.4:0
File type JPEG image data, baseline, precision 8, 49x48, components 3\012- data
Hash e1a9ccaf149ef02a92644af0be87dac1
3bc75530996282866e7cc474dba3ac8977d7ce0f
4d836f0807ba56e1f44e20d15233443857c18cd70641b044aeb297eacf832b49
GET /campaign/FCAMoparRD/lancia.jpg HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/FCAMoparRD/Fca_Mopar_CPL_Settembre_2022_Krumbo_Marketing_LTD-Krumbo_Marketing.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/jpeg
content-length: 1163
server: Apache
last-modified: Tue, 30 Aug 2022 13:44:25 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:921C_5E174004:0050_6317016A_8EEF:33D0
x-iplb-instance: 31956
href.li/?http://kroffers.it/campaign/ToyotaGammaNLSettYarisHybGR.html
192.0.78.27200 OK 221 kB URL HTTP/2 href.li/?http://kroffers.it/campaign/ToyotaGammaNLSettYarisHybGR.html
IP 192.0.78.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size 221 kB (221291 bytes)
Hash e24a91a5737f9f949fd3a62e7f47ad97
3ed15e9782c8fdb6bd4647a67a30fecdc9490fa4
c763304f885997e450a9938b32efd80068b910a3940c18f927a9f5763306810d
GET /?http://kroffers.it/campaign/ToyotaGammaNLSettYarisHybGR.html HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca
X-Firefox-Spdy: h2
kroffers.it/campaign/FCAMoparRD/logo_selenia.png
94.23.64.4200 OK 1.9 kB URL HTTP/1.1 kroffers.it/campaign/FCAMoparRD/logo_selenia.png
IP 94.23.64.4:0
File type PNG image data, 83 x 46, 8-bit colormap, non-interlaced\012- data
Hash 32bdb14c978aae687b66cc6d73fe719a
b1e5542c0c614c58cb7b128ccb14408ca0bf4bfd
ddf83e06e6cbd84ac7580c5e5b09d9ffa412f94117f0cf1fda58a5caeb312179
GET /campaign/FCAMoparRD/logo_selenia.png HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/FCAMoparRD/Fca_Mopar_CPL_Settembre_2022_Krumbo_Marketing_LTD-Krumbo_Marketing.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/png
content-length: 1868
server: Apache
last-modified: Tue, 30 Aug 2022 13:44:25 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:595C_5E174004:0050_6317016A_11A3:5369
x-iplb-instance: 31947
blogdilifestyle.it/wp-content/uploads/2022/02/vanessa-incontrada-e-laurini.jpg
104.21.16.114200 OK 46 kB URL HTTP/2 blogdilifestyle.it/wp-content/uploads/2022/02/vanessa-incontrada-e-laurini.jpg
IP 104.21.16.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3\012- data
Hash b2a94ec922f96f74a8e79b0e73f0a4fa
cb169c00dd22e7f5a7100dbc5206f65f08209d9f
25b4ed48b01d5523a4269d4590a0e7021635b262db658b313f4c0d7f2bdefd85
GET /wp-content/uploads/2022/02/vanessa-incontrada-e-laurini.jpg HTTP/1.1
Host: blogdilifestyle.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/jpeg
content-length: 45629
last-modified: Tue, 08 Feb 2022 09:33:25 GMT
etag: "620238e5-b23d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTdzdnOSTKUqiqAgC6AllyjdmVx%2F8FdSapTyU8yUuOvJNRHDjGhU48V9XuP28oWu%2BJXaPhH5O0qzfjEDMw%2FAvZY1aa7rxLBi%2BQT78R2ML7hLSu7C6d1%2FnIUm1GqtXOnaDv%2BH%2B8E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7465c079dd3bb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blogdilifestyle.it/wp-content/uploads/2022/02/vladimir-luxuria-e-mahmood.jpg
104.21.16.114200 OK 55 kB URL HTTP/2 blogdilifestyle.it/wp-content/uploads/2022/02/vladimir-luxuria-e-mahmood.jpg
IP 104.21.16.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 638x425, components 3\012- data
Hash 60196475cdc8702d6b0f4705190fa6e0
16afebcb512fc1ce60dc461f052d57d10794c271
5cc3cc5ccfe7faef211e1a6773f4f03796ed71b8e5d56ca0c286d9308035f474
GET /wp-content/uploads/2022/02/vladimir-luxuria-e-mahmood.jpg HTTP/1.1
Host: blogdilifestyle.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/jpeg
content-length: 54765
last-modified: Wed, 09 Feb 2022 08:57:04 GMT
etag: "620381e0-d5ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnbupRgqleYn0%2FRkrwY%2F3L2ghyCotaDY5u4EUCw3GrqxN8ODCY99DKXB8dJoA%2FtGP1f5JTIqoirh7Sm2%2BsHG%2BMkC3tFl8ka%2BgfLPWDbUBE%2FAscMdBwL%2BiuTx1l3EMXgkPL8HrPo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7465c07a4ddcb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.romanzidaleggere.com/
89.46.107.22200 OK 16 kB URL HTTP/1.1 www.romanzidaleggere.com/
IP 89.46.107.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (4886), with CRLF, LF line terminators
Hash da41982657a6ea6d7486a2287aa56120
7c72a1f33d10bf00fa87a3c937b12acc96ae7cfa
eef6b3dcc42d7f8e1e3a0ccd0e814a883c31f494374ee78149bc307d96dc704c
GET / HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: <http://www.romanzidaleggere.com/wp-json/>; rel="https://api.w.org/"
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
blogdilifestyle.it/wp-content/uploads/2022/02/1153668946.jpg
104.21.16.114200 OK 52 kB URL HTTP/2 blogdilifestyle.it/wp-content/uploads/2022/02/1153668946.jpg
IP 104.21.16.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 831x467, components 3\012- data
Hash 8963aec14e4e7c53347e683db20ef6f8
2a8d4d05bc3330de86599a373084318c99d45c67
44785e8f4139e6bb8bee614ec19458ec954154e6cf7990a982ad92ab94926e61
GET /wp-content/uploads/2022/02/1153668946.jpg HTTP/1.1
Host: blogdilifestyle.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/jpeg
content-length: 52219
last-modified: Mon, 07 Feb 2022 09:38:37 GMT
etag: "6200e89d-cbfb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggrVTTAv%2F8AovpKNJz30u3j51kt3kVQcBhjcmfw8d7iNNsl7acXNuW%2FQIW9UnLw4xkmUpog21ymB15K4hzB37tXlMY1VUFysV4nIGSdHFQCGmUaJKGdCbLr1Zy%2FUGsjTGjOUuZ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7465c079dd34b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blogdilifestyle.it/wp-content/uploads/2022/02/chi_e_eva_grimaldi-1639657302757.jpg-chi_e_eva_grimaldi__nuova_concorrente_gf_vip___eta__instagram__ex_marito__e_il_matrimonio_con_imma_battaglia.jpg
104.21.16.114200 OK 87 kB URL HTTP/2 blogdilifestyle.it/wp-content/uploads/2022/02/chi_e_eva_grimaldi-1639657302757.jpg-chi_e_eva_grimaldi__nuova_concorrente_gf_vip___eta__instagram__ex_marito__e_il_matrimonio_con_imma_battaglia.jpg
IP 104.21.16.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x720, components 3\012- data
Hash 6665c75ed42fcb3eb09b1f4cdc950bbc
8386ccf067ed8b43acdb0917da1513a5fe0d2954
aab44caa9eb4b1714a44e8804db4ba66c107f000565e29a91d3675732ff1f40b
GET /wp-content/uploads/2022/02/chi_e_eva_grimaldi-1639657302757.jpg-chi_e_eva_grimaldi__nuova_concorrente_gf_vip___eta__instagram__ex_marito__e_il_matrimonio_con_imma_battaglia.jpg HTTP/1.1
Host: blogdilifestyle.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/jpeg
content-length: 87317
last-modified: Mon, 07 Feb 2022 14:48:49 GMT
etag: "62013151-15515"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHORZh%2BcI4sFnSsmpi3eXjtXe3Di0R0mBU7y1SokKh9g4SdzQfnwbrlzc%2FfouiDYUEvoUO0EZL8YZ9FSXR29gpGxGobihI30WG8ugJ%2FqZ76V6tlSy7TgRoWRTI%2FdCOevc3tnYGc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7465c079dd38b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kroffers.it/campaign/300x250LexusNXNLSET.jpg
94.23.64.4200 OK 50 kB URL HTTP/1.1 kroffers.it/campaign/300x250LexusNXNLSET.jpg
IP 94.23.64.4:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Hash 484bc8293609c16644b1298dee1ffa2b
717a9142fe7e449375b544039ab484e921f1795f
01b24b30f9b3c5315010dd91adf4dc2fb1252cce12dd3d89084bbbb6868cf39d
GET /campaign/300x250LexusNXNLSET.jpg HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/LexusGammaNLNXSettembreRD.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/jpeg
content-length: 50445
server: Apache
last-modified: Thu, 01 Sep 2022 09:07:24 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:921C_5E174004:0050_6317016A_8EF7:33D0
x-iplb-instance: 31956
kroffers.it/net/adx/scripts/imp.php?a_aid=577a62585dd08&a_bid=e398f587
94.23.64.4200 OK 42 B URL HTTP/1.1 kroffers.it/net/adx/scripts/imp.php?a_aid=577a62585dd08&a_bid=e398f587
IP 94.23.64.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /net/adx/scripts/imp.php?a_aid=577a62585dd08&a_bid=e398f587 HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/FCAMoparRD/Fca_Mopar_CPL_Settembre_2022_Krumbo_Marketing_LTD-Krumbo_Marketing.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/gif
transfer-encoding: chunked
server: Apache
x-powered-by: PHP/5.6
set-cookie: PAPCookie_Imp_e398f587=pap; expires=Sun, 05-Sep-2032 18:22:14 GMT; Max-Age=315569260
cache-control: private, no-cache, no-store, max-age=0, max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:F2BD_5E174004:0050_6317016A_409C:19DAE
x-iplb-instance: 32001
www.romanzidaleggere.com/wp-content/plugins/yet-another-related-posts-plugin/style/widget.css?ver=4.9.19
89.46.107.22200 OK 386 B URL HTTP/1.1 www.romanzidaleggere.com/wp-content/plugins/yet-another-related-posts-plugin/style/widget.css?ver=4.9.19
IP 89.46.107.22:0
Hash f81083f8615ce3f8fd0193eb95947911
867f03b23c75557f91741cb9d2e8edff2bf541e8
683536b77a84ac0a90ee6915851b41b383e6245e319acfa8df3d20ab7c99e048
GET /wp-content/plugins/yet-another-related-posts-plugin/style/widget.css?ver=4.9.19 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:34 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:40:02 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700
142.250.74.10200 OK 304 B URL HTTP/1.1 fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700
IP 142.250.74.10:0
Hash 37bd97ab5d600328cee799bbc856e70f
b81303809a55a104a709773e53737aedcaec1f44
37d6bf70e3ca3db4fc2d0ce9c7f364c91fdf3d8a5ff2bb17d5d7a94d3b63e64e
GET /css?family=Droid+Sans%3A400%2C700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 06 Sep 2022 08:14:34 GMT
Date: Tue, 06 Sep 2022 08:14:34 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
href.li/?http://rdl.altervista.org/wp-content/Newsletter/BMW%20ITALY%201272-1%20RDL%20-R.html
192.0.78.27200 OK 303 B URL HTTP/2 href.li/?http://rdl.altervista.org/wp-content/Newsletter/BMW%20ITALY%201272-1%20RDL%20-R.html
IP 192.0.78.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7c5ecf4a568be3547b6ac62dfb6de1ca
1fb38c49e75b6a89e9dc1a80a08d69409d33fafa
450fb86c43709505510a09bad46a8423be8879c825fd18527467dea31e32d665
GET /?http://rdl.altervista.org/wp-content/Newsletter/BMW%20ITALY%201272-1%20RDL%20-R.html HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca
X-Firefox-Spdy: h2
kroffers.it/net/adx/scripts/imp.php?a_aid=577a62585dd08&a_bid=2ed03752
94.23.64.4200 OK 42 B URL HTTP/1.1 kroffers.it/net/adx/scripts/imp.php?a_aid=577a62585dd08&a_bid=2ed03752
IP 94.23.64.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /net/adx/scripts/imp.php?a_aid=577a62585dd08&a_bid=2ed03752 HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kroffers.it/campaign/LexusGammaNLNXSettembreRD.html
HTTP/1.1 200 OK
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: image/gif
transfer-encoding: chunked
server: Apache
x-powered-by: PHP/5.6
set-cookie: PAPCookie_Imp_2ed03752=pap; expires=Sun, 05-Sep-2032 18:22:14 GMT; Max-Age=315569260
cache-control: private, no-cache, no-store, max-age=0, max-age=900
expires: Tue, 06 Sep 2022 08:29:34 GMT
x-iplb-request-id: 5B5A2A9A:595C_5E174004:0050_6317016A_11A5:5369
x-iplb-instance: 31947
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fa889946ae11954d1eb0b0b3f1ee556f
e3487c674e2c3aef6e626abda623a2968315086a
8920e228b477934ec30102f8a9928866b814ab054e2dc04aabdcbcb74c199da4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8920E228B477934EC30102F8A9928866B814AB054E2DC04AABDCBCB74C199DA4"
Last-Modified: Mon, 05 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13760
Expires: Tue, 06 Sep 2022 12:03:55 GMT
Date: Tue, 06 Sep 2022 08:14:35 GMT
Connection: keep-alive
www.romanzidaleggere.com/wp-content/plugins/easy-facebook-likebox/public/assets/css/font-awesome.css?ver=4.3.8
89.46.107.22200 OK 5.8 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/plugins/easy-facebook-likebox/public/assets/css/font-awesome.css?ver=4.3.8
IP 89.46.107.22:0
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash f915f52831cd897bc7432f74b55d2268
52e12b0d30e6e40cfed73aae28e445c73160f148
5f7f26816d17a5b643ec9b243b97194463ef06ed9dfe4f96d0cdfc932d280c0b
GET /wp-content/plugins/easy-facebook-likebox/public/assets/css/font-awesome.css?ver=4.3.8 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:34 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:44 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-content/plugins/yet-another-stars-rating/css/yasr.css
89.46.107.22200 OK 1.7 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/plugins/yet-another-stars-rating/css/yasr.css
IP 89.46.107.22:0
Hash 0586d9d1cb612559962ca4dfcf7dca4c
c7882f88dc00803cad49899d7a219fbc6dbbbe16
4f22691fff646f5ed8ef21f266f4507fea23ac8e4af783a9e80c0db7eb8f3874
GET /wp-content/plugins/yet-another-stars-rating/css/yasr.css HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:34 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:40:02 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
href.li/?http://kroffers.it/campaign/Toyota%20gamma%20Dem%20CP-01668667%20Settembre%202022%20_2_aygoxRD/Toyota_gamma_Dem_CP-01668667_Settembre_2022___2_Krumbo_Marketing_LTD-Krumbo_Marketing.html
192.0.78.27200 OK 8.5 kB URL HTTP/2 href.li/?http://kroffers.it/campaign/Toyota%20gamma%20Dem%20CP-01668667%20Settembre%202022%20_2_aygoxRD/Toyota_gamma_Dem_CP-01668667_Settembre_2022___2_Krumbo_Marketing_LTD-Krumbo_Marketing.html
IP 192.0.78.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (431)
Hash f4ccd08731a8ffafed147e3f37de3595
9c4995e0116a0250b37bd5f5e97483c65867d595
71f5702fc5f04ec300d8da71af3275919c40eeafd3d311f02865e15ec710ec05
GET /?http://kroffers.it/campaign/Toyota%20gamma%20Dem%20CP-01668667%20Settembre%202022%20_2_aygoxRD/Toyota_gamma_Dem_CP-01668667_Settembre_2022___2_Krumbo_Marketing_LTD-Krumbo_Marketing.html HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca
X-Firefox-Spdy: h2
www.romanzidaleggere.com/wp-content/plugins/easy-facebook-likebox/public/assets/css/animate.css?ver=4.3.8
89.46.107.22200 OK 4.7 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/plugins/easy-facebook-likebox/public/assets/css/animate.css?ver=4.3.8
IP 89.46.107.22:0
Hash f6358f362ddb29273d1c6ed80130555e
cacb829a636f6fa235a84abaa988289336c66be1
1602ef850341a2540df48702f5c96a2f2d16512be18ad4d57286ddbd025218f4
GET /wp-content/plugins/easy-facebook-likebox/public/assets/css/animate.css?ver=4.3.8 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:34 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:44 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-content/plugins/easy-facebook-likebox/public/assets/popup/magnific-popup.css?ver=4.3.8
89.46.107.22200 OK 2.0 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/plugins/easy-facebook-likebox/public/assets/popup/magnific-popup.css?ver=4.3.8
IP 89.46.107.22:0
Hash 66ec78853c88b9ffe3fee09fdc67bbfc
fc9764718bac8d002e84c754688c687a0c75e255
39bae00d876e9646717cde0be628246409c59a5f400e870f6f056ed27807ea8d
GET /wp-content/plugins/easy-facebook-likebox/public/assets/popup/magnific-popup.css?ver=4.3.8 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:34 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:44 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-content/plugins/easy-facebook-likebox/public/assets/css/public.css?ver=4.3.8
89.46.107.22200 OK 2.6 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/plugins/easy-facebook-likebox/public/assets/css/public.css?ver=4.3.8
IP 89.46.107.22:0
Hash 37979271fd6ac605634e0fa8df4ee2fc
433bdc851a3ebfbbad09fb3fc12b989323111acb
c87a5cd9b82859a917a74c2b51578c9f673120f2c6a248fa465ab907b51dfe26
GET /wp-content/plugins/easy-facebook-likebox/public/assets/css/public.css?ver=4.3.8 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:34 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:44 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
href.li/?http://kroffers.it/campaign/LexusGammaNLNXSettembreRD.html
192.0.78.27200 OK 274 B URL HTTP/2 href.li/?http://kroffers.it/campaign/LexusGammaNLNXSettembreRD.html
IP 192.0.78.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a302bcb9a941b57901dc657b9dcf896b
76e775edf78e02c0e8cf0835bebf140f52862e09
96e3ec0a3282394e0d3aafb2a40d894bce0361d66f214f8f3371753321df7ebe
GET /?http://kroffers.it/campaign/LexusGammaNLNXSettembreRD.html HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca
X-Firefox-Spdy: h2
www.romanzidaleggere.com/wp-includes/css/dashicons.min.css?ver=4.9.19
89.46.107.22200 OK 29 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-includes/css/dashicons.min.css?ver=4.9.19
IP 89.46.107.22:0
File type ASCII text, with very long lines (46325)
Hash 6efa9bccff3520915a1ea091bb39870c
b2d80779d5e1e9ff6d9caa208f65b765cf951c74
0cbf6909406e99fc6611349c9ade0fdfcd3861e0996108e4b98d161722a72040
GET /wp-includes/css/dashicons.min.css?ver=4.9.19 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:23 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-content/themes/point/style.css?ver=4.9.19
89.46.107.22200 OK 12 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/themes/point/style.css?ver=4.9.19
IP 89.46.107.22:0
File type Unicode text, UTF-8 text, with very long lines (1248)
Hash 317b44b0a7d9b5c154c9c7f2ec916ec4
f8d7bf80cccab17644b8dff64a2b00f4a2374ca1
0462783570419bd0cefe820747808757715b9388b2a46051003c91174cbdf09f
GET /wp-content/themes/point/style.css?ver=4.9.19 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:40:14 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-content/plugins/yet-another-stars-rating/css/yasr-table-light.css
89.46.107.22200 OK 385 B URL HTTP/1.1 www.romanzidaleggere.com/wp-content/plugins/yet-another-stars-rating/css/yasr-table-light.css
IP 89.46.107.22:0
Hash 1d0652f994d1b77dae433feda66d4e57
4b05c9a2f0c89a4fb47613cafa2196f11ac4e2b0
52d54160d7f5caf6f3bbc53083a8452a151f8d934f0ebc9bec3aaba59116255b
GET /wp-content/plugins/yet-another-stars-rating/css/yasr-table-light.css HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:40:02 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.7.1
89.46.107.22200 OK 8.2 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.7.1
IP 89.46.107.22:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5ca936a88c39388ad9eaabf276ed7ea2
195c4b74d463de28eaabeb88d6844c6dff0676ed
07ee55c8cf59b3eb89d0cb7035376eb6622e9d91881873f504de47c7febb1200
GET /wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.7.1 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:44 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.12.3
89.46.107.22200 OK 2.8 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.12.3
IP 89.46.107.22:0
File type ASCII text, with very long lines (1022)
Hash f7c16a1ce37aeea92914cc84c8647447
14c30d8259b09529857082ed151754a545bbfda3
41509c25d530a06cb242c6a3499c6cafd4dc38731d9882430d66f4cddea0211e
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.12.3 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:46 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
89.46.107.22200 OK 4.0 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 89.46.107.22:0
File type ASCII text, with very long lines (9959)
Hash c3b3a5268f141e34b6cd4cfb63a64bc3
adcb27303f4527ec3bd64feaff9c2b824e544e13
ef681842dd14bdf46f5b38f181e450bc6af20193500257b4eee065f5dec0c7ab
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:24 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash ff7cce2b07e02ea7445566cfdda02bb1
e3f7584a203ade51f747de4a46bc5e4c99e2b377
ca9c4f9fcf37261a310b8bc70f13d6fa2daf348b90cbb46bae566fd837f75121
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "CA9C4F9FCF37261A310B8BC70F13D6FA2DAF348B90CBB46BAE566FD837F75121"
Last-Modified: Mon, 05 Sep 2022 22:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=3599
Expires: Tue, 06 Sep 2022 09:14:34 GMT
Date: Tue, 06 Sep 2022 08:14:35 GMT
Connection: keep-alive
www.romanzidaleggere.com/wp-content/plugins/easy-facebook-likebox/public/assets/js/jquery.cookie.js?ver=4.3.8
89.46.107.22200 OK 1.4 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/plugins/easy-facebook-likebox/public/assets/js/jquery.cookie.js?ver=4.3.8
IP 89.46.107.22:0
Hash 71cee6f859ca573c06c376e5ad3cd9fe
92defeef63ab15263a06b357326576d3441e60ce
1568782488cf5cd7416b6a1bbd5afce7d94e5d188cde9223ba6f70aacfe97673
GET /wp-content/plugins/easy-facebook-likebox/public/assets/js/jquery.cookie.js?ver=4.3.8 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:44 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-content/plugins/easy-facebook-likebox/public/assets/popup/jquery.magnific-popup.min.js?ver=4.3.8
89.46.107.22200 OK 7.7 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/plugins/easy-facebook-likebox/public/assets/popup/jquery.magnific-popup.min.js?ver=4.3.8
IP 89.46.107.22:0
File type ASCII text, with very long lines (20965)
Hash 1eb650956c577d1246215094becd997b
8813678f1211cadd9f13691904fa5f218bf47986
466740b55edeb9097f174624b185272d8559a1b7570030ad13e30ea1e6814539
GET /wp-content/plugins/easy-facebook-likebox/public/assets/popup/jquery.magnific-popup.min.js?ver=4.3.8 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:44 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-content/plugins/easy-facebook-likebox/public/assets/js/public.js?ver=4.3.8
89.46.107.22200 OK 1.7 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/plugins/easy-facebook-likebox/public/assets/js/public.js?ver=4.3.8
IP 89.46.107.22:0
Hash c6c83e395074c1f16eaeca8940888375
a8985f06b2ab47be4f35cefd9ef521b795751289
d1253692b2d73a08db727817e4a80a6fe029b053c9ffd5f24499f57a85412a46
GET /wp-content/plugins/easy-facebook-likebox/public/assets/js/public.js?ver=4.3.8 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:44 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-content/plugins/yet-another-stars-rating/js/jquery.rateit.min.js?ver=1.0.22
89.46.107.22200 OK 2.6 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/plugins/yet-another-stars-rating/js/jquery.rateit.min.js?ver=1.0.22
IP 89.46.107.22:0
File type Unicode text, UTF-8 text, with very long lines (7211)
Hash 04f37fc16cd34580a6912699beaec659
901363e73ba507949c606756a82b32a9a001d255
13eaeaeeb9505d8188c027e4f313ba9b5be4e46bd8d6aafdd57e5844967f6ccf
GET /wp-content/plugins/yet-another-stars-rating/js/jquery.rateit.min.js?ver=1.0.22 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:40:04 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
89.46.107.22200 OK 34 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 89.46.107.22:0
File type ASCII text, with very long lines (31997)
Hash 52337c64ba22a8dc64cd0c15ffa5f040
f22ea974e10e43f68833d7d020e370378fafe69c
6818a20d51cd8dfc2c3473f33d9822466b3d4eb898706ed3899fece665237be4
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:25 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash ff7cce2b07e02ea7445566cfdda02bb1
e3f7584a203ade51f747de4a46bc5e4c99e2b377
ca9c4f9fcf37261a310b8bc70f13d6fa2daf348b90cbb46bae566fd837f75121
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "CA9C4F9FCF37261A310B8BC70F13D6FA2DAF348B90CBB46BAE566FD837F75121"
Last-Modified: Mon, 05 Sep 2022 22:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Tue, 06 Sep 2022 09:14:35 GMT
Date: Tue, 06 Sep 2022 08:14:35 GMT
Connection: keep-alive
www.romanzidaleggere.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
89.46.107.22200 OK 1.8 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
IP 89.46.107.22:0
File type ASCII text, with very long lines (3704)
Hash 8681c8c59fe450daeacc2f499e351dfe
1bedefb4c8fa62628816eaeea85677d637a6e4e0
d2160a6f66510d16512fd1fd387aee7d3763f0b4799273125faa777128dc5430
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:25 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash ff7cce2b07e02ea7445566cfdda02bb1
e3f7584a203ade51f747de4a46bc5e4c99e2b377
ca9c4f9fcf37261a310b8bc70f13d6fa2daf348b90cbb46bae566fd837f75121
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "CA9C4F9FCF37261A310B8BC70F13D6FA2DAF348B90CBB46BAE566FD837F75121"
Last-Modified: Mon, 05 Sep 2022 22:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=3598
Expires: Tue, 06 Sep 2022 09:14:33 GMT
Date: Tue, 06 Sep 2022 08:14:35 GMT
Connection: keep-alive
rdl.altervista.org/wp-content/Newsletter/fonts/BMWTypeNextTT-Regular.woff2
136.243.138.245404 Not Found 37 kB URL HTTP/1.1 rdl.altervista.org/wp-content/Newsletter/fonts/BMWTypeNextTT-Regular.woff2
IP 136.243.138.245:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047)
Hash ccf712877038c784204f76fef0d0b930
b471470975ea8987e022292cafc3872414e52670
fb36027c4b71e52531c54832107fb546c17d68052f44c4748d04e706b72c861a
GET /wp-content/Newsletter/fonts/BMWTypeNextTT-Regular.woff2 HTTP/1.1
Host: rdl.altervista.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rdl.altervista.org/wp-content/Newsletter/BMW%20ITALY%201272-1%20RDL%20-R.html
HTTP/1.1 404 Not Found
Date: Tue, 06 Sep 2022 08:14:34 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://rdl.altervista.org/wp-json/>; rel="https://api.w.org/", <//cdn.iubenda.com/cs/versions/iubenda_cs-1.35.3.js>; rel=preload; as=script; nopush, <//cdn.iubenda.com/cookie_solution/iubenda_cs/1.35.3/core-it.js>; rel=preload; as=script; nopush, <//cdn.iubenda.com/cs/tcf/versions/tcf-v2-0.14.1.js>; rel=preload; as=script; nopush, <//www.iubenda.com/cookie-solution/confs/js/61281997.js>; rel=preload; as=script; nopush
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash ff7cce2b07e02ea7445566cfdda02bb1
e3f7584a203ade51f747de4a46bc5e4c99e2b377
ca9c4f9fcf37261a310b8bc70f13d6fa2daf348b90cbb46bae566fd837f75121
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "CA9C4F9FCF37261A310B8BC70F13D6FA2DAF348B90CBB46BAE566FD837F75121"
Last-Modified: Mon, 05 Sep 2022 22:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=3586
Expires: Tue, 06 Sep 2022 09:14:21 GMT
Date: Tue, 06 Sep 2022 08:14:35 GMT
Connection: keep-alive
www.romanzidaleggere.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
89.46.107.22200 OK 2.6 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
IP 89.46.107.22:0
File type ASCII text, with very long lines (6608)
Hash 032113ff3be3ace67907b95e16e453b6
4789eff63a3fb735da536d4f29ebd84a9970dc39
ef5b6111e4bfe331ef6241acbc8108ad5b63ff8cac029d40c5b45dd17a68e4e8
GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:25 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-includes/js/jquery/ui/progressbar.min.js?ver=1.11.4
89.46.107.22200 OK 904 B URL HTTP/1.1 www.romanzidaleggere.com/wp-includes/js/jquery/ui/progressbar.min.js?ver=1.11.4
IP 89.46.107.22:0
File type ASCII text, with very long lines (2241)
Hash c3b5563cf6b6aa0a91672a4dff4f73fb
746d17f82d6beb5af8ee9cf040fee6ff8c748fb1
a180c12e053b35aae2d6cf0967c23c42c3834d02c226b07e7f5b0a2047ddffbc
GET /wp-includes/js/jquery/ui/progressbar.min.js?ver=1.11.4 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:25 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
89.46.107.22200 OK 2.5 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
IP 89.46.107.22:0
File type ASCII text, with very long lines (6219)
Hash 7e6c4b035242a41e552dc62bba5b558a
920f93a29c2b208a14278e1d64bddc0fbd4848dc
6e0ab022d553dafbc595e08f7800fc5a4eb1922d62964c453624d214c43693ad
GET /wp-includes/js/jquery/ui/position.min.js?ver=1.11.4 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:25 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.11.4
89.46.107.22200 OK 2.0 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.11.4
IP 89.46.107.22:0
File type ASCII text, with very long lines (5431)
Hash 61c781f394096b2b9e0bbd3161dda3e8
deb4b2b323fdac3d855c6ca0e9f92bcafec80f5d
1fd2feff0fd28c1443d2f2d971c3440dfc926b9fe8350901edeb18bdbb697f85
GET /wp-includes/js/jquery/ui/tooltip.min.js?ver=1.11.4 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:25 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-content/plugins/yet-another-stars-rating/js/yasr-front.js?ver=1.0.0
89.46.107.22200 OK 1.9 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/plugins/yet-another-stars-rating/js/yasr-front.js?ver=1.0.0
IP 89.46.107.22:0
Hash c08c0269b43e79b586b03cb9459192b5
b9673815f1c6f63335d7bb792be371ca6221df51
8cbd6808af308690320c285132f3969e4fb2f44a876bf36749b3e40fcaa61556
GET /wp-content/plugins/yet-another-stars-rating/js/yasr-front.js?ver=1.0.0 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:40:04 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-content/themes/point/js/customscripts.js?ver=20120212
89.46.107.22200 OK 1.0 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/themes/point/js/customscripts.js?ver=20120212
IP 89.46.107.22:0
Hash d5f93c8c83960e831a606d5741e9c4f0
46944d8b5ed9b70868bfcbc080c4d7a163b75cf9
5d7e2f8e7668c072985ccf78ed1eae68c5549c6355ce9f6b66f3c325bf6ba5b6
GET /wp-content/themes/point/js/customscripts.js?ver=20120212 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:40:14 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
g-ecx.images-amazon.com/images/G/29/associates/it_logo.png
143.204.46.75200 OK 2.5 kB URL HTTP/1.1 g-ecx.images-amazon.com/images/G/29/associates/it_logo.png
IP 143.204.46.75:0
File type PNG image data, 350 x 50, 8-bit/color RGB, non-interlaced\012- data
Hash 82ac5cb4329643ebcc5db5c1a81328b1
513c77513a093e986027bb95c33d99486cc137e0
52148bfa9a56afd53b92277ce87073095d1a64a15bc5849b0165ddef63384847
GET /images/G/29/associates/it_logo.png HTTP/1.1
Host: g-ecx.images-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2465
Connection: keep-alive
Server: Server
X-Amz-IR-Id: e9b61ae8-e9a3-42a1-ac9c-7dc1421faf65
Surrogate-key: x-cache-933 /images/G/29/associates/it_logo
Timing-Allow-Origin: https://www.amazon.it
Edge-Cache-Tag: x-cache-933,/images/G/29/associates/it_logo
Access-Control-Allow-Origin: *
Last-Modified: Thu, 21 Feb 2013 15:06:33 GMT
X-Nginx-Cache-Status: EXPIRED
Accept-Ranges: bytes
Date: Tue, 06 Sep 2022 04:23:08 GMT
Expires: Tue, 06 Sep 2022 10:59:13 GMT
Cache-Control: max-age=86400,public
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F3DYL-eSsVybOUEwi5SXGhcOSpWpRmZqq3h6qeHdVq2DboHsf43g2w==
Age: 13887
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 07:38:18 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 08:36:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NuOvfvlgmeJAMD0L_FhfrfTWHclCzJoy-Zuk2oYP5GaqecvoxtJRkA==
Age: 2177
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 31abc7fe976dbf9a68d45fb57e0c86c5
a1f6f5404850df3149a769dc685f5c795bc08435
0859eece0557d6b1b48ed8f04c2eb55bdc2ca3fb4633e52a193b206fdefbb5d3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 08:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
performance.payclick-it.com/ald2022/ALD_footer_IN_190x95.jpg
15.161.168.78200 OK 2.1 kB URL HTTP/2 performance.payclick-it.com/ald2022/ALD_footer_IN_190x95.jpg
IP 15.161.168.78:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 33x95, components 3\012- data
Hash ac020bc104241f7f6233729d1db13ae2
8c21576b89143ee621b54848d1d7bbcc02340c88
9f7676768ab381af03321d309223e48d484470b795eb3780c9f9e55c079df610
GET /ald2022/ALD_footer_IN_190x95.jpg HTTP/1.1
Host: performance.payclick-it.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:35 GMT
content-type: image/jpeg
content-length: 2123
last-modified: Thu, 04 Aug 2022 08:53:31 GMT
etag: "62eb890b-84b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.romanzidaleggere.com/wp-includes/js/wp-embed.min.js?ver=4.9.19
89.46.107.22200 OK 739 B URL HTTP/1.1 www.romanzidaleggere.com/wp-includes/js/wp-embed.min.js?ver=4.9.19
IP 89.46.107.22:0
File type ASCII text, with very long lines (1391), with no line terminators
Hash 60d8829560031a011771efa2f39708af
a4689c3b70f773deb896eec78028e0902ef15097
a0176bd4cc53bd2e920b0dfd10f56d2a4a3820d671539414ef4b3e2b3e50b9b7
GET /wp-includes/js/wp-embed.min.js?ver=4.9.19 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:27 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.8.1
89.46.107.22200 OK 2.8 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.8.1
IP 89.46.107.22:0
File type ASCII text, with very long lines (6806)
Hash eee4ece953f68bd0328960e3ee185a42
fcb69d425794695edd170dbbfafe57534200223f
c2c12e975caa1376f51d3d616772d4e05e65d2ed8c5259aeae38cb405cefbc93
GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.8.1 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:51 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.19
89.46.107.22200 OK 4.4 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.19
IP 89.46.107.22:0
File type ASCII text, with very long lines (9063)
Hash d003dd2e571097385bde0a605679ae06
de43f1329eaffe6791b8dcf20779550722a6115c
55ac05ff21ebcd3328a22771444f5be265f19998bbf3292072bc17b93adb4bbb
GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.19 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:27 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=4.7.1
89.46.107.22200 OK 14 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=4.7.1
IP 89.46.107.22:0
File type ASCII text, with very long lines (31925)
Hash 20d4821a55d337c283d856eda6ad5bcc
947e5d42acdfa825dc21d0de5d87e703b890f11a
2295ca546a8342d796cbd387865a0ef20b4ce6c8d24ba99c00596b75073e4272
GET /wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=4.7.1 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Aug 2022 18:39:44 GMT
X-ServerName: ipvsproxy110.ad.aruba.it
Content-Encoding: gzip
www.romanzidaleggere.com/wp-content/plugins/easy-facebook-likebox/public/assets/images/loader.gif
89.46.107.22200 OK 14 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/plugins/easy-facebook-likebox/public/assets/images/loader.gif
IP 89.46.107.22:0
File type GIF image data, version 89a, 240 x 320\012- data
Hash 0a856515df896370b960d69101003b00
206af3b06bfc5cf26e28fbd50e86e081ca407d7b
50f04feafe5e07e69384706c4d004bbec71aa2e183b57bad7fda2d7be5e24e0b
GET /wp-content/plugins/easy-facebook-likebox/public/assets/images/loader.gif HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/gif
Content-Length: 14262
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:39:44 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
performance.payclick-it.com/ald2022/myald_550x159.png
15.161.168.78200 OK 26 kB URL HTTP/2 performance.payclick-it.com/ald2022/myald_550x159.png
IP 15.161.168.78:0
File type PNG image data, 550 x 159, 8-bit/color RGBA, non-interlaced\012- data
Hash d4c717bbf1bd006eb7d653d3b6ad90bb
e526f629c29354031056414f91a64bb7a00f6118
605a7bb5ec34c1055f42c6bc33d8d8d554b54b9d255803bbd1ae836d2f9b8727
GET /ald2022/myald_550x159.png HTTP/1.1
Host: performance.payclick-it.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:35 GMT
content-type: image/png
content-length: 26443
last-modified: Thu, 04 Aug 2022 08:53:32 GMT
etag: "62eb890c-674b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/MarketSans-SemiBold-WebS.woff2
151.101.86.206200 OK 22 kB URL HTTP/2 ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/MarketSans-SemiBold-WebS.woff2
IP 151.101.86.206:0
File type Web Open Font Format (Version 2), TrueType, length 22440, version 1.0\012- data
Hash 7d3b042e6f30a873d2a8e3a2cb8d8575
16650249a31778574d06587c8a36dbca12368f8c
08f4c8c3fb4ad5b9d1c36c26908a82394b6c222f5254f594327270aa5583e8d1
GET /cr/v/c1/market-sans/v1.0/MarketSans-SemiBold-WebS.woff2 HTTP/1.1
Host: ir.ebaystatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kroffers.it
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
rlogid: t6q%60uebwh%3D9vjdq%60uebwh*%7B1%3Fmy%28rbpv6775-182db2c0af4-0xdc
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
content-type: application/font-woff2
server: ebay server
x-cache-lookup: HIT from include-cache-1:80
via: 1.1 include-cache-1 (squid), 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
date: Tue, 06 Sep 2022 08:14:35 GMT
age: 917603
x-served-by: cache-bma1633-BMA
x-cache: HIT from include-cache-1, HIT
x-cache-hits: 14123
x-timer: S1662452075.291493,VS0,VE0
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
x-cdn: Fastly
strict-transport-security: max-age=31557600
content-length: 22468
X-Firefox-Spdy: h2
performance.payclick-it.com/ald2022/ALD_footer_FB_190x95.jpg
15.161.168.78200 OK 2.1 kB URL HTTP/2 performance.payclick-it.com/ald2022/ALD_footer_FB_190x95.jpg
IP 15.161.168.78:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 33x95, components 3\012- data
Hash 5dd17afb3af6a8420496e9c5c4648578
febd7d42c6141de2d4ecec20e41e0c2dce172398
e4501aa57c29db6dbf3c0c731cd51184b86afaaf1673b14b51036b6a457daf5c
GET /ald2022/ALD_footer_FB_190x95.jpg HTTP/1.1
Host: performance.payclick-it.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:35 GMT
content-type: image/jpeg
content-length: 2068
last-modified: Thu, 04 Aug 2022 08:53:33 GMT
etag: "62eb890d-814"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/MarketSans-Regular-WebS.woff2
151.101.86.206200 OK 22 kB URL HTTP/2 ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/MarketSans-Regular-WebS.woff2
IP 151.101.86.206:0
File type Web Open Font Format (Version 2), TrueType, length 22128, version 1.0\012- data
Hash 0ebf52204d323dde25f8ffe25b4e4579
e462396e8f8b4a0ccb5e14957dda6abe795d722d
1e336db497f4bdd8417dd0157c390f373ec6cf64d496733d425332c4a8a900e1
GET /cr/v/c1/market-sans/v1.0/MarketSans-Regular-WebS.woff2 HTTP/1.1
Host: ir.ebaystatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kroffers.it
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
rlogid: t6q%60uebwh%3D9iptq%60uebwh*qt0a5%28rbpv670%3D-182da20602f-0xd7
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
content-type: application/font-woff2
server: ebay server
x-cache-lookup: HIT from include-cache-3:80
via: 1.1 include-cache-3 (squid), 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
date: Tue, 06 Sep 2022 08:14:35 GMT
age: 935144
x-served-by: cache-bma1633-BMA
x-cache: HIT from include-cache-3, HIT
x-cache-hits: 14222
x-timer: S1662452075.295320,VS0,VE0
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
x-cdn: Fastly
strict-transport-security: max-age=31557600
content-length: 22156
X-Firefox-Spdy: h2
ad.doubleclick.net/ddm/trackimp/N526601.1116336GROUPMPLUS-LIGHTR/B25220310.320305142;dc_trk_aid=484957553;dc_trk_cid=81266811;site=Xaxis;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
216.58.207.198200 OK 42 B URL HTTP/2 ad.doubleclick.net/ddm/trackimp/N526601.1116336GROUPMPLUS-LIGHTR/B25220310.320305142;dc_trk_aid=484957553;dc_trk_cid=81266811;site=Xaxis;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
IP 216.58.207.198:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/trackimp/N526601.1116336GROUPMPLUS-LIGHTR/B25220310.320305142;dc_trk_aid=484957553;dc_trk_cid=81266811;site=Xaxis;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=? HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 08:14:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Sep-2022 08:29:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.romanzidaleggere.com/wp-content/uploads/2022/05/sotto-la-porta-dei-sussurri-220x162.png
89.46.107.22200 OK 78 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2022/05/sotto-la-porta-dei-sussurri-220x162.png
IP 89.46.107.22:0
File type PNG image data, 220 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash 8da4f0571a85bb283d456c57e0f08545
527866ac78c4586e36efc402ddf210520f863b24
bbed8d6c3eab1479e4b460459a8e6adfdce4ae79779535c6456254d3216943a4
GET /wp-content/uploads/2022/05/sotto-la-porta-dei-sussurri-220x162.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 77774
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:42:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash ff7cce2b07e02ea7445566cfdda02bb1
e3f7584a203ade51f747de4a46bc5e4c99e2b377
ca9c4f9fcf37261a310b8bc70f13d6fa2daf348b90cbb46bae566fd837f75121
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "CA9C4F9FCF37261A310B8BC70F13D6FA2DAF348B90CBB46BAE566FD837F75121"
Last-Modified: Mon, 05 Sep 2022 22:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=3599
Expires: Tue, 06 Sep 2022 09:14:34 GMT
Date: Tue, 06 Sep 2022 08:14:35 GMT
Connection: keep-alive
ad.doubleclick.net/ddm/trackimp/N526202.1116336GROUPMPLUS-XAXIS_/B25218654.337812550;dc_trk_aid=484854350;dc_trk_cid=81656968;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
216.58.207.198200 OK 42 B URL HTTP/2 ad.doubleclick.net/ddm/trackimp/N526202.1116336GROUPMPLUS-XAXIS_/B25218654.337812550;dc_trk_aid=484854350;dc_trk_cid=81656968;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
IP 216.58.207.198:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/trackimp/N526202.1116336GROUPMPLUS-XAXIS_/B25218654.337812550;dc_trk_aid=484854350;dc_trk_cid=81656968;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=? HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 08:14:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Sep-2022 08:29:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ad.doubleclick.net/ddm/trackimp/N4199.3151834REFINEDIRECTS.R.L.0/B28111886.340370235;dc_trk_aid=534186195;dc_trk_cid=174597552;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
216.58.207.198200 OK 42 B URL HTTP/2 ad.doubleclick.net/ddm/trackimp/N4199.3151834REFINEDIRECTS.R.L.0/B28111886.340370235;dc_trk_aid=534186195;dc_trk_cid=174597552;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
IP 216.58.207.198:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/trackimp/N4199.3151834REFINEDIRECTS.R.L.0/B28111886.340370235;dc_trk_aid=534186195;dc_trk_cid=174597552;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=? HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 08:14:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Sep-2022 08:29:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ad.doubleclick.net/ddm/trackimp/N718661.3920729MOPAR-LIONADNET2I/B27156342.328923415;dc_trk_aid=521101405;dc_trk_cid=138616256;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
216.58.207.198200 OK 42 B URL HTTP/2 ad.doubleclick.net/ddm/trackimp/N718661.3920729MOPAR-LIONADNET2I/B27156342.328923415;dc_trk_aid=521101405;dc_trk_cid=138616256;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
IP 216.58.207.198:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/trackimp/N718661.3920729MOPAR-LIONADNET2I/B27156342.328923415;dc_trk_aid=521101405;dc_trk_cid=138616256;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=? HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 08:14:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Sep-2022 08:29:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ad.doubleclick.net/ddm/trackimp/N526202.1116336GROUPMPLUS-LIGHTR/B25922921.305446640;dc_trk_aid=498458806;dc_trk_cid=81656968;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
216.58.207.198200 OK 42 B URL HTTP/2 ad.doubleclick.net/ddm/trackimp/N526202.1116336GROUPMPLUS-LIGHTR/B25922921.305446640;dc_trk_aid=498458806;dc_trk_cid=81656968;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
IP 216.58.207.198:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/trackimp/N526202.1116336GROUPMPLUS-LIGHTR/B25922921.305446640;dc_trk_aid=498458806;dc_trk_cid=81656968;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=? HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 08:14:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Sep-2022 08:29:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ad.doubleclick.net/ddm/trackimp/N526601.1116336GROUPMPLUS-LIGHTR/B25220310.333316606;dc_trk_aid=525464901;dc_trk_cid=81266811;site=Xaxis;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
216.58.207.198200 OK 42 B URL HTTP/2 ad.doubleclick.net/ddm/trackimp/N526601.1116336GROUPMPLUS-LIGHTR/B25220310.333316606;dc_trk_aid=525464901;dc_trk_cid=81266811;site=Xaxis;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
IP 216.58.207.198:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/trackimp/N526601.1116336GROUPMPLUS-LIGHTR/B25220310.333316606;dc_trk_aid=525464901;dc_trk_cid=81266811;site=Xaxis;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=? HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 08:14:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Sep-2022 08:29:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 18bdf3860a334f00d4aead872abefcec
f8e639adf5376b7223c8fdeb1a49515fd5efaf7a
facadd4e9ea35639fa93081bf5396648f78bd7e2d1b518bda676f3b08e6f01aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3847
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 08:14:35 GMT
Last-Modified: Tue, 06 Sep 2022 07:10:28 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
performance.payclick-it.com/ald2022/sevizi_550x162.png
15.161.168.78200 OK 48 kB URL HTTP/2 performance.payclick-it.com/ald2022/sevizi_550x162.png
IP 15.161.168.78:0
File type PNG image data, 550 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash 5de00fa4083087ebaeecc563cde346d3
7753d97af7b33229dc3fbb864a38dc3fded982e9
ea1a8a4c49060fa1d16e1c17c42c34edfd99a6df3bb5e043812fc5ba29d01219
GET /ald2022/sevizi_550x162.png HTTP/1.1
Host: performance.payclick-it.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:35 GMT
content-type: image/png
content-length: 47491
last-modified: Thu, 04 Aug 2022 08:53:32 GMT
etag: "62eb890c-b983"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
href.li/?http://kroffers.it/campaign/eBayPromoPeAcpcRD/eBay_Promo_P&A_LugSet22_Krumbo_Marketing_LTD-Krumbo_Marketing.html
192.0.78.27200 OK 2.5 kB URL HTTP/2 href.li/?http://kroffers.it/campaign/eBayPromoPeAcpcRD/eBay_Promo_P&A_LugSet22_Krumbo_Marketing_LTD-Krumbo_Marketing.html
IP 192.0.78.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9bd44af46d3836e639b4881684caa0d6
210d66bd52dfe7fd3319279bbd0cac635500982f
bf1773a083b2edf6a865554ed4ba4ca55151e78939538a1ee4681d55f0564934
GET /?http://kroffers.it/campaign/eBayPromoPeAcpcRD/eBay_Promo_P&A_LugSet22_Krumbo_Marketing_LTD-Krumbo_Marketing.html HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca
X-Firefox-Spdy: h2
www.romanzidaleggere.com/wp-content/uploads/2014/12/logo1.png
89.46.107.22200 OK 19 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2014/12/logo1.png
IP 89.46.107.22:0
File type PNG image data, 416 x 106, 8-bit/color RGBA, non-interlaced\012- data
Hash 2d8bd2090eea954487089783b5dd54c1
52b1583ec5dcaf3b45e2dee487bcc33fffde3a78
4ba379a83a6a3f515a8540ab634e62da5a79e95333a66b4a7e3a65aa2c3568bf
GET /wp-content/uploads/2014/12/logo1.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 19361
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:40:19 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
performance.payclick-it.com/ald2022/CTA.png
15.161.168.78200 OK 6.5 kB URL HTTP/2 performance.payclick-it.com/ald2022/CTA.png
IP 15.161.168.78:0
File type PNG image data, 302 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 47eb57ef6a0ba5d04ef733ad96f0187e
57e6f1fcb1272cd7f197444730ffb1c1ffe72848
7051dbd0bc9c8ad18cb5fa24b173bbc18c63ae0fd779f15626c251384fb00a05
GET /ald2022/CTA.png HTTP/1.1
Host: performance.payclick-it.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:35 GMT
content-type: image/png
content-length: 6500
last-modified: Thu, 04 Aug 2022 08:53:31 GMT
etag: "62eb890b-1964"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
href.li/?http://www.romanzidaleggere.com
192.0.78.27200 OK 331 kB URL HTTP/2 href.li/?http://www.romanzidaleggere.com
IP 192.0.78.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size 331 kB (330894 bytes)
Hash 9ef90a5fbb9ec89d4c37a8011e87fa94
82c5bcf8f4cf9c3a86146de2650e9f18bcadb7ca
d322d1e9667030bbb485aaaa20ad34ce3fe2cd205d3c101976fc38329676677e
GET /?http://www.romanzidaleggere.com HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca
X-Firefox-Spdy: h2
performance.payclick-it.com/ald2022/ALD_footer_logo_190x95.jpg
15.161.168.78200 OK 5.4 kB URL HTTP/2 performance.payclick-it.com/ald2022/ALD_footer_logo_190x95.jpg
IP 15.161.168.78:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 190x95, components 3\012- data
Hash 14739337db013d41fce36eb877f299b3
abb702cdab707692af1381e07aaaf4947ae36757
dd1756a83dfaff1d71d8cc2f7a0fe04fa43722d08828a7a5eb30bf5ceb07bc85
GET /ald2022/ALD_footer_logo_190x95.jpg HTTP/1.1
Host: performance.payclick-it.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:35 GMT
content-type: image/jpeg
content-length: 5353
last-modified: Thu, 04 Aug 2022 08:53:31 GMT
etag: "62eb890b-14e9"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.romanzidaleggere.com/wp-content/uploads/2022/05/Mayday-140x100.png
89.46.107.22200 OK 32 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2022/05/Mayday-140x100.png
IP 89.46.107.22:0
File type PNG image data, 140 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 00e7593e138eac53137dd13f8927f367
db98dbc6004ed2b60dc6a3f4f24ce84983725a28
91bebef94aa92369a2d26db146228f18296bdb3fc807b8da9ce1ec5bdd30168d
GET /wp-content/uploads/2022/05/Mayday-140x100.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 32298
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:42:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
www.romanzidaleggere.com/wp-content/uploads/2022/05/sotto-la-porta-dei-sussurri-140x100.png
89.46.107.22200 OK 33 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2022/05/sotto-la-porta-dei-sussurri-140x100.png
IP 89.46.107.22:0
File type PNG image data, 140 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash e1939d53e738ae75dac6837fe4e3b7ba
607c5cfa4d440a540488d22829ca5d7821bfb8dc
d2c4a1fcfa901aeac4211ae9fb3512a9ece4475c234da1690921dfe6c1da9de6
GET /wp-content/uploads/2022/05/sotto-la-porta-dei-sussurri-140x100.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 33279
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:42:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
www.romanzidaleggere.com/wp-content/uploads/2022/06/vicino-di-casa-molto-speciale-300x200.png
89.46.107.22200 OK 122 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2022/06/vicino-di-casa-molto-speciale-300x200.png
IP 89.46.107.22:0
File type PNG image data, 300 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size 122 kB (121843 bytes)
Hash 98d6e8cef23d7a391e9a178a5f71fde6
003786ab27a28675bab1e4aed6357402842aa939
b1f58fc7cfea524068af52310687a99f1fa0b4986d176d013b674f91eda27d0d
GET /wp-content/uploads/2022/06/vicino-di-casa-molto-speciale-300x200.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 121843
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:42:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 31abc7fe976dbf9a68d45fb57e0c86c5
a1f6f5404850df3149a769dc685f5c795bc08435
0859eece0557d6b1b48ed8f04c2eb55bdc2ca3fb4633e52a193b206fdefbb5d3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 08:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.romanzidaleggere.com/wp-content/uploads/2022/09/Fairy-Tale-220x162.png
89.46.107.22200 OK 84 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2022/09/Fairy-Tale-220x162.png
IP 89.46.107.22:0
File type PNG image data, 220 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash 1147a46d49e924102691e120a0496032
a2b3028e36906bd0f405140b670b83d72f71aa84
2a55ba9358d8bdc4993e510c6e851ba62d71c553366c9276de58b6e4970c307a
GET /wp-content/uploads/2022/09/Fairy-Tale-220x162.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 83544
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 08:11:03 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 18bdf3860a334f00d4aead872abefcec
f8e639adf5376b7223c8fdeb1a49515fd5efaf7a
facadd4e9ea35639fa93081bf5396648f78bd7e2d1b518bda676f3b08e6f01aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3847
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 08:14:35 GMT
Last-Modified: Tue, 06 Sep 2022 07:10:28 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
www.romanzidaleggere.com/wp-content/uploads/2022/06/vicino-di-casa-molto-speciale-220x162.png
89.46.107.22200 OK 74 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2022/06/vicino-di-casa-molto-speciale-220x162.png
IP 89.46.107.22:0
File type PNG image data, 220 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash ee4781502a17fbcc16190d18ad59490a
1b9f71db2fff93f49f9db6e5ac65bf7496aec5ff
0a7af821f39bae5bc4696f4d8be8872862642c72b0591a9294e5638936dc3760
GET /wp-content/uploads/2022/06/vicino-di-casa-molto-speciale-220x162.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 73971
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:42:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
www.romanzidaleggere.com/wp-content/uploads/2022/04/Wilbur-Smith-220x162.png
89.46.107.22200 OK 91 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2022/04/Wilbur-Smith-220x162.png
IP 89.46.107.22:0
File type PNG image data, 220 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash 80fb520dbf0fea883939e3103b049858
f2167eeab93aed534c7f4cfa748141bca66b1623
d908b2286cd987102d2cf3cc15e1419716f594f00ca6ae1b8e51a172b40c9d67
GET /wp-content/uploads/2022/04/Wilbur-Smith-220x162.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 91030
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:42:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
www.romanzidaleggere.com/wp-content/uploads/2022/09/Fairy-Tale-620x315.png
89.46.107.22200 OK 344 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2022/09/Fairy-Tale-620x315.png
IP 89.46.107.22:0
File type PNG image data, 620 x 315, 8-bit/color RGBA, non-interlaced\012- data
Size 344 kB (343698 bytes)
Hash 87a11d23fb899c43b7408684814ac16d
95fd1ea58858928d73e315b734c3ce789b5c3e1e
961e87c816d88470f1997b01a4a88ae6161723b300ce4510fcdb7e7402096671
GET /wp-content/uploads/2022/09/Fairy-Tale-620x315.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 343698
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 08:11:03 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
www.romanzidaleggere.com/wp-content/uploads/2022/05/Mayday-220x162.png
89.46.107.22200 OK 74 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2022/05/Mayday-220x162.png
IP 89.46.107.22:0
File type PNG image data, 220 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash 901feb3a89881b1c2580aebb37aeaa44
1c665860d6dcd54701cd35c69ec85ce08a525fe0
e5d1887916bdac959127a19fb1ff6ef4731f4c55345560cb818c016a8ade0503
GET /wp-content/uploads/2022/05/Mayday-220x162.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 74264
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:42:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
www.romanzidaleggere.com/wp-content/uploads/2021/12/custode-dei-peccati-220x162.png
89.46.107.22200 OK 74 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2021/12/custode-dei-peccati-220x162.png
IP 89.46.107.22:0
File type PNG image data, 220 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash b939b9810e699652678f4789285b0c93
2d972a288ddf277368c6f456eb77086671e5fad2
180f666c837379b8a464f30d92b39ee7a8313452fe70cb5767c79f5392585234
GET /wp-content/uploads/2021/12/custode-dei-peccati-220x162.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 73513
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:42:04 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
www.romanzidaleggere.com/wp-content/uploads/2022/02/eredit%C3%A0-di-guerra-220x162.png
89.46.107.22200 OK 74 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2022/02/eredit%C3%A0-di-guerra-220x162.png
IP 89.46.107.22:0
File type PNG image data, 220 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash ec93b15ac1075c3d0bf0f31d93ee969b
21273a2246efcb6d09f25190ba57dfb507cbbbec
9c4933a9071362653d18a6a2d807cfcc2e975765d82649c78e8f46e4758193f3
GET /wp-content/uploads/2022/02/eredit%C3%A0-di-guerra-220x162.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 74180
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:42:04 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
www.romanzidaleggere.com/wp-content/uploads/2021/11/Per-niente-al-mondo-220x162.png
89.46.107.22200 OK 73 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2021/11/Per-niente-al-mondo-220x162.png
IP 89.46.107.22:0
File type PNG image data, 220 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash 8b533993b7cbdda87f204b710bc7f3fa
ca6575f1aa45c3f34475f13f9efce95be850883f
676edd8d07cb6779b575f70dfe2b7546d0d08deb72ef352cc5b19ee5c68f6a92
GET /wp-content/uploads/2021/11/Per-niente-al-mondo-220x162.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 72740
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:42:04 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
www.romanzidaleggere.com/wp-content/uploads/2021/11/nuovo-regno-220x162.png
89.46.107.22200 OK 55 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2021/11/nuovo-regno-220x162.png
IP 89.46.107.22:0
File type PNG image data, 220 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash aea133920a10f7f2a04e4e264f87f9ad
80c59507c02bceee7e813df2d0e92e71bb676249
910a46bbd8da8ad5ec30af9e7ad520ced38b68c4d7111327ed0425bfa670e275
GET /wp-content/uploads/2021/11/nuovo-regno-220x162.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 55217
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:42:04 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
www.romanzidaleggere.com/wp-content/uploads/2022/03/moglie-del-serial-killer-220x162.png
89.46.107.22200 OK 86 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2022/03/moglie-del-serial-killer-220x162.png
IP 89.46.107.22:0
File type PNG image data, 220 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash 7c203f9b8902a941453c836d0022322f
2c7eb2f870368c79b0e302a878962f4ed16c90e2
4a7a023c8d4e1c669e911122a5188f5f8f535d798ac3b6b7564e23e03adb370b
GET /wp-content/uploads/2022/03/moglie-del-serial-killer-220x162.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 85837
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:42:04 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb9bf29f1e0acaa7ac6d6566381370
dec1bea642dffbc11ebd6d65c94f87d6db95703a
b2bf22379151923244cbb9bd62499ded7b6f313a7db77914383bc1e704dd65de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 08:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.romanzidaleggere.com/wp-content/uploads/2022/09/Fairy-Tale-60x57.png
89.46.107.22200 OK 8.4 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2022/09/Fairy-Tale-60x57.png
IP 89.46.107.22:0
File type PNG image data, 60 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 4c5bde2381862946b30e0137b144801f
ed8a930049a8036df8a9dae3fe23b93e17f0b8b7
1066609a46cd03c580ffc34dad4ef1f104f9950d3ff966067dbe2a2e94982231
GET /wp-content/uploads/2022/09/Fairy-Tale-60x57.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 8386
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 08:11:03 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
142.250.74.163200 OK 22 kB URL HTTP/1.1 fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 22376, version 1.0\012- data
Hash e6af16165f9bfda6aafd0088b8c01daa
c9c0ee8309619643e65ba1b22bfffcd1a7ca1e51
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
GET /s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.romanzidaleggere.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 22376
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 31 Aug 2022 06:40:37 GMT
Expires: Thu, 31 Aug 2023 06:40:37 GMT
Cache-Control: public, max-age=31536000
Age: 524038
Last-Modified: Tue, 19 Apr 2022 18:25:01 GMT
Content-Type: font/woff2
www.romanzidaleggere.com/wp-content/uploads/2022/05/sotto-la-porta-dei-sussurri-60x57.png
89.46.107.22200 OK 8.8 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2022/05/sotto-la-porta-dei-sussurri-60x57.png
IP 89.46.107.22:0
File type PNG image data, 60 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 96987cedaa0a5cc3039e6030e01e92ae
1ea3484169839eabcea897e3b8fe20741ad67203
5322617e710dcecf4f465a73c8e9236fe231ec7908f9f5b0f8536520484f546e
GET /wp-content/uploads/2022/05/sotto-la-porta-dei-sussurri-60x57.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 8772
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:42:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
142.250.74.163200 OK 21 kB URL HTTP/1.1 fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 21224, version 1.0\012- data
Hash 13bdfb843f942ccd9f485eb6c0bc1934
2bad44362ff7569f24f2a3df2521b27a97ec1297
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
GET /s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.romanzidaleggere.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 21224
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Sep 2022 07:01:10 GMT
Expires: Fri, 01 Sep 2023 07:01:10 GMT
Cache-Control: public, max-age=31536000
Age: 436405
Last-Modified: Tue, 19 Apr 2022 18:04:18 GMT
Content-Type: font/woff2
www.googletagmanager.com/gtag/js?id=UA-180340699-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-180340699-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash d7c98fb2031cec2c6b9fc2469ea63778
3ad606492977c787017e0998092577fbb892224a
04d5660af69281841d860f3eb503a152fed57af51db97ee96b174279f076642b
GET /gtag/js?id=UA-180340699-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 08:14:35 GMT
expires: Tue, 06 Sep 2022 08:14:35 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41850
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.romanzidaleggere.com/wp-content/uploads/2022/06/vicino-di-casa-molto-speciale-60x57.png
89.46.107.22200 OK 7.8 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2022/06/vicino-di-casa-molto-speciale-60x57.png
IP 89.46.107.22:0
File type PNG image data, 60 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 7b9e4fa476180515ce91edba199b2f3e
5f0e4ab96fbabcee7c2f211ba88440b23ce3c4a8
833c963cfbf816b082ed091951fbcc844a71f135f7ba98c393b1518025b6276d
GET /wp-content/uploads/2022/06/vicino-di-casa-molto-speciale-60x57.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 7776
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:42:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
rdl.altervista.org/wp-content/Newsletter/fonts/BMWTypeNextTT-Regular.woff
136.243.138.245404 Not Found 37 kB URL HTTP/1.1 rdl.altervista.org/wp-content/Newsletter/fonts/BMWTypeNextTT-Regular.woff
IP 136.243.138.245:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047)
Hash e4ff1956b158d5724a37063a6331cdca
fe89e82724610b26ebe1dcf1ee84f3168fc85627
b209bfe35db5cf35d7283992b58f1a2ff104224628bd1658334169a1418d1f28
GET /wp-content/Newsletter/fonts/BMWTypeNextTT-Regular.woff HTTP/1.1
Host: rdl.altervista.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rdl.altervista.org/wp-content/Newsletter/BMW%20ITALY%201272-1%20RDL%20-R.html
HTTP/1.1 404 Not Found
Date: Tue, 06 Sep 2022 08:14:35 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://rdl.altervista.org/wp-json/>; rel="https://api.w.org/", <//cdn.iubenda.com/cs/versions/iubenda_cs-1.35.3.js>; rel=preload; as=script; nopush, <//cdn.iubenda.com/cookie_solution/iubenda_cs/1.35.3/core-it.js>; rel=preload; as=script; nopush, <//cdn.iubenda.com/cs/tcf/versions/tcf-v2-0.14.1.js>; rel=preload; as=script; nopush, <//www.iubenda.com/cookie-solution/confs/js/61281997.js>; rel=preload; as=script; nopush
Keep-Alive: timeout=1, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
rcm-eu.amazon-adsystem.com/e/cm?o=29&p=12&l=ez&f=ifr&linkID=0867ba561a51ea48d0803225b500227f&t=romric90-21&tracking_id=romric90-21
52.95.118.65302 Found 348 B URL HTTP/1.1 rcm-eu.amazon-adsystem.com/e/cm?o=29&p=12&l=ez&f=ifr&linkID=0867ba561a51ea48d0803225b500227f&t=romric90-21&tracking_id=romric90-21
IP 52.95.118.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d0f3830c10dd20b1210bb3c4bda7f4a8
74865c5c743393212527683ac7a02e3d7ec4acee
1faab6d4d1da9c1683043f753823df05c79a77741204b1b903bc172628bf5e3e
GET /e/cm?o=29&p=12&l=ez&f=ifr&linkID=0867ba561a51ea48d0803225b500227f&t=romric90-21&tracking_id=romric90-21 HTTP/1.1
Host: rcm-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 348
Connection: keep-alive
x-amz-rid: S1K1X7SV89CDT0NP0D0V
Location: https://ws-eu.assoc-amazon.com/widgets/cm?o=29&p=12&l=ez&f=ifr&linkID=0867ba561a51ea48d0803225b500227f&t=romric90-21&tracking_id=romric90-21
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Permissions-Policy: interest-cohort=()
www.romanzidaleggere.com/wp-content/uploads/2022/05/Mayday-60x57.png
89.46.107.22200 OK 8.6 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2022/05/Mayday-60x57.png
IP 89.46.107.22:0
File type PNG image data, 60 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 375f6db9e782de4e0b9b3e67558f90c5
d43e1aba10c99a80d3e33018963effd28baee525
e9aaa4d1b45582567e525afb3b9acfb574e40d05fe5de4b2cd382f90e11e894e
GET /wp-content/uploads/2022/05/Mayday-60x57.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 8583
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:42:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b57a9dd04797bf34612c80361f1dffb3
56573166d8b9cd9b8dae19fd905e4f3293af306b
b03552109f1e7d1e482aa14614ffb1e38fb53ae4951152aab307b927674dad98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4873
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 08:14:35 GMT
Etag: "6315ae14-1d7"
Last-Modified: Tue, 06 Sep 2022 06:53:22 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
www.romanzidaleggere.com/wp-content/themes/point/fonts/point.woff?29400515
89.46.107.22200 OK 7.5 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/themes/point/fonts/point.woff?29400515
IP 89.46.107.22:0
File type Web Open Font Format, TrueType, length 7460, version 1.0\012- data
Hash f596cc66772b7dcfc6ec44a4f0c8ada3
6ac23bc6f9faa00cd52edd8efd35de21e5675b0f
6177da63c46574dfaaa8836f5fe858df5cd83bfaa97e09407697e6761aff0f70
GET /wp-content/themes/point/fonts/point.woff?29400515 HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/wp-content/themes/point/style.css?ver=4.9.19
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: font/woff
Content-Length: 7460
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:40:13 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
www.romanzidaleggere.com/wp-content/plugins/gdpr-cookie-compliance/dist/images/gdpr-logo.png
89.46.107.22200 OK 1.5 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/plugins/gdpr-cookie-compliance/dist/images/gdpr-logo.png
IP 89.46.107.22:0
File type PNG image data, 350 x 233, 4-bit colormap, non-interlaced\012- data
Hash dd880989709c875ae9544b52c4d14614
70bf30cc53a852b30092b84c218da4b0dbfdb3f4
2d91c5b43406f8e7f61aca23cec58ee76a8e9a9d4b9a7c96cc9700a3376ca42b
GET /wp-content/plugins/gdpr-cookie-compliance/dist/images/gdpr-logo.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 1475
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:39:44 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
www.romanzidaleggere.com/wp-content/uploads/2022/04/Wilbur-Smith-60x57.png
89.46.107.22200 OK 9.9 kB URL HTTP/1.1 www.romanzidaleggere.com/wp-content/uploads/2022/04/Wilbur-Smith-60x57.png
IP 89.46.107.22:0
File type PNG image data, 60 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 736ff3409e0556a7d47879c71dcdbfc4
ada17c026244ea239154512bc6d6b70b011980b9
f74cae3e4e36d81bdfcfb65f95461621da67b4e08b2e9ec7ca46d8724c850c6c
GET /wp-content/uploads/2022/04/Wilbur-Smith-60x57.png HTTP/1.1
Host: www.romanzidaleggere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: image/png
Content-Length: 9936
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 18:42:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy110.ad.aruba.it
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb9bf29f1e0acaa7ac6d6566381370
dec1bea642dffbc11ebd6d65c94f87d6db95703a
b2bf22379151923244cbb9bd62499ded7b6f313a7db77914383bc1e704dd65de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 08:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/it_IT/all.js
31.13.72.12200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/it_IT/all.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash f9985c393733d889194a7d9844042b9d
564a12ef0bd1d55f00c9052c8508634570343aac
52ad04e86f3981544f4e079619d983d6bf99d9d2b9e22b55da16930a7cafde5f
GET /it_IT/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: e5a8ac3fa8911a2e2bff30cdb9b105c8
ETag: "bd147a40946930c48701672c73c32f6b"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Tue, 06 Sep 2022 08:16:42 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: +ZhcOTcz2IkZSn2YRAQrnQ==
X-FB-Debug: 1e8ELgJtr6OG2CBy5kuGxNmGlKF41Y0hYkBEw5OyXQmPtTAEgDcdXs8y5HtszmPoGX3Cb05Uf5LKeWr4wMb6SA==
X-FB-TRIP-ID: 1904183273
Date: Tue, 06 Sep 2022 08:14:35 GMT
Alt-Svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
Connection: keep-alive
Content-Length: 1684
href.li/?http://kroffers.it/campaign/ALDcpcP.html
192.0.78.27200 OK 255 B URL HTTP/2 href.li/?http://kroffers.it/campaign/ALDcpcP.html
IP 192.0.78.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a31e3aa7715f72cb6263eee6cbe9673d
3c0ae99104f79a0fb5cf10622a79bb84979b3791
27a1b23af485e64bafdfd19a47d23a18ded64cf567a15cb3d9a0ea2384236a3e
GET /?http://kroffers.it/campaign/ALDcpcP.html HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 31abc7fe976dbf9a68d45fb57e0c86c5
a1f6f5404850df3149a769dc685f5c795bc08435
0859eece0557d6b1b48ed8f04c2eb55bdc2ca3fb4633e52a193b206fdefbb5d3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 08:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20006
Date: Tue, 06 Sep 2022 06:20:38 GMT
Expires: Tue, 06 Sep 2022 08:20:38 GMT
Cache-Control: public, max-age=7200
Age: 6837
Last-Modified: Wed, 13 Apr 2022 21:02:38 GMT
Content-Type: text/javascript
track.adform.net/adfserve/?bn=57577208;1x1inv=1;srctype=3;ord=[timestamp]
37.157.2.234302 Found 714 B URL HTTP/2 track.adform.net/adfserve/?bn=57577208;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.2.234:0
Hash 8704b624c7b29338ff71e101ea2e3d12
8e0ee2bed8e887acc0d8c43f12d4a9c6b4e0c6ea
564a7a0d97bce8a7ba3aec44aa1f2eb3ded805109ac20303e4bafe7c763206d8
GET /adfserve/?bn=57577208;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Sep 2022 08:14:35 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=57577208;1x1inv=1;srctype=3;ord=[timestamp]
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Thu, 06-Oct-2022 08:14:35 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 06 Sep 2022 06:41:12 GMT
expires: Tue, 06 Sep 2022 08:41:12 GMT
cache-control: public, max-age=7200
age: 5603
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/plugins/ua/linkid.js
142.250.74.174200 OK 859 B URL HTTP/2 www.google-analytics.com/plugins/ua/linkid.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1335)
Hash 904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237
GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 07:45:50 GMT
expires: Tue, 06 Sep 2022 08:45:50 GMT
cache-control: public, max-age=3600
age: 1725
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 07869ddc8aa688fe8a93876ef1264055
636614db9c01c03fcc2d10f5f949b513e1a338c9
ab8f4fcf2e21b2e44d69d6e4a6478a7eb6cf8e451202c7dc2854ef68b8e91b2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4891
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 08:14:35 GMT
Last-Modified: Tue, 06 Sep 2022 06:53:04 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
esclusiva-perte.it/dem/bmw-i4/img/cta.gif
46.16.95.229200 OK 1.8 kB URL HTTP/1.1 esclusiva-perte.it/dem/bmw-i4/img/cta.gif
IP 46.16.95.229:0
ASN #52030 Server Plan S.r.l.
File type GIF image data, version 89a, 176 x 41\012- data
Hash a026fa22b3440444c67a59c371d41a6e
33ee45ac25a2a2272ba6b542aa4b68ae0fd7d3c9
0e6676bfaffc12b42829427339e6bdb0f9e3c6f5be30deb4498a61a71980aab7
GET /dem/bmw-i4/img/cta.gif HTTP/1.1
Host: esclusiva-perte.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rdl.altervista.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 08:14:35 GMT
Server: Apache
Last-Modified: Fri, 15 Jul 2022 08:00:40 GMT
ETag: "ea4e8-6d6-5e3d36a0f211c"
Accept-Ranges: bytes
Content-Length: 1750
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: image/gif
connect.facebook.net/it_IT/all.js?hash=e8bf4f6edd20e25a95f3710b37c2ebb7
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/it_IT/all.js?hash=e8bf4f6edd20e25a95f3710b37c2ebb7
IP 31.13.72.12:0
File type ASCII text, with very long lines (18528)
Hash b102eb660943e35ed2518b55acd85994
b96827a374c0eb6f61225673e92b33c61fe5e904
2b0fa573f3e0c1cfc857f33b69123f78ee4a1db192a3d39c3d06f2b4dfa670c8
GET /it_IT/all.js?hash=e8bf4f6edd20e25a95f3710b37c2ebb7 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.romanzidaleggere.com
Connection: keep-alive
Referer: http://www.romanzidaleggere.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 8c8a53fd370b2fcb3301479581de5feb
etag: "2447ccb6da2a6ec605153ae79bbdcdad"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 06 Sep 2023 07:36:27 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: sQLrZglD417SUYtVrNhZlA==
x-fb-debug: Pi9bU2Jn1nzJcx12YWMzSXZZ/tAcbzdN1NZgvoWuOtU65wCcHCFyZO5ZfWhOwAK15DHivvibhvmaEOqrHgc49Q==
priority: u=3,i
content-length: 88012
x-fb-trip-id: 1904183273
date: Tue, 06 Sep 2022 08:14:35 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash b4587252d5fd14c1ca21241f6c578ba9
31fefe8d30f9aa78b3b5c0d0ca76daf6eecd5d25
a8c7599262ca7dc4e23741eb685be8f91806764566bf0cb44be1f9a2635c8aeb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 08:14:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 07:57:08 GMT
Expires: Tue, 13 Sep 2022 07:57:07 GMT
Etag: "31fefe8d30f9aa78b3b5c0d0ca76daf6eecd5d25"
Cache-Control: max-age=603151,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7465c080fa23fac0-OSL
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 79eb27b68aa8238790bd7b2af7289366
cca84ed60e79aadec0cc84e0c6b42846ae0f1c0d
87b18e62f9337ffb4d8febbd2eca26ef271c8d170547ad8d7c2b79c742b55604
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 08:14:35 GMT
Last-Modified: Tue, 06 Sep 2022 07:53:36 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: n54LOMrEx8386aWZVTsi15e9TGMctfj_vEUGoh8kmDZJokhK5TDeJQ==
Age: 1259
esclusiva-perte.it/dem/bmw-i4/img/visore.jpg
46.16.95.229200 OK 60 kB URL HTTP/1.1 esclusiva-perte.it/dem/bmw-i4/img/visore.jpg
IP 46.16.95.229:0
ASN #52030 Server Plan S.r.l.
File type JPEG image data, baseline, precision 8, 500x400, components 3\012- data
Hash 8f8ec6f53b04f9b00581b153a343c61e
1f371dfebbb97a9a0297ba10587cf70fa3d50b06
054a9c61206529ef25fbe6d61eb106cd9e641d8ee8e63da0a01df334a654f4bd
GET /dem/bmw-i4/img/visore.jpg HTTP/1.1
Host: esclusiva-perte.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rdl.altervista.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 08:14:35 GMT
Server: Apache
Last-Modified: Fri, 15 Jul 2022 08:00:40 GMT
ETag: "ea4e7-ea30-5e3d36a0fdc9c"
Accept-Ranges: bytes
Content-Length: 59952
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
www.facebook.com/x/oauth/status?client_id=395202813876688&input_token&origin=1&redirect_uri=http%3A%2F%2Fwww.romanzidaleggere.com%2F&sdk=joey&wants_cookie_data=false
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/x/oauth/status?client_id=395202813876688&input_token&origin=1&redirect_uri=http%3A%2F%2Fwww.romanzidaleggere.com%2F&sdk=joey&wants_cookie_data=false
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/oauth/status?client_id=395202813876688&input_token&origin=1&redirect_uri=http%3A%2F%2Fwww.romanzidaleggere.com%2F&sdk=joey&wants_cookie_data=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.romanzidaleggere.com/
Origin: http://www.romanzidaleggere.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
access-control-expose-headers: fb-s
access-control-allow-credentials: true
access-control-allow-origin: http://www.romanzidaleggere.com
fb-s: unknown
fb-error-description: "This endpoint may only be called from an HTTPS Origin."
document-policy: force-load-at-top
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
strict-transport-security: max-age=15552000; preload
x-fb-debug: lUnJVt7YXNOA3bTF4BNAhbXVM2LnPyjTn/LQpa8CIYbyPCUeHmZOUI6+MBuQB85w9rBj9N/L2nPKWI74WNNxFg==
content-length: 0
date: Tue, 06 Sep 2022 08:14:36 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ws-eu.assoc-amazon.com/widgets/cm?o=29&p=12&l=ez&f=ifr&linkID=0867ba561a51ea48d0803225b500227f&t=romric90-21&tracking_id=romric90-21
52.95.118.186200 200 45 kB URL HTTP/1.1 ws-eu.assoc-amazon.com/widgets/cm?o=29&p=12&l=ez&f=ifr&linkID=0867ba561a51ea48d0803225b500227f&t=romric90-21&tracking_id=romric90-21
IP 52.95.118.186:0
File type HTML document, ASCII text, with very long lines (600)
Hash 259022b69bf9d2d2d6a02a39da252d32
b3052a790d286d34cb04a28e2d41c7c9ac80ac53
05e6d777568ab0486d1677f3f1c422070611025b544f01b2aaf73c9c3ed0ddd1
GET /widgets/cm?o=29&p=12&l=ez&f=ifr&linkID=0867ba561a51ea48d0803225b500227f&t=romric90-21&tracking_id=romric90-21 HTTP/1.1
Host: ws-eu.assoc-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.romanzidaleggere.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 200
Date: Tue, 06 Sep 2022 08:14:35 GMT
Server: Server
Cache-Control: must-revalidate
Pragma: no-cache
Expires: -1
charset: UTF-8
Access-Control-Allow-Origin: *
Content-Length: 44595
Vary: User-Agent
Connection: close
Content-Type: text/html;charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e496a4ae2f2470f7ba64aeb3b41d6e6
9dc184be61beecbeac392be25cb2d4e0ced8d440
778bb7b7218fa885f5a65ae5d9cd8f872239d549838eef8c9c31fc4033cc6848
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "778BB7B7218FA885F5A65AE5D9CD8F872239D549838EEF8C9C31FC4033CC6848"
Last-Modified: Sun, 04 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14014
Expires: Tue, 06 Sep 2022 12:08:10 GMT
Date: Tue, 06 Sep 2022 08:14:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13756
Expires: Tue, 06 Sep 2022 12:03:52 GMT
Date: Tue, 06 Sep 2022 08:14:36 GMT
Connection: keep-alive
track.adform.net/adfserve/?CC=1&bn=57610977;1x1inv=1;srctype=3;ord=[timestamp]
37.157.2.234200 OK 538 B URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=57610977;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.2.234:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ac1da158ed4e4f47e602ab3bd74f8b17
1b2416149baf66b1915ceac481ba629909c58b7c
8ed19d89ae09cac5a7aac53acb4f4a09938a51c58c51254bd06fc98a50c1cf0a
GET /adfserve/?CC=1&bn=57610977;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kroffers.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:35 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13756
Expires: Tue, 06 Sep 2022 12:03:52 GMT
Date: Tue, 06 Sep 2022 08:14:36 GMT
Connection: keep-alive
track.adform.net/adfserve/?CC=1&bn=57694365;1x1inv=1;srctype=3;ord=[timestamp]
37.157.2.234200 OK 538 B URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=57694365;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.2.234:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ac1da158ed4e4f47e602ab3bd74f8b17
1b2416149baf66b1915ceac481ba629909c58b7c
8ed19d89ae09cac5a7aac53acb4f4a09938a51c58c51254bd06fc98a50c1cf0a
GET /adfserve/?CC=1&bn=57694365;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kroffers.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:35 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13756
Expires: Tue, 06 Sep 2022 12:03:52 GMT
Date: Tue, 06 Sep 2022 08:14:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86e2429c-04f6-4791-b0ac-bfe10ee01611.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86e2429c-04f6-4791-b0ac-bfe10ee01611.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 567b5c4783f4affe56eab1cd640447d0
e02a994b68bca6eb31847ca69e574759629d1029
f3b8af815de503b88bba689b28a1d2b4b7616936ecc5d62d15fa00adaa5e340f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86e2429c-04f6-4791-b0ac-bfe10ee01611.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7021
x-amzn-requestid: 110fef70-1cfe-4d9c-b70b-ae79bae60d7f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X32-4EFZoAMF7jA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313052b-1481c6fe0e01c53b56608e14;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 07:41:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xWd68t8cJN-4D3x_veAgxzFX0uUClx7T0U6dPnHukKaAPzjt7mnOvA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 05:49:51 GMT
age: 8685
etag: "e02a994b68bca6eb31847ca69e574759629d1029"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
track.adform.net/adfserve/?bn=57716071;1x1inv=1;srctype=3;ord=[timestamp]
37.157.2.234302 Found 8.5 kB URL HTTP/2 track.adform.net/adfserve/?bn=57716071;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.2.234:0
Hash 72a2bb6b0e69dce8383b88396487d767
90ab1db4f1c5be72b0cec6c0195b2437c7992816
e47cb48ee233cb0255cdf60fba5991064be25fe1fc0d772311e49b70ca6d1eae
GET /adfserve/?bn=57716071;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 06 Sep 2022 08:14:35 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=57716071;1x1inv=1;srctype=3;ord=[timestamp]
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Thu, 06-Oct-2022 08:14:35 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?bn=57649662;1x1inv=1;srctype=3;ord=[timestamp]
37.157.2.234302 Found 8.4 kB URL HTTP/2 track.adform.net/adfserve/?bn=57649662;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.2.234:0
Hash 2a9676d5a6e2e3cc4d14addde5319d6c
57e026f440622bfaf83efbdbc3d77fd92722072a
7a2850b598810096362a95aa1b38e83d24f0f5da363c61c76ead530cd9037551
GET /adfserve/?bn=57649662;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Sep 2022 08:14:35 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=57649662;1x1inv=1;srctype=3;ord=[timestamp]
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Thu, 06-Oct-2022 08:14:35 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ce50dfa23e7f34ff68cc6426c2823f7
b1685694999272feb4d9fc39296418cd95480678
4df89827b1b34bb577f28f281ed85067a2e34dd48923b9bae1561e81f67be49b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7152
x-amzn-requestid: 2571ff54-e2f8-4072-8a26-3d0dd4cd3523
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWsfHz_IAMFaXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-6a598849314cdc433f9f82f7;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: I6xmRiAaxHPKpBlCPaRWoMiISlrXRrltO57N3NayiuIvv3gCWTWCZQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:53:35 GMT
age: 37261
etag: "b1685694999272feb4d9fc39296418cd95480678"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31f372dd-03b1-4e12-91bc-08ff7d47b9ff.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31f372dd-03b1-4e12-91bc-08ff7d47b9ff.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f9d13dec6194417882e71afdc1bd9b9a
156bafa4c7c089cf26639feacc9a25db6ef3870e
7e4f2932cd41776d120ac1e14b322c3b94c07449adc7904f222f46ed35570fd0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31f372dd-03b1-4e12-91bc-08ff7d47b9ff.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10985
x-amzn-requestid: 97f3ea4d-135f-4e76-a2db-05bad96e01eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWsgHMdIAMFbXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-1a8b9af405cd8e6b1e3c0e1d;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wjawu8nRjwWvl-Eldm4No6GY6gKO-PFbJNkv9FkpOCSDW14Mfx67Sg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:06:45 GMT
age: 36471
etag: "156bafa4c7c089cf26639feacc9a25db6ef3870e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f82eaf-49aa-4cfd-ab46-894119225c29.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f82eaf-49aa-4cfd-ab46-894119225c29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6287f68a964668d9dcd418f0f55cfa41
998cc906e470e1b8ec9b840ab5c3b93f1618a1e3
d1d6a242e8a5e3fa3166271473faa20fe2825f24f02a5e15c02180a066262b4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f82eaf-49aa-4cfd-ab46-894119225c29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13302
x-amzn-requestid: b3cc28ec-5792-4028-b62f-b24dd50a24af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-5FLgoAMFo9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-3ea9e3b364c0efe24b48e826;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: arLdjfE327MmTML3UwIQK2Y-ptUk35lzGyufht73gjkKYqbAxfUdEA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:46:42 GMT
etag: "998cc906e470e1b8ec9b840ab5c3b93f1618a1e3"
content-type: image/jpeg
age: 37674
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kroffers.it/net/adx/scripts/click.php?a_aid=577a62585dd08&a_bid=e398f587
94.23.64.4301 Moved Permanently 0 B URL HTTP/1.1 kroffers.it/net/adx/scripts/click.php?a_aid=577a62585dd08&a_bid=e398f587
IP 94.23.64.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /net/adx/scripts/click.php?a_aid=577a62585dd08&a_bid=e398f587 HTTP/1.1
Host: kroffers.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PAPCookie_Imp_82caedc4=pap; PAPCookie_Imp_e398f587=pap; PAPCookie_Imp_6af06375=pap; PAPCookie_Imp_2ed03752=pap
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
date: Tue, 06 Sep 2022 08:14:37 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
server: Apache
x-powered-by: PHP/5.6
cache-control: private, no-cache, no-store, max-age=0
p3p: CP="NOI NID ADMa DEVa PSAa OUR BUS ONL UNI COM STA OTC"
set-cookie: PAPVisitorId=20ccdc552e892329028d4951c4Y4BWYH; expires=Fri, 03-Sep-2032 08:14:37 GMT; Max-Age=315360000; path=/
location: https://track.adform.net/C/?bn=57577208
x-iplb-request-id: 5B5A2A9A:595C_5E174004:0050_6317016A_11A8:5369
x-iplb-instance: 31947
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 18bdf3860a334f00d4aead872abefcec
f8e639adf5376b7223c8fdeb1a49515fd5efaf7a
facadd4e9ea35639fa93081bf5396648f78bd7e2d1b518bda676f3b08e6f01aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3849
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 08:14:37 GMT
Last-Modified: Tue, 06 Sep 2022 07:10:28 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
www.linkclickcounter.com/url_redirect.php?c=hL1dcap
104.21.31.110302 Found 785 B URL HTTP/2 www.linkclickcounter.com/url_redirect.php?c=hL1dcap
IP 104.21.31.110:0
Hash febc4f3e00a864ca8f20786556c77089
9e01c99b16719a0a01c0c8fc29be3dbe0fda6341
b14b26acc512c4595e87258cee494c5982511c29c3e370257b164fdbf8ffda90
GET /url_redirect.php?c=hL1dcap HTTP/1.1
Host: www.linkclickcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 06 Sep 2022 08:14:37 GMT
content-type: text/html; charset=UTF-8
location: http://kroffers.it/net/adx/scripts/click.php?a_aid=577a62585dd08&a_bid=e398f587
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ni5snaxCwEQw%2FutiA5%2Fd1PVodOdXQWyWEBc7jHHSv4mnhbDZKq4J4hvSmMzujhGc74zF0ldwOORe5TqDkLEQZwMVq09wzzmCGF%2BytBhj0XHKUIhvtNfpnOclvr8ZhM3916guj8ebO%2FTsF1c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7465c0873ae6b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
track.adform.net/C/?bn=57577208
37.157.2.234302 Found 165 B URL HTTP/2 track.adform.net/C/?bn=57577208
IP 37.157.2.234:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 0974bd16d2006c6b70867f4e9db7b468
c6fef3495794d5666620f05cd4e643bb4908aeca
1e8d07bffdf8a8091460b83d46304d1d8ed8ec1b366ac1e244a8e0ad5c816b45
GET /C/?bn=57577208 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 06 Sep 2022 08:14:37 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/C/?CC=1&bn=57577208
cache-control: private
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Thu, 06-Oct-2022 08:14:37 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 6d1424d63194ec238ff2d5a8c1b5e256
f286acd3c6f2d4442630c22f534fde35c35ef591
ba9d5e4ecf0c9dd19169e40bfede750951eb79dd4b82ee16b2f0c13e8bf94447
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 06 Sep 2022 08:14:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 05 Sep 2022 22:53:09 GMT
Expires: Tue, 06 Sep 2022 22:53:09 GMT
ETag: "f286acd3c6f2d4442630c22f534fde35c35ef591"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
t.myvisualiq.net/click_pixel?et=c&ago=212&ao=693&aca=27156342&si=6320737&ci=138616256&pi=328923418&ad=521101408&sv1=[keyword_id]&advt=8122571&chnl=-7&vndr=115&sz=9909&u=&viq_did=&red=https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ
3.127.113.46302 Moved Temporarily 0 B URL HTTP/1.1 t.myvisualiq.net/click_pixel?et=c&ago=212&ao=693&aca=27156342&si=6320737&ci=138616256&pi=328923418&ad=521101408&sv1=[keyword_id]&advt=8122571&chnl=-7&vndr=115&sz=9909&u=&viq_did=&red=https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ
IP 3.127.113.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click_pixel?et=c&ago=212&ao=693&aca=27156342&si=6320737&ci=138616256&pi=328923418&ad=521101408&sv1=[keyword_id]&advt=8122571&chnl=-7&vndr=115&sz=9909&u=&viq_did=&red=https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ HTTP/1.1
Host: t.myvisualiq.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 06 Sep 2022 08:14:37 GMT
Location: https://t.myvisualiq.net/ul_cb/click_pixel?et=c&ago=212&ao=693&aca=27156342&si=6320737&ci=138616256&pi=328923418&ad=521101408&sv1=[keyword_id]&advt=8122571&chnl=-7&vndr=115&sz=9909&u=&viq_did=&red=https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ
Set-Cookie: tuuid=9499ace7-6912-412c-bc51-cf4898eba35b; path=/; expires=Thu, 05-Sep-2024 08:14:37 GMT; domain=.myvisualiq.net
c=1662452077; path=/; expires=Thu, 05-Sep-2024 08:14:37 GMT; domain=.myvisualiq.net
tuuid_lu=1662452077; path=/; expires=Thu, 05-Sep-2024 08:14:37 GMT; domain=.myvisualiq.net
Content-Length: 0
Connection: keep-alive
t.myvisualiq.net/ul_cb/click_pixel?et=c&ago=212&ao=693&aca=27156342&si=6320737&ci=138616256&pi=328923418&ad=521101408&sv1=[keyword_id]&advt=8122571&chnl=-7&vndr=115&sz=9909&u=&viq_did=&red=https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ
3.127.113.46302 Moved Temporarily 0 B URL HTTP/1.1 t.myvisualiq.net/ul_cb/click_pixel?et=c&ago=212&ao=693&aca=27156342&si=6320737&ci=138616256&pi=328923418&ad=521101408&sv1=[keyword_id]&advt=8122571&chnl=-7&vndr=115&sz=9909&u=&viq_did=&red=https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ
IP 3.127.113.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/click_pixel?et=c&ago=212&ao=693&aca=27156342&si=6320737&ci=138616256&pi=328923418&ad=521101408&sv1=[keyword_id]&advt=8122571&chnl=-7&vndr=115&sz=9909&u=&viq_did=&red=https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ HTTP/1.1
Host: t.myvisualiq.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: tuuid=9499ace7-6912-412c-bc51-cf4898eba35b; c=1662452077; tuuid_lu=1662452077
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
access-control-allow-origin: *
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Date: Tue, 06 Sep 2022 08:14:37 GMT
Location: https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
Set-Cookie: tuuid=9499ace7-6912-412c-bc51-cf4898eba35b; path=/; expires=Thu, 05-Sep-2024 08:14:37 GMT; domain=.myvisualiq.net
tuuid_lu=1662452077; path=/; expires=Thu, 05-Sep-2024 08:14:37 GMT; domain=.myvisualiq.net
Content-Length: 0
Connection: keep-alive
www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
104.110.22.116200 OK 66 kB URL HTTP/2 www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
IP 104.110.22.116:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3285), with CRLF, LF line terminators
Hash 0bf41f821c675fba480871c427a3ecd6
2be1357359296322eadfe1a5d83c86362e3230b2
8195581ef8684048aa5432fe6824242b50102c9ec18ae03ed6854ddef9f22ccb
GET /mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html;charset=utf-8
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
content-length: 65715
cache-control: no-cache
date: Tue, 06 Sep 2022 08:14:38 GMT
vary: Accept-Encoding
set-cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5;PATH=/;MAX-AGE=900
AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5;PATH=/;MAX-AGE=900;SECURE;SAMESITE=None
X-Firefox-Spdy: h2
www.alfaromeo.it/content/dam/moc/style/alfaromeo/core-header-footer.css
104.110.22.116200 OK 8.4 kB URL HTTP/2 www.alfaromeo.it/content/dam/moc/style/alfaromeo/core-header-footer.css
IP 104.110.22.116:0
File type Unicode text, UTF-8 text, with very long lines (53558), with no line terminators
Hash 009f92a65f8e92eb47e8570811fef139
b5dac7ff7dca0b1bacc467b3297680828c2470be
90461c0eda7d95e083ec131216f7241b5d2efb9a821bf1496c25f1cb228e91e1
GET /content/dam/moc/style/alfaromeo/core-header-footer.css HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
content-disposition: attachment
content-encoding: br
etag: "d2aa-5e0ca25d0a680-gzip"
last-modified: Mon, 05 Sep 2022 12:38:06 GMT
server: Akamai Resource Optimizer
x-content-type-options: nosniff
x-dispatcher: dispatcher1eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
content-length: 8413
date: Tue, 06 Sep 2022 08:14:38 GMT
X-Firefox-Spdy: h2
assets.adobedtm.com/abfd6fce1729/8badb9bcb363/launch-6f75b3c76db6.min.js
23.38.200.237200 OK 41 kB URL HTTP/2 assets.adobedtm.com/abfd6fce1729/8badb9bcb363/launch-6f75b3c76db6.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32762)
Hash 7f7a78873ba8fe315a401e60af855698
80c94e886106b9998496a6139c66604565b35b35
151b8d50ecb0065e8db195bfad57a6db5c57c2e5d39693393ba2a2a9084cdbf1
GET /abfd6fce1729/8badb9bcb363/launch-6f75b3c76db6.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "85ffc6cc447f6b153b60e484cde98999:1643796943.6994"
last-modified: Wed, 02 Feb 2022 10:15:43 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 41424
cache-control: max-age=3600
expires: Tue, 06 Sep 2022 09:14:38 GMT
date: Tue, 06 Sep 2022 08:14:38 GMT
access-control-allow-origin: https://www.alfaromeo.it
timing-allow-origin: *
X-Firefox-Spdy: h2
www.alfaromeo.it/content/dam/moc/alfa-romeo/toolbar/logo_alfaromeo.png
104.110.22.116200 OK 26 kB URL HTTP/2 www.alfaromeo.it/content/dam/moc/alfa-romeo/toolbar/logo_alfaromeo.png
IP 104.110.22.116:0
File type PNG image data, 144 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 370b64d8e78a86139f496ddcca86cb2f
7007cc93feea51e97fe979f943665aa2e41631a8
94d36fc31ada0fb9d2e496c8532d8f8be3e1c6edd6e6c965d3e401bd97175a1d
GET /content/dam/moc/alfa-romeo/toolbar/logo_alfaromeo.png HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment
content-type: image/png
etag: "64a6-5e78bfecef640"
last-modified: Wed, 31 Aug 2022 16:29:05 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 06 Sep 2022 08:14:38 GMT
content-length: 25534
X-Firefox-Spdy: h2
www.alfaromeo.it/etc.clientlibs/moc/clientlibs/clientlibs_autocomplete_here.b06e2fa06a3ad801283134670f0a508a.js
104.110.22.116200 OK 4.1 kB URL HTTP/2 www.alfaromeo.it/etc.clientlibs/moc/clientlibs/clientlibs_autocomplete_here.b06e2fa06a3ad801283134670f0a508a.js
IP 104.110.22.116:0
File type ASCII text, with very long lines (1678), with CRLF line terminators
Hash 4277f63edce90a7e069fc6a3db9bf574
fcc6e8c049483a779b96effc7e5269a35932a1d6
a552802a0e35191a540259743b05a60665ea0b6ef1dd1a899f6aa2a7712f5230
GET /etc.clientlibs/moc/clientlibs/clientlibs_autocomplete_here.b06e2fa06a3ad801283134670f0a508a.js HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
content-encoding: br
etag: "40c1-5b553ccd557c0-gzip"
last-modified: Mon, 05 Sep 2022 12:44:35 GMT
server: Akamai Resource Optimizer
x-content-type-options: nosniff
x-dispatcher: dispatcher1eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
content-length: 4116
cache-control: max-age=535100
date: Tue, 06 Sep 2022 08:14:38 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3df811ac19fde08f49ef246c29cef161
e1c8d54b357adaf32e80427028cc884fa35959e0
e2749178e0bf0c4045a96388a58029ddd92d13a866021737864cd68e11317292
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 08:14:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.alfaromeo.it/content/dam/moc/style/alfaromeo/fixes.css
104.110.22.116200 OK 5.7 kB URL HTTP/2 www.alfaromeo.it/content/dam/moc/style/alfaromeo/fixes.css
IP 104.110.22.116:0
File type CSV text\012- , Unicode text, UTF-8 text
Hash e85a8fd88401168be3ea9bfe8d17b271
72672a9b1664ef2b9782f6eb6b4f137f90000c33
7bfc32761161f221569a827a423235c19ae9444607a6681cfec7913c9634d2ad
GET /content/dam/moc/style/alfaromeo/fixes.css HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
content-disposition: attachment
content-encoding: br
etag: "94b0-5e542c6b66e00-gzip"
last-modified: Mon, 05 Sep 2022 12:41:29 GMT
server: Akamai Resource Optimizer
x-content-type-options: nosniff
x-dispatcher: dispatcher1eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
content-length: 5650
date: Tue, 06 Sep 2022 08:14:38 GMT
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-browser/0.1.0/jquery.browser.min.js
104.17.24.14200 OK 868 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-browser/0.1.0/jquery.browser.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (2237)
Hash 2f133778b92c1b9e199afa347c014d63
cd0ab55ccb81573c5b45b171f1645694f3bb2a75
58928a507f376870938cf59d6aea327107afa7ecca63241fe731320be833533b
GET /ajax/libs/jquery-browser/0.1.0/jquery.browser.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 08:14:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 868
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-a23"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1678182
expires: Sun, 27 Aug 2023 08:14:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BohbTrZ2%2BNokzN1AFN3uFN17prIbg6NWSTCyESeEqBLGIoLKODC5kmfvtNt%2FRpsEI6SORWNHtO7KiSuyvsa%2BKZfJGhQV%2FLcfe9H5k6z75J8kIySSc3%2FnaYMLTQZCOFbeFaPOEPrq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7465c093ecba0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.alfaromeo.it/content/dam/moc/style/alfaromeo/core-header-footer.js
104.110.22.116200 OK 30 kB URL HTTP/2 www.alfaromeo.it/content/dam/moc/style/alfaromeo/core-header-footer.js
IP 104.110.22.116:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c02d1ad87426fb443d7cf95af853005e
8771ed9d1976ff401d841d3f1dba17e5b182405e
f25fb92cd2f187ef6b1881a0fbc69c8f682dbf3ceba4887bf6f2cf9601cc28f7
GET /content/dam/moc/style/alfaromeo/core-header-footer.js HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-disposition: attachment
content-encoding: br
etag: "1821b-5e0ca26a64600-gzip"
last-modified: Mon, 05 Sep 2022 12:52:26 GMT
server: Akamai Resource Optimizer
x-content-type-options: nosniff
x-dispatcher: dispatcher1eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
content-length: 29601
date: Tue, 06 Sep 2022 08:14:38 GMT
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/angular-translate/2.15.1/angular-translate.min.js
104.17.24.14200 OK 6.7 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/angular-translate/2.15.1/angular-translate.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (23860)
Hash 8c067ad4ce2b780148ef753e550e785d
423869576c017cd5cbceea3b7ae31ff705cf2e51
329dcaa165a450f2d237beaa82f5c326bcd9e549c86c5350faa131d946076445
GET /ajax/libs/angular-translate/2.15.1/angular-translate.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 08:14:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 6699
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d23-5dba"
last-modified: Mon, 04 May 2020 16:04:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5495458
expires: Sun, 27 Aug 2023 08:14:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZ%2FDDRNtt0fAYusYmahGZICznwnn3nD%2B2BPKEcySN5BmlQxWA%2FoJuvJZCymuCVakVQyfzdf1kRz9ToP0FQCev5lZNinm2cRWMt5lrJNy2Fv1pgTNUEJfOkrHyp5Tl44E%2Fg5SC3a3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7465c093fcc70afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.alfaromeo.it/etc.clientlibs/moc/clientlibs/head.min.js
104.110.22.116200 OK 71 kB URL HTTP/2 www.alfaromeo.it/etc.clientlibs/moc/clientlibs/head.min.js
IP 104.110.22.116:0
File type ASCII text, with very long lines (32065), with CRLF line terminators
Hash 78aec6ce0cd256801ade13d85b62cdfe
d2adafb0f4c09998e1c080ca8d46b6cef0f5f6cc
c00cee36c06538d7ae1ce8fd8a904895736abb3e25182f3c2092bfec34e4de01
GET /etc.clientlibs/moc/clientlibs/head.min.js HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
content-encoding: br
etag: "47708-58e93947b5280-gzip"
last-modified: Mon, 05 Sep 2022 12:50:04 GMT
server: Akamai Resource Optimizer
x-content-type-options: nosniff
x-dispatcher: dispatcher2eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
content-length: 71229
cache-control: no-cache
date: Tue, 06 Sep 2022 08:14:38 GMT
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/angular-i18n/1.6.6/angular-locale_it-it.js
104.17.24.14200 OK 895 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/angular-i18n/1.6.6/angular-locale_it-it.js
IP 104.17.24.14:0
Hash 74810c50f3e08a95d926d18bcbbfda57
4df15e530c59a4b79b99ebfc8a20140d19b929c2
92aa58da0b33ef8fa34f15cad7b405d1dc97b0b629ea4ffcaaf03636e31fe844
GET /ajax/libs/angular-i18n/1.6.6/angular-locale_it-it.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 08:14:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 895
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d21-ad3"
last-modified: Mon, 04 May 2020 16:04:49 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 74996
expires: Sun, 27 Aug 2023 08:14:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94L%2FJ9G%2F%2Bvf%2FW25EFUC9x13Ah5w7E167NogXneCmJEeIF%2Bo5bc8lR%2FIz4bJRyleMrFqT6kFV5OH4ykITteUDJL%2FVt7Oy20VOsd5pgra8Lxp2hK8PuPv6m3kSeqgQSdHTWIqr1Pz2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7465c0945d1b0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=explicit&hl=it&?render=explicit
142.250.74.164200 OK 555 B URL HTTP/2 www.google.com/recaptcha/api.js?render=explicit&hl=it&?render=explicit
IP 142.250.74.164:0
File type ASCII text, with very long lines (852), with no line terminators
Hash b51e117ac4483bd36664ec981ef38086
aeb60bde55d05d0a25c7d723cda10aa4fc4bd576
d8f214ccbc38a9a6e4962748e6c33f501a9201a8ad3dae8ce62bc4d611392ec2
GET /recaptcha/api.js?render=explicit&hl=it&?render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 06 Sep 2022 08:14:38 GMT
date: Tue, 06 Sep 2022 08:14:38 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.alfaromeo.it/etc.clientlibs/moc/clientlibs/crossclientlibs.min.js
104.110.22.116200 OK 258 kB URL HTTP/2 www.alfaromeo.it/etc.clientlibs/moc/clientlibs/crossclientlibs.min.js
IP 104.110.22.116:0
File type Unicode text, UTF-8 text, with very long lines (14756), with CRLF, LF line terminators
Size 258 kB (258377 bytes)
Hash bbf9b6d4fc3f3eaa36fda4fb3539f44e
9878ccacd70d8d4857cc041b637ec67efeee4aa0
0f4e9b394499b7990d63cde4b041c34145bc51036eb47f467770af27c5db3773
GET /etc.clientlibs/moc/clientlibs/crossclientlibs.min.js HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
content-encoding: br
etag: "2761eb-5e0c6fc9f5480-gzip"
last-modified: Mon, 05 Sep 2022 12:33:05 GMT
server: Akamai Resource Optimizer
x-content-type-options: nosniff
x-dispatcher: dispatcher2eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
content-length: 258377
cache-control: no-cache
date: Tue, 06 Sep 2022 08:14:38 GMT
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/angularjs/1.6.3/angular.min.js
216.58.211.10200 OK 59 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/angularjs/1.6.3/angular.min.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (566)
Hash ac43dda3ff93276971d7067fb5d91bc1
ea43575f4df3c873a57795b9fe62a9224dbda30a
8c5c748fef05082d83d2b38128eca4ae5fffb6935dfa3007bb78f1b60081c286
GET /ajax/libs/angularjs/1.6.3/angular.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 58905
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 05:58:24 GMT
expires: Thu, 31 Aug 2023 05:58:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 526574
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cookielaw.emea.fcagroup.com/CookieLawProduct/resources/generatejs?key=1469
23.36.79.9200 OK 4.3 kB URL HTTP/2 cookielaw.emea.fcagroup.com/CookieLawProduct/resources/generatejs?key=1469
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
Hash 262f1605cdc0a88626e93430311d50cb
65449322e6559c609bb6413514d2556fa0b3ef47
bf4a10590d6640cffe1f42572201659b491cce0aa1e5f63a66ec0a4419a82fec
GET /CookieLawProduct/resources/generatejs?key=1469 HTTP/1.1
Host: cookielaw.emea.fcagroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript;charset=UTF-8
content-length: 4313
server: Apache
content-encoding: gzip
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
date: Tue, 06 Sep 2022 08:14:38 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
cookielaw.emea.fcagroup.com/CookieLawProduct/resources/generatecss?key=1469
23.36.79.9200 OK 0 B URL HTTP/2 cookielaw.emea.fcagroup.com/CookieLawProduct/resources/generatecss?key=1469
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /CookieLawProduct/resources/generatecss?key=1469 HTTP/1.1
Host: cookielaw.emea.fcagroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 0
server: Apache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
date: Tue, 06 Sep 2022 08:14:38 GMT
X-Firefox-Spdy: h2
www.alfaromeo.it/etc.clientlibs/moc/clientlibs/alfaromeoclientlibs.min.2be74da0942cdf76d7f67197f0c04d86.css
104.110.22.116200 OK 471 B URL HTTP/2 www.alfaromeo.it/etc.clientlibs/moc/clientlibs/alfaromeoclientlibs.min.2be74da0942cdf76d7f67197f0c04d86.css
IP 104.110.22.116:0
Hash 8b3fc7b78a1c498440023dbb6004e984
688d8686e183a4e84577e0f70550350622796e2e
ac1f7b3d1c5bfc1888f50aa3a8e0498c11f7cce672e6de5c048bf31d4d3370c7
GET /etc.clientlibs/moc/clientlibs/alfaromeoclientlibs.min.2be74da0942cdf76d7f67197f0c04d86.css HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css;charset=utf-8
accept-ranges: bytes
content-encoding: br
etag: "2733a7-5e52a8c5f5b80-gzip"
last-modified: Mon, 05 Sep 2022 12:49:16 GMT
server: Akamai Resource Optimizer
x-content-type-options: nosniff
x-dispatcher: dispatcher2eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
content-length: 165207
cache-control: no-cache
date: Tue, 06 Sep 2022 08:14:38 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 80f29cbbe260408ee1418a6fbce5a537
96cfe52bcf90cfdba5cba7907d49a91f44adc032
de264b42b7c59bdadf606387adaca04af680705a947096d048f288c3e5be8517
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 08:14:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e087a18bec654e80b0c5c0841fa5072a
73bf93742db94be64ad8f0f85344ebcec330887c
09b7185ee7b123153aaf1312191b69732aec1cef7324dff619cf246e3a18c7f5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 08:14:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 01:33:55 GMT
Expires: Mon, 12 Sep 2022 01:33:54 GMT
Etag: "73bf93742db94be64ad8f0f85344ebcec330887c"
Cache-Control: max-age=493754,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7465c095af69b50f-OSL
scripts.psyma.com/scripts/abit/abit_alfaromeo.php
62.138.197.250200 OK 519 B URL HTTP/1.1 scripts.psyma.com/scripts/abit/abit_alfaromeo.php
IP 62.138.197.250:0
ASN #61157 PlusServer GmbH
Hash a5e150796c94a489a772093fe69ca6d1
a03d006945ffbab0a86346830d8dd43f338ae1a6
8390ba7d52de22508c86afe78ac5a2a777544452ae38243fcb5379e010f7eded
GET /scripts/abit/abit_alfaromeo.php HTTP/1.1
Host: scripts.psyma.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-type: text/javascript;charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Tue, 06 Sep 2022 08:14:39 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Security-Policy: default-src 'self', default-src 'self'; style-src 'unsafe-inline' 'self'; script-src 'unsafe-inline' 'self'; img-src 'self' 'unsafe-eval'
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: default-src 'self'; style-src 'unsafe-inline' 'self'; script-src 'unsafe-inline' 'self'; img-src 'self' 'unsafe-eval'
Referrer-Policy: same-origin
Access-Control-Allow-Origin: *
Content-Length: 519
Date: Tue, 06 Sep 2022 08:14:39 GMT
Server: WebServer
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb9bf29f1e0acaa7ac6d6566381370
dec1bea642dffbc11ebd6d65c94f87d6db95703a
b2bf22379151923244cbb9bd62499ded7b6f313a7db77914383bc1e704dd65de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 08:14:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.alfaromeo.it/content/dam/moc/common/private/libretto%20img.png
104.110.22.116404 Not Found 513 B URL HTTP/2 www.alfaromeo.it/content/dam/moc/common/private/libretto%20img.png
IP 104.110.22.116:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 38541e4a8e843e9fa2c3d0b231acea9a
f6bcbf9c427ca1540880c9803b4259dc31a1a752
11590dbbd7b253f85ce3cdfe3e98ab25b8b4d376f5b42987723de48431709334
GET /content/dam/moc/common/private/libretto%20img.png HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
content-length: 513
date: Tue, 06 Sep 2022 08:14:39 GMT
X-Firefox-Spdy: h2
www.alfaromeo.it/mopar/%7B%7Bcar.model.extension.image%7D%7D
104.110.22.116404 Not Found 62 kB URL HTTP/2 www.alfaromeo.it/mopar/%7B%7Bcar.model.extension.image%7D%7D
IP 104.110.22.116:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3285), with CRLF, LF line terminators
Hash 3b6955ed2b4684631c79b1faa7c3493d
34c988fed84cb280e73f47a4fbf674c6cbb54a92
6e82d6c82bd4438311efea8e207976b53d22a44b97e4356e38e575746e73ad9f
GET /mopar/%7B%7Bcar.model.extension.image%7D%7D HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-encoding: gzip
content-type: text/html;charset=utf-8
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
content-length: 62488
date: Tue, 06 Sep 2022 08:14:39 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
href.li/?https://cntr.click/hL1dcap
192.0.78.27200 OK 40 kB URL HTTP/2 href.li/?https://cntr.click/hL1dcap
IP 192.0.78.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 45e5f0c8d9c4c7c72a0972c5bbabb427
ee4e22ded1189ae9d68646fb13fa9c81f1152aa6
da5f32a32277f848a91bb83df5ccbd247d2acdd8af02393197579457a491e113
GET /?https://cntr.click/hL1dcap HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:36 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca
X-Firefox-Spdy: h2
www.alfaromeo.it/content/dam/moc/alfa-romeo/it/1920x465_desktop.png
104.110.22.116200 OK 104 kB URL HTTP/2 www.alfaromeo.it/content/dam/moc/alfa-romeo/it/1920x465_desktop.png
IP 104.110.22.116:0
File type JPEG image data, baseline, precision 8, 1920x465, components 3\012- data
Size 104 kB (103488 bytes)
Hash a0df184f6a8fad16967797f0e02eb1b2
0f8f898fcfc98caf5e41e2f4ab6c92e24f7b42eb
2ab166269980b919d5b6064e214c89313a684764968c7e8332f5a40bae9d8419
GET /content/dam/moc/alfa-romeo/it/1920x465_desktop.png HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment
content-type: image/png
etag: "1a35e-5c2957d521400"
last-modified: Tue, 18 May 2021 07:16:32 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 06 Sep 2022 08:14:39 GMT
content-length: 103488
X-Firefox-Spdy: h2
www.alfaromeo.it/etc.clientlibs/moc/clientlibs/crossclientlibs/resources/fonts/sequel100black-45-webfont.woff2
104.110.22.116404 Not Found 0 B URL HTTP/2 www.alfaromeo.it/etc.clientlibs/moc/clientlibs/crossclientlibs/resources/fonts/sequel100black-45-webfont.woff2
IP 104.110.22.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /etc.clientlibs/moc/clientlibs/crossclientlibs/resources/fonts/sequel100black-45-webfont.woff2 HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.alfaromeo.it/etc.clientlibs/moc/clientlibs/alfaromeoclientlibs.min.2be74da0942cdf76d7f67197f0c04d86.css
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
content-length: 0
date: Tue, 06 Sep 2022 08:14:39 GMT
X-Firefox-Spdy: h2
cookielaw.emea.fcagroup.com/CookieLawProduct/resources/generatehtml?key=1469
23.36.79.9200 OK 191 kB URL HTTP/2 cookielaw.emea.fcagroup.com/CookieLawProduct/resources/generatehtml?key=1469
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size 191 kB (191033 bytes)
Hash efa58702a468e54b8cc9e3a0f7a94dc0
15b2dd01167558b49f8dd4640847b787a4996f21
ff9d69526baa4cf0e0722c5575265113568386a4daa628bf6cffbfbd85a5a4b5
GET /CookieLawProduct/resources/generatehtml?key=1469 HTTP/1.1
Host: cookielaw.emea.fcagroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
server: Apache
content-encoding: gzip
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
content-length: 191033
date: Tue, 06 Sep 2022 08:14:39 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.alfaromeo.it/etc.clientlibs/moc/clientlibs/crossclientlibs/resources/alfaromeo/favicon.ico
104.110.22.116200 OK 9.0 kB URL HTTP/2 www.alfaromeo.it/etc.clientlibs/moc/clientlibs/crossclientlibs/resources/alfaromeo/favicon.ico
IP 104.110.22.116:0
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash f137297778eccceae119a66b2635b440
712bf1b95e8e02611c7a9058277817fafbbdc067
341352f2463d0430199dfd4ec3ad9373a438cf3cc9205f76198c765857235a10
GET /etc.clientlibs/moc/clientlibs/crossclientlibs/resources/alfaromeo/favicon.ico HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/vnd.microsoft.icon
etag: "423e-58e93946c1040-gzip"
last-modified: Fri, 26 Jul 2019 11:09:45 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
content-length: 8970
cache-control: public, max-age=86400
date: Tue, 06 Sep 2022 08:14:39 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
js.api.here.com/v3/3.1/mapsjs-core.js
54.230.111.50200 OK 264 kB URL HTTP/2 js.api.here.com/v3/3.1/mapsjs-core.js
IP 54.230.111.50:0
Size 264 kB (264309 bytes)
Hash fa04a3ac1b932c611328a91fd82df7be
bd08491fc4dd131a129cf55fabec9a9bb7a9aa26
04f300a1d7d17dbfdb82bb12dab23fecdc09557c675d7fbe0fbf78eef636b879
GET /v3/3.1/mapsjs-core.js HTTP/1.1
Host: js.api.here.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 05 Sep 2022 18:34:10 GMT
last-modified: Wed, 31 Aug 2022 15:16:58 GMT
etag: W/"d05b9ef80b131affefc72ea8d2e855b1"
cache-control: no-cache
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RLpS_EQWLCSqBewyBoTZt6oeDYqSf1tT81QIW6dzI7ZzddO44cUpMQ==
age: 49229
X-Firefox-Spdy: h2
trust.roiandco.com/aff_i?offer_id=21986&aff_id=2305&file_id=126207
104.21.27.101200 OK 22 kB URL HTTP/2 trust.roiandco.com/aff_i?offer_id=21986&aff_id=2305&file_id=126207
IP 104.21.27.101:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash e94b1435c1083fcd6f1f209d64a51618
0bb41c9d8c1b25cd18267f9b0dc8b6d40fae7a38
5e84af70a54a612ca0bc3499248ca885ab1538d5ae4de1fef1672608713fd49e
GET /aff_i?offer_id=21986&aff_id=2305&file_id=126207 HTTP/1.1
Host: trust.roiandco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rdl.altervista.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 08:14:35 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
tracking_id: 102835f88d8ec5f2d98f98e42f384e
access-control-allow-origin: *
x-request-id: 7deeb234342fd96b4a670c9f913643b5
access-control-allow-headers: Tune-SDK-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqlAnTnCWcymnR3n9t9h5Clt2Crb0dvnk5mHWA1NC3pNKs%2B2C7LZSiBcyYCwDGrmjo%2F35Zo5c80%2FZS%2FkXlvcD8pfwYb3KSxHpGIJdomgjc8dsAmf%2BpsPCE3Wuzqi83mylz85CF4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7465c07ebfdab521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.alfaromeo.it/etc.clientlibs/moc/clientlibs/crossclientlibs/resources/fonts/sequel100black-45-webfont.woff
104.110.22.116404 Not Found 0 B URL HTTP/2 www.alfaromeo.it/etc.clientlibs/moc/clientlibs/crossclientlibs/resources/fonts/sequel100black-45-webfont.woff
IP 104.110.22.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /etc.clientlibs/moc/clientlibs/crossclientlibs/resources/fonts/sequel100black-45-webfont.woff HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.alfaromeo.it/etc.clientlibs/moc/clientlibs/alfaromeoclientlibs.min.2be74da0942cdf76d7f67197f0c04d86.css
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: application/font-woff
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
content-length: 0
date: Tue, 06 Sep 2022 08:14:39 GMT
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__it.js
142.250.74.163200 OK 159 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__it.js
IP 142.250.74.163:0
File type HTML document, ASCII text, with very long lines (634)
Size 159 kB (159067 bytes)
Hash f33d78c489a0cd74f33f574509830677
3b5d833029263ccce20519669c76491e2a2eb948
29d270ae68fe5a7d4f4f7bf7a9a828ea44f163a3a771c216ed20e6cbf4560687
GET /recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__it.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.alfaromeo.it
Connection: keep-alive
Referer: https://www.alfaromeo.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 159067
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 23:22:23 GMT
expires: Sat, 02 Sep 2023 23:22:23 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
content-type: text/javascript
age: 291136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 08:14:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.alfaromeo.it/content/dam/moc/common/zerosorprese/loader/alfaromeo/alfa-romeo-car.png
104.110.22.116200 OK 5.8 kB URL HTTP/2 www.alfaromeo.it/content/dam/moc/common/zerosorprese/loader/alfaromeo/alfa-romeo-car.png
IP 104.110.22.116:0
File type PNG image data, 175 x 58, 8-bit/color RGBA, non-interlaced\012- data
Hash 86186a63132be30085dbddbf96d18210
d378bb824c9195e185a837e79157b8b137e6b639
5b1f4baf0d6d0a5df7de58b917c9d74ed9cce788591ba06b81f8ea1b0ab1b32a
GET /content/dam/moc/common/zerosorprese/loader/alfaromeo/alfa-romeo-car.png HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment
content-type: image/png
etag: "16c0-580847e62dd00"
last-modified: Mon, 28 Jan 2019 13:17:08 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 06 Sep 2022 08:14:39 GMT
content-length: 5847
X-Firefox-Spdy: h2
www.alfaromeo.it/content/dam/moc/common/zerosorprese/icons/lp/alfaromeo/Reading_s.png
104.110.22.116200 OK 3.5 kB URL HTTP/2 www.alfaromeo.it/content/dam/moc/common/zerosorprese/icons/lp/alfaromeo/Reading_s.png
IP 104.110.22.116:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash a90d27d2cdb75f3cc3f997b5e5b74409
c45648ace699495b5ea90e1ed8521371a041fbc8
b85e6956e55dd69dbaab46cd995ff3e48fc1788d68641175c8b795ce78967c6c
GET /content/dam/moc/common/zerosorprese/icons/lp/alfaromeo/Reading_s.png HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment
content-type: image/png
etag: "da6-57fa964915540"
last-modified: Thu, 17 Jan 2019 15:53:17 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 06 Sep 2022 08:14:40 GMT
content-length: 3517
X-Firefox-Spdy: h2
www.alfaromeo.it/content/dam/moc/common/zerosorprese/icons/lp/alfaromeo/Handshake_s.png
104.110.22.116200 OK 4.0 kB URL HTTP/2 www.alfaromeo.it/content/dam/moc/common/zerosorprese/icons/lp/alfaromeo/Handshake_s.png
IP 104.110.22.116:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash c9a1efe4c978a47ce92c1b6199c871cb
0daf6ae3cae4d0c4e55f28639495e1b7a2318cbc
21f5e64c47f00f8adad193dd27d60354ea38b3d1f82ce07314f852f96230f5d4
GET /content/dam/moc/common/zerosorprese/icons/lp/alfaromeo/Handshake_s.png HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment
content-type: image/png
etag: "f89-57fa964915540"
last-modified: Thu, 17 Jan 2019 15:53:17 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 06 Sep 2022 08:14:40 GMT
content-length: 4000
X-Firefox-Spdy: h2
js.api.here.com/v3/3.1/mapsjs-mapevents.js
54.230.111.50200 OK 40 kB URL HTTP/2 js.api.here.com/v3/3.1/mapsjs-mapevents.js
IP 54.230.111.50:0
Hash 90e5f32d382fdcb8c29fa08e3cd2bb7b
942e5994e5cfa90a57a85842d1c76856d69ff2bb
afc7733612e80cc9a7d311461f932d3feaeb365f8ee0588df0e6b7ea92f28210
GET /v3/3.1/mapsjs-mapevents.js HTTP/1.1
Host: js.api.here.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 05 Sep 2022 18:34:10 GMT
last-modified: Wed, 31 Aug 2022 15:16:58 GMT
etag: W/"888512365a6412c604cbee480ac545fc"
cache-control: no-cache
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HPirLidn2yNVlbcrlNi1ARfNdzWKHtu2KMTT_yRv7x_MxnkmEDzG7Q==
age: 49229
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.110200 OK 123 kB URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.110:0
File type ASCII text, with very long lines (509)
Size 123 kB (123378 bytes)
Hash 881577a0853f48b871daddfd5c5a93cb
8584ba4075d67df195bc42ffb55a86c3bf58bf36
92dc722c4d9f93a44b31591ae1b10893be6fc05b7400e87a7c471973a41e0024
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Tue, 06 Sep 2022 08:14:39 GMT
date: Tue, 06 Sep 2022 08:14:39 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=3nYVFGGOy28; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=Nxrv0Cm2QBo; Domain=.youtube.com; Expires=Sun, 05-Mar-2023 08:14:39 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+279; expires=Thu, 05-Sep-2024 08:14:39 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
assets.adobedtm.com/abfd6fce1729/8badb9bcb363/28c327bdb150/RCddf8fc50f84a40bda404faafdbdc93fd-source.min.js
23.38.200.237200 OK 1.1 kB URL HTTP/2 assets.adobedtm.com/abfd6fce1729/8badb9bcb363/28c327bdb150/RCddf8fc50f84a40bda404faafdbdc93fd-source.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (4377)
Hash 91443b34220479fe04ee448a1d631750
6fb4afa5dac31c652ed097ad0e11206f3e594685
e261d59faa3153dc13f599bbcbfe15d84d3940a83e54bdb4b0e4697c8e76c0e6
GET /abfd6fce1729/8badb9bcb363/28c327bdb150/RCddf8fc50f84a40bda404faafdbdc93fd-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "2520f92673d76320b659b9104d53a823:1643796944.373227"
last-modified: Wed, 02 Feb 2022 10:15:44 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1081
cache-control: max-age=3600
expires: Tue, 06 Sep 2022 09:14:40 GMT
date: Tue, 06 Sep 2022 08:14:40 GMT
access-control-allow-origin: https://www.alfaromeo.it
timing-allow-origin: *
X-Firefox-Spdy: h2
js.api.here.com/v3/3.1/mapsjs-ui.css
54.230.111.50200 OK 3.9 kB URL HTTP/2 js.api.here.com/v3/3.1/mapsjs-ui.css
IP 54.230.111.50:0
Hash 6475e10d474a0e9556c8573b19694f8e
6d80fd802e682b3448a98b2a98cf3437d7199660
ad2564da6003be6f3ebf12fb3dbee321a953750b24478f6e3db2609694bf3e4b
GET /v3/3.1/mapsjs-ui.css HTTP/1.1
Host: js.api.here.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 31 Aug 2022 15:16:58 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 05 Sep 2022 15:22:41 GMT
cache-control: no-cache
etag: W/"af163f1140ee06b05bcc6ef2255420da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YTqGe5mX7RPth1Z8Bnnx_xFwhgMRh7yV37ILGl61puwTgEQJ_NahdQ==
age: 60718
X-Firefox-Spdy: h2
www.alfaromeo.it/content/dam/moc/style/alfaromeo/fonts/sequel100black-45-webfont.woff2
104.110.22.116200 OK 20 kB URL HTTP/2 www.alfaromeo.it/content/dam/moc/style/alfaromeo/fonts/sequel100black-45-webfont.woff2
IP 104.110.22.116:0
File type Web Open Font Format (Version 2), TrueType, length 20428, version 1.0\012- data
Hash 5f24441db72940d2d43014a6229b024d
28f26f66a07fdf199e049adb7f798987c43c5276
2d957db63cc195ea7ea45ea5b3c36aea53a870658d6af9a6fe3ff4b8393ae14e
GET /content/dam/moc/style/alfaromeo/fonts/sequel100black-45-webfont.woff2 HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.alfaromeo.it/content/dam/moc/style/alfaromeo/core-header-footer.css
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-disposition: attachment; filename="sequel100black-45-webfont.woff2"
content-type: application/octet-stream
etag: "4fcc-5e0ca2908a000-gzip"
last-modified: Mon, 06 Jun 2022 16:42:40 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
vary: Accept-Encoding
date: Tue, 06 Sep 2022 08:14:40 GMT
content-length: 20428
X-Firefox-Spdy: h2
assets.adobedtm.com/abfd6fce1729/8badb9bcb363/28c327bdb150/RC01acd180c33047bfa44c9b7c732041c7-source.min.js
23.38.200.237200 OK 339 B URL HTTP/2 assets.adobedtm.com/abfd6fce1729/8badb9bcb363/28c327bdb150/RC01acd180c33047bfa44c9b7c732041c7-source.min.js
IP 23.38.200.237:0
File type exported SGML document, ASCII text, with very long lines (419)
Hash f02fe762884c09fa26172ff9a5c5986c
7bb6f47d36bfae3f8d95b35c66ee4a6cd7d57edc
5219985d48fd83adb4dc4d696907884d10bea311a1c1d72c2c3b9cbdafd1fc2c
GET /abfd6fce1729/8badb9bcb363/28c327bdb150/RC01acd180c33047bfa44c9b7c732041c7-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "2520f92673d76320b659b9104d53a823:1643796944.373227"
last-modified: Wed, 02 Feb 2022 10:15:44 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 339
cache-control: max-age=3600
expires: Tue, 06 Sep 2022 09:14:40 GMT
date: Tue, 06 Sep 2022 08:14:40 GMT
access-control-allow-origin: https://www.alfaromeo.it
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/abfd6fce1729/f06947a6cc7e/launch-a6d76139feaf.min.js
23.38.200.237200 OK 12 kB URL HTTP/2 assets.adobedtm.com/abfd6fce1729/f06947a6cc7e/launch-a6d76139feaf.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32760)
Hash 4dbec3833ab5f440de28a3df612462b6
7077821f5c46c175c73d7c5d373cebf800b422c9
86816e2f9102ce35f2c074b9817f93cbe2e58902ffae29c14f90c5f3175c60d3
GET /abfd6fce1729/f06947a6cc7e/launch-a6d76139feaf.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cookielaw.emea.fcagroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7484ac749ebece047c75136e5c5d456b:1620816270.911551"
last-modified: Wed, 12 May 2021 10:44:30 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 11900
cache-control: max-age=3600
expires: Tue, 06 Sep 2022 09:14:40 GMT
date: Tue, 06 Sep 2022 08:14:40 GMT
access-control-allow-origin: https://cookielaw.emea.fcagroup.com
timing-allow-origin: *
X-Firefox-Spdy: h2
www.alfaromeo.it/mopar
104.110.22.116200 OK 70 kB IP 104.110.22.116:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3285), with CRLF, LF line terminators
Hash 14e2d31d5e66d756a83aabc7b421ba16
baee6f1a60e6351a72486e28589277260cfe46d9
a4a507018b29098bf6495b49e3278b38d0d75ac97814271ac7bd82f9cbde4022
GET /mopar HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
Connection: keep-alive
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; s_dmk=DIRECT EMAILING|MC27156342_MOPAR_PERFORMANCE_2022-1-01_2022-12-31_RANGE_IT_9999_NONE||
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=utf-8
etag: W/"7c398-5e7fc1727eb1b-gzip"
last-modified: Tue, 06 Sep 2022 06:13:09 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
content-length: 70026
cache-control: no-cache
date: Tue, 06 Sep 2022 08:14:40 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
href.li/?http://kroffers.it/campaign/Lexus%20CPM%20G3%20Iva%20Settembre%202022_UX_IVARD/Lexus_CPM_G3_Iva_Settembre_2022__Krumbo_Marketing_LTD-Krumbo_Marketing.html
192.0.78.27200 OK 1.2 kB URL HTTP/2 href.li/?http://kroffers.it/campaign/Lexus%20CPM%20G3%20Iva%20Settembre%202022_UX_IVARD/Lexus_CPM_G3_Iva_Settembre_2022__Krumbo_Marketing_LTD-Krumbo_Marketing.html
IP 192.0.78.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (369)
Hash aecc6b19bd390cca6913e47ac93d61ca
2aa8f02196f66deed0a5743b01d81baeb13f3c70
a3316fe7c6f705ad85d04f4236d468c50754786a791af0bd289b8b577fa68611
GET /?http://kroffers.it/campaign/Lexus%20CPM%20G3%20Iva%20Settembre%202022_UX_IVARD/Lexus_CPM_G3_Iva_Settembre_2022__Krumbo_Marketing_LTD-Krumbo_Marketing.html HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:34 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca
X-Firefox-Spdy: h2
www.alfaromeo.it/etc.clientlibs/moc/clientlibs/crossclientlibs/resources/templates/modal/promotion-category-modal.html
104.110.22.116200 OK 382 B URL HTTP/2 www.alfaromeo.it/etc.clientlibs/moc/clientlibs/crossclientlibs/resources/templates/modal/promotion-category-modal.html
IP 104.110.22.116:0
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d1b86e8c6ff131818b8376bab4ef2604
ebe98bfa218bc66d2c09b5c07788edc2d660b391
ed1d6defd1b1ee6291f909a4d5b0b526ae3ab8fc882cd4eafc30fcb2663cb78b
GET /etc.clientlibs/moc/clientlibs/crossclientlibs/resources/templates/modal/promotion-category-modal.html HTTP/1.1
Host: www.alfaromeo.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/mopar/zerosorprese-tagliandissimo?vvk_uuid=vvk7e31206dd5e7906364f7&source=DIRECT_EMAILING&model=RANGE&campaignid=MC27156342_MOPAR_Performance_2022-1-01_2022-12-31_RANGE_IT_9999_NONE&advertiserid=LionAdnet2IT&bannerid=1x1_328923418&publisher=LionAdnet2IT&dclid=CJfIqszc__kCFSFEwgodVpQOHQ&nclid=WT7IP-bikeMxOb-Lyp59OvnJ_ztWJp3cclx8Z0ygoia8aVRSklRBORiYmOELj3Id
Cookie: AWSELB=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; AWSELBCORS=73C3370F181EFDC90795F65BCA66D1E68F5C030E01C4E7A4F0A202266105C1FA34A7D7286A551BA7C9FA8BFEF1DAA5F4257906BB495BBDEA61A23E28BB4C0C874A5EBB92E5; s_dmk=DIRECT EMAILING|MC27156342_MOPAR_PERFORMANCE_2022-1-01_2022-12-31_RANGE_IT_9999_NONE||
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/html; charset=UTF-8
etag: "431-58e93946c1040-gzip"
last-modified: Fri, 26 Jul 2019 11:09:45 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2eucentral1
x-frame-options: SAMEORIGIN
x-vhost: publish-owners.mopar.eu
content-length: 382
cache-control: public, max-age=86390
date: Tue, 06 Sep 2022 08:14:40 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
js.api.here.com/v3/3.1/mapsjs-service.js
54.230.111.50200 OK 0 B URL HTTP/2 js.api.here.com/v3/3.1/mapsjs-service.js
IP 54.230.111.50:0
GET /v3/3.1/mapsjs-service.js HTTP/1.1
Host: js.api.here.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 05 Sep 2022 18:34:10 GMT
last-modified: Wed, 31 Aug 2022 15:16:58 GMT
etag: W/"4de5afcff9766123803f120b68332b86"
cache-control: no-cache
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5sWo9mW7b1AHY2JOIPW1ZWwYbvWGsETmQX2w6UoczooAhu7XTyfGXQ==
age: 49229
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=57649662;1x1inv=1;srctype=3;ord=[timestamp]
37.157.2.234200 OK 0 B URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=57649662;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.2.234:0
GET /adfserve/?CC=1&bn=57649662;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kroffers.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:35 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?bn=57638775;1x1inv=1;srctype=3;ord=[timestamp]
37.157.2.234302 Found 0 B URL HTTP/2 track.adform.net/adfserve/?bn=57638775;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.2.234:0
GET /adfserve/?bn=57638775;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Sep 2022 08:14:35 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=57638775;1x1inv=1;srctype=3;ord=[timestamp]
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Thu, 06-Oct-2022 08:14:35 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=57716071;1x1inv=1;srctype=3;ord=[timestamp]
37.157.2.234200 OK 0 B URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=57716071;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.2.234:0
GET /adfserve/?CC=1&bn=57716071;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kroffers.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 08:14:35 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
cntr.click/hL1dcap
217.160.0.221302 Found 0 B IP 217.160.0.221:0
Analyzer Verdict Alert quad9 Sinkholed
GET /hL1dcap HTTP/1.1
Host: cntr.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: https://www.linkclickcounter.com/url_redirect.php?c=hL1dcap
date: Tue, 06 Sep 2022 08:14:36 GMT
server: Apache
X-Firefox-Spdy: h2
track.adform.net/adfserve/?bn=57694365;1x1inv=1;srctype=3;ord=[timestamp]
37.157.2.234302 Found 0 B URL HTTP/2 track.adform.net/adfserve/?bn=57694365;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.2.234:0
GET /adfserve/?bn=57694365;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Sep 2022 08:14:35 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=57694365;1x1inv=1;srctype=3;ord=[timestamp]
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Thu, 06-Oct-2022 08:14:35 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?bn=57610977;1x1inv=1;srctype=3;ord=[timestamp]
37.157.2.234302 Found 0 B URL HTTP/2 track.adform.net/adfserve/?bn=57610977;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.2.234:0
GET /adfserve/?bn=57610977;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kroffers.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Sep 2022 08:14:35 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=57610977;1x1inv=1;srctype=3;ord=[timestamp]
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Thu, 06-Oct-2022 08:14:35 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.alfaromeo.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 08:14:38 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-03-10 20:26:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 121d365db7a9aba3915641185d93b963
cdn-cache: HIT
cf-cache-status: HIT
age: 11762885
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7465c0939919b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2