perfomail.it/cmpgi.php
65.109.89.174301 Moved Permanently 162 B IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /cmpgi.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 08 Feb 2023 19:56:17 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://perfomail.it/cmpgi.php
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6443
Expires: Wed, 08 Feb 2023 21:43:41 GMT
Date: Wed, 08 Feb 2023 19:56:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8433
Expires: Wed, 08 Feb 2023 22:16:51 GMT
Date: Wed, 08 Feb 2023 19:56:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 19:34:13 GMT
content-type: application/json
age: 1325
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3024
Expires: Wed, 08 Feb 2023 20:46:42 GMT
Date: Wed, 08 Feb 2023 19:56:18 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yaeuARnrA+kSyBijEVttA+4SLprfV/Ajt3Tu3xRb/yWnaQNyZtLLuXclbuSkmu5vsR0b+oBLe5s=
x-amz-request-id: 5JGNXDB5KEDR73QZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 19:46:05 GMT
age: 613
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 837757269e2ff5bbab56d0cc35d6ccec
ef6bf290233b4da3f70fcec8278eb3578515e365
9a4c4fa65d0e34f1e4620139d8060c643db017a78367196cbe391672c200d53d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A4C4FA65D0E34F1E4620139D8060C643DB017A78367196CBE391672C200D53D"
Last-Modified: Wed, 08 Feb 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 09 Feb 2023 01:56:18 GMT
Date: Wed, 08 Feb 2023 19:56:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 19:14:52 GMT
age: 2486
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8922
Expires: Wed, 08 Feb 2023 22:25:00 GMT
Date: Wed, 08 Feb 2023 19:56:18 GMT
Connection: keep-alive
perfomail.it/css/bootstrap-multiselect.css
65.109.89.174200 OK 834 B URL HTTP/2 perfomail.it/css/bootstrap-multiselect.css
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash e2337109fd0146146505f0be0bd45fb3
df2ff5104f3f50bda590b3f19e08ef1294eeef25
ffec79ca098b2c374ccd8d7e9644225425ea48c56ce4c2965cf31aecacf38a15
GET /css/bootstrap-multiselect.css HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: text/css
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-47c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
perfomail.it/css/bootstrap.min.css
65.109.89.174200 OK 20 kB URL HTTP/2 perfomail.it/css/bootstrap.min.css
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash b9cf2cd6b3ac183798e8b21017d4ff24
8a78affc5b132ce70c2294304b652128272b5065
9ae45e2b311b739f632bb26a1259bc2aefab7dcff50cbb236fc7bd160b6ad03f
GET /css/bootstrap.min.css HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: text/css
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-1bb5a"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
perfomail.it/css/bootstrap-theme.min.css
65.109.89.174200 OK 44 kB URL HTTP/2 perfomail.it/css/bootstrap-theme.min.css
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash 9a2b75be3d78f1bd1f71d6053483c5f1
a7b8861fadabf80ab8d5d18afc024fd1da490314
dc64cd8a1a365e680d68337c9ad203ff61892dbe3d303c39747cb4c1e113f886
GET /css/bootstrap-theme.min.css HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: text/css
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-1e156"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
perfomail.it/plugins/linkifyjs/linkify-jquery.min.js
65.109.89.174200 OK 1.8 kB URL HTTP/2 perfomail.it/plugins/linkifyjs/linkify-jquery.min.js
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash 3efa92cae1c0fe69104b75b80047a7fb
cb9c07ffc7f3dff2be0bd9a9d66bad240868f30c
b68337fd3142db90e84ff3c29e2806fa7a247356102b170b0e6310f661ba518e
GET /plugins/linkifyjs/linkify-jquery.min.js HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-b42"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.216.49.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.49.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: onwbxHST9TFyFyHCG2Gzvw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: l50jOHtFkQt6AF/s+TTainTVEmw=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6e8f4af1ab2d781b89a0d900fedcee2f
fb75556d7a3df88658af8baac5d82dd6e355854c
1e908e1c5caaea9e8ee76cf1bb7e95e1d25873e884373b334f2107874a357b50
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E908E1C5CAAEA9E8EE76CF1BB7E95E1D25873E884373B334F2107874A357B50"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9697
Expires: Wed, 08 Feb 2023 22:37:56 GMT
Date: Wed, 08 Feb 2023 19:56:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6e8f4af1ab2d781b89a0d900fedcee2f
fb75556d7a3df88658af8baac5d82dd6e355854c
1e908e1c5caaea9e8ee76cf1bb7e95e1d25873e884373b334f2107874a357b50
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E908E1C5CAAEA9E8EE76CF1BB7E95E1D25873E884373B334F2107874A357B50"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9697
Expires: Wed, 08 Feb 2023 22:37:56 GMT
Date: Wed, 08 Feb 2023 19:56:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6e8f4af1ab2d781b89a0d900fedcee2f
fb75556d7a3df88658af8baac5d82dd6e355854c
1e908e1c5caaea9e8ee76cf1bb7e95e1d25873e884373b334f2107874a357b50
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E908E1C5CAAEA9E8EE76CF1BB7E95E1D25873E884373B334F2107874A357B50"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9697
Expires: Wed, 08 Feb 2023 22:37:56 GMT
Date: Wed, 08 Feb 2023 19:56:19 GMT
Connection: keep-alive
perfomail.it/fonts/MuseoSans_700.woff
65.109.89.174200 OK 28 kB URL HTTP/2 perfomail.it/fonts/MuseoSans_700.woff
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, CFF, length 27548, version 1.1\012- data
Hash 16fd278ded0a4d419df03d07b7f5473d
2230567759046ef3fbe3de162139138d439f4886
8ca711bcc918b73de887d668d8b6a6045a22c478bdad43027b02dbbb5228da18
GET /fonts/MuseoSans_700.woff HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/css/main.css
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: application/font-woff
content-length: 27548
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
etag: "63a2f927-6b9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6e8f4af1ab2d781b89a0d900fedcee2f
fb75556d7a3df88658af8baac5d82dd6e355854c
1e908e1c5caaea9e8ee76cf1bb7e95e1d25873e884373b334f2107874a357b50
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E908E1C5CAAEA9E8EE76CF1BB7E95E1D25873E884373B334F2107874A357B50"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9697
Expires: Wed, 08 Feb 2023 22:37:56 GMT
Date: Wed, 08 Feb 2023 19:56:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6e8f4af1ab2d781b89a0d900fedcee2f
fb75556d7a3df88658af8baac5d82dd6e355854c
1e908e1c5caaea9e8ee76cf1bb7e95e1d25873e884373b334f2107874a357b50
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E908E1C5CAAEA9E8EE76CF1BB7E95E1D25873E884373B334F2107874A357B50"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9697
Expires: Wed, 08 Feb 2023 22:37:56 GMT
Date: Wed, 08 Feb 2023 19:56:19 GMT
Connection: keep-alive
perfomail.it/fonts/MuseoSans_300.woff
65.109.89.174200 OK 27 kB URL HTTP/2 perfomail.it/fonts/MuseoSans_300.woff
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, CFF, length 27004, version 1.1\012- data
Hash 6f6235ac93b26dfaaa894c33f519326e
904ea4b0f8eba4c66ffdc67cec77147af1619868
d405022076f5202dd097f0f64e4b725107f5af1b2c097a8ea8e4f8bdd60be786
GET /fonts/MuseoSans_300.woff HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/css/main.css
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: application/font-woff
content-length: 27004
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
etag: "63a2f927-697c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
href.li/?https://perfomail.it//web/hlGks.php
192.0.78.26200 OK 25 kB URL HTTP/2 href.li/?https://perfomail.it//web/hlGks.php
IP 192.0.78.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 53f20eb805a21bb81303d2f348edef9f
9b89f7b3e9b78d18f9cd69f525a8a3979ef79a9e
812c52ed01f00f1deac7050ce7207abd02569a21b5ba6d7b64816b597e70580d
GET /?https://perfomail.it//web/hlGks.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/B5UKyugTYCM
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/B5UKyugTYCM
IP 142.250.74.163:0
Hash 157eefd40d9e3af5fc89b0cc2e2a05fd
430f2a9bbc40ea5aa0fcac723bc6126022605913
57de770235e9d5711053d5e5d9a4026f402d011b442f9d9124d82488b828ab6f
POST /s/gts1d4/B5UKyugTYCM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_CTA1.png
178.62.120.218200 OK 4.2 kB URL HTTP/1.1 performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_CTA1.png
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 446 x 66, 8-bit/color RGBA, non-interlaced\012- data
Hash 9b6dfad668d4ceaa07bc25c4d4a817bd
640bd8263c95703ec7cc6d580ccdecf27c5f362b
1b41c82b8b9f2601fa194f9b5d10bff6830f2f7f699e46f20a6a6906c35fecb2
GET /upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_CTA1.png HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:19 GMT
Content-Type: image/png
Content-Length: 4152
Last-Modified: Tue, 31 Jan 2023 16:38:53 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63d9441d-1038"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
performagency.it/upload/dem/ZurichV2/ZurichV2Febbraio_Crea_Auto/cta.jpg
178.62.120.218200 OK 7.3 kB URL HTTP/1.1 performagency.it/upload/dem/ZurichV2/ZurichV2Febbraio_Crea_Auto/cta.jpg
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x70, components 3\012- data
Hash 5499c39a5690932dc5e0cf8f7efd463b
239bf07f15d995422c63b72c77b1308ab751ccf9
90e263709f8e4a05be7077056e7b58c6edf0185f3e36a92ed7bda5fa24751cb6
GET /upload/dem/ZurichV2/ZurichV2Febbraio_Crea_Auto/cta.jpg HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:19 GMT
Content-Type: image/jpeg
Content-Length: 7284
Last-Modified: Tue, 07 Feb 2023 15:08:32 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63e26970-1c74"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
perfomail.it//web/3KVp9.php
65.109.89.174200 OK 37 kB URL HTTP/2 perfomail.it//web/3KVp9.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash fadc431ff0a3ec9f29fbf0329fc8b0f1
bdae68961758c2bc18c504b95a1ba9d5a16dd910
646d2a0a42a0ee4454946f9c8ee6a13b0358171d48ef7c69508ca182d5d4a9db
GET //web/3KVp9.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b5491b1c36845e52e6b2b1a86c266d60
9f7fb98dce608b7f50f6d529a550d2919d551a9d
e974f67585837852377b40e4339c2f23d26de6d2024931e94301a84e24b32861
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=107542
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:19 GMT
Etag: "63e2ff79-117"
Expires: Fri, 10 Feb 2023 01:48:41 GMT
Last-Modified: Wed, 08 Feb 2023 01:48:41 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b5491b1c36845e52e6b2b1a86c266d60
9f7fb98dce608b7f50f6d529a550d2919d551a9d
e974f67585837852377b40e4339c2f23d26de6d2024931e94301a84e24b32861
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=107542
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:19 GMT
Etag: "63e2ff79-117"
Expires: Fri, 10 Feb 2023 01:48:41 GMT
Last-Modified: Wed, 08 Feb 2023 01:48:41 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b5491b1c36845e52e6b2b1a86c266d60
9f7fb98dce608b7f50f6d529a550d2919d551a9d
e974f67585837852377b40e4339c2f23d26de6d2024931e94301a84e24b32861
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=107542
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:19 GMT
Etag: "63e2ff79-117"
Expires: Fri, 10 Feb 2023 01:48:41 GMT
Last-Modified: Wed, 08 Feb 2023 01:48:41 GMT
Server: nginx
Content-Length: 279
performagency.it/upload/dem/AgosV4/AgosV4Febbraio_Crea_PA/logo_header.png
178.62.120.218200 OK 4.7 kB URL HTTP/1.1 performagency.it/upload/dem/AgosV4/AgosV4Febbraio_Crea_PA/logo_header.png
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 282 x 104, 8-bit/color RGBA, non-interlaced\012- data
Hash e943a79605b0c15b0b75513e5f8930a9
536ee091cbdb77172c8e898c855d5fad4438c545
4e288573e858543631ad68395acdc89535a05bf4d3c19ed84a3c7d03a350d411
GET /upload/dem/AgosV4/AgosV4Febbraio_Crea_PA/logo_header.png HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:19 GMT
Content-Type: image/png
Content-Length: 4709
Last-Modified: Tue, 07 Feb 2023 15:50:27 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63e27343-1265"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
perfomail.it/js/select2.full.min.js
65.109.89.174200 OK 26 kB URL HTTP/2 perfomail.it/js/select2.full.min.js
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash cee4329d8bf5fcdeef4fbaba081dc29c
6243bee87c76bf7551adb1559dfa34319d0ae92e
a124ecb8374bc66b772ba38a4bba42a0d39c2777a70ac48a42c44bd50f7521ca
GET /js/select2.full.min.js HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-124fd"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
href.li/?https://perfomail.it//web/GtzP9.php
192.0.78.26200 OK 14 kB URL HTTP/2 href.li/?https://perfomail.it//web/GtzP9.php
IP 192.0.78.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ceba5dfe148efb62a15b955a26e44871
9f22e39217a53d0b7859bee5bb96bd9d480d45ee
92dd1b34c4d5f38686f2563719dbcd15c0336b413d023ae558e4e1b2417c7321
GET /?https://perfomail.it//web/GtzP9.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
href.li/?https://perfomail.it//web/IoD2U.php
192.0.78.26200 OK 22 kB URL HTTP/2 href.li/?https://perfomail.it//web/IoD2U.php
IP 192.0.78.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 931c16e80f11a3b34609fb4869a4cc0d
7fd01d1f665f43a89f1c21466e18efd6d1b781ff
3c4be98c2f3a7ba1c55c087da3f40ea4ebd67c48dc08e65a700594aeed45d1dc
GET /?https://perfomail.it//web/IoD2U.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
mcusercontent.com/9deee72d471e043b22e2db019/images/1b4d3e0b-96da-079a-0dd5-2810db8e6172.jpg
34.96.122.219200 OK 182 kB URL HTTP/2 mcusercontent.com/9deee72d471e043b22e2db019/images/1b4d3e0b-96da-079a-0dd5-2810db8e6172.jpg
IP 34.96.122.219:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1200x628, components 3\012- data
Size 182 kB (181732 bytes)
Hash d4ea31665e4db9d41fc573a0b31e2a2d
c42c16dc270c509c2d4727515eeef3b218ad821b
c52f17923377841516c6256a210e486a44be5ad86b5fd5bdb57bcd7413f1c3c7
GET /9deee72d471e043b22e2db019/images/1b4d3e0b-96da-079a-0dd5-2810db8e6172.jpg HTTP/1.1
Host: mcusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycduDGLYgs74Vk_4shbe8CIbNoAen9ErOXjSFf0XAy_6Jxd8rlFdTOE_KpK5asI3Q0kbb5FgvcVuTc-JuuEXm4qQ34tEoGQ79
expires: Wed, 08 Feb 2023 20:56:19 GMT
date: Wed, 08 Feb 2023 19:56:19 GMT
cache-control: public, max-age=3600
last-modified: Tue, 27 Dec 2022 09:30:13 GMT
etag: "d4ea31665e4db9d41fc573a0b31e2a2d"
x-goog-generation: 1672133413816978
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 181732
content-type: image/jpeg
x-goog-hash: crc32c=mewS2A==, md5=1OoxZl5NudQfxXOgsx4qLQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 181732
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
perfomail.it//web/oUTZ5.php
65.109.89.174200 OK 87 kB URL HTTP/2 perfomail.it//web/oUTZ5.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash 015d4e01667985a1d6579f979999623d
954ae8cef8cb0f4a9a49be0a598b591dfcdb4a14
d553bfac33e7f9239d524fb9af1b2fb2870da9e844cc28fc294a4d934699ec26
GET //web/oUTZ5.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
tracking.perfoagy.com/aff_i?offer_id=1286&aff_id=1001&url_id=6164&file_id=4075
52.210.2.133200 OK 57 B URL HTTP/1.1 tracking.perfoagy.com/aff_i?offer_id=1286&aff_id=1001&url_id=6164&file_id=4075
IP 52.210.2.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 993f651940189abf8792da0d5dbcef54
e73180601abfcaf9bfd8c026503fee5914a777d3
9e3e5c7f1c6ac6733bc013e89d4367cdc7bf6cd329d6e6566be52535e199b4d8
GET /aff_i?offer_id=1286&aff_id=1001&url_id=6164&file_id=4075 HTTP/1.1
Host: tracking.perfoagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:19 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_1286=6164; expires=Thu, 09 Feb 2023 19:56:19 GMT; path=/; SameSite=None; Secure
Tracking_id: 102df531787be9d12b00a1fbb104b5
Access-Control-Allow-Origin: *
X-Request-Id: 3896bdcf126e8b8ee2b893c7ca5f5b1b
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
href.li/?https://perfomail.it//web/J0Hh7.php
192.0.78.26200 OK 7.5 kB URL HTTP/2 href.li/?https://perfomail.it//web/J0Hh7.php
IP 192.0.78.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cbc2e6fce35099070cb42b15d0863ca2
8b992bee9ef5c96c7c05b3ae075dd906e1053069
f2176319c2dc54d932807dfa1422e93ddd126611148ca90837152ce17c2c9d56
GET /?https://perfomail.it//web/J0Hh7.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
tracking.perfoagy.com/aff_i?offer_id=1369&aff_id=1001&url_id=6689&file_id=4483
52.210.2.133200 OK 57 B URL HTTP/1.1 tracking.perfoagy.com/aff_i?offer_id=1369&aff_id=1001&url_id=6689&file_id=4483
IP 52.210.2.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 993f651940189abf8792da0d5dbcef54
e73180601abfcaf9bfd8c026503fee5914a777d3
9e3e5c7f1c6ac6733bc013e89d4367cdc7bf6cd329d6e6566be52535e199b4d8
GET /aff_i?offer_id=1369&aff_id=1001&url_id=6689&file_id=4483 HTTP/1.1
Host: tracking.perfoagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:19 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_1369=6689; expires=Thu, 09 Feb 2023 19:56:19 GMT; path=/; SameSite=None; Secure
Tracking_id: 102af082601aee9a2e2d2f6a308a69
Access-Control-Allow-Origin: *
X-Request-Id: c726ff54daba7afca363347e34d44a2b
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
tracking.perfoagy.com/aff_i?offer_id=1120&aff_id=1001&url_id=6561&file_id=4383
52.210.2.133200 OK 57 B URL HTTP/1.1 tracking.perfoagy.com/aff_i?offer_id=1120&aff_id=1001&url_id=6561&file_id=4383
IP 52.210.2.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 993f651940189abf8792da0d5dbcef54
e73180601abfcaf9bfd8c026503fee5914a777d3
9e3e5c7f1c6ac6733bc013e89d4367cdc7bf6cd329d6e6566be52535e199b4d8
GET /aff_i?offer_id=1120&aff_id=1001&url_id=6561&file_id=4383 HTTP/1.1
Host: tracking.perfoagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:19 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_1120=6561; expires=Thu, 09 Feb 2023 19:56:19 GMT; path=/; SameSite=None; Secure
Tracking_id: 102739f03dd7192e380c66545694a4
Access-Control-Allow-Origin: *
X-Request-Id: 647da311ed4ae9a7b8490232aece4ee2
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
tracking.perfoagy.com/aff_i?offer_id=1221&aff_id=1001&url_id=6666&file_id=4467
52.210.2.133200 OK 57 B URL HTTP/1.1 tracking.perfoagy.com/aff_i?offer_id=1221&aff_id=1001&url_id=6666&file_id=4467
IP 52.210.2.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 993f651940189abf8792da0d5dbcef54
e73180601abfcaf9bfd8c026503fee5914a777d3
9e3e5c7f1c6ac6733bc013e89d4367cdc7bf6cd329d6e6566be52535e199b4d8
GET /aff_i?offer_id=1221&aff_id=1001&url_id=6666&file_id=4467 HTTP/1.1
Host: tracking.perfoagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:19 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_1221=6666; expires=Thu, 09 Feb 2023 19:56:19 GMT; path=/; SameSite=None; Secure
Tracking_id: 1027076389963da2e482d79e038d1f
Access-Control-Allow-Origin: *
X-Request-Id: e1e6e64de1aa467ec23aaa395d3e4c15
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
tracking.perfoagy.com/aff_i?offer_id=968&aff_id=1001&url_id=6688&file_id=4482
52.210.2.133200 OK 57 B URL HTTP/1.1 tracking.perfoagy.com/aff_i?offer_id=968&aff_id=1001&url_id=6688&file_id=4482
IP 52.210.2.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 993f651940189abf8792da0d5dbcef54
e73180601abfcaf9bfd8c026503fee5914a777d3
9e3e5c7f1c6ac6733bc013e89d4367cdc7bf6cd329d6e6566be52535e199b4d8
GET /aff_i?offer_id=968&aff_id=1001&url_id=6688&file_id=4482 HTTP/1.1
Host: tracking.perfoagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:19 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_968=6688; expires=Thu, 09 Feb 2023 19:56:19 GMT; path=/; SameSite=None; Secure
Tracking_id: 10295c4d9ea5c3f281da92691bdaa0
Access-Control-Allow-Origin: *
X-Request-Id: 3fd3f47060923c19b688ad1903ab49f4
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
tracking.perfoagy.com/aff_i?offer_id=1192&aff_id=1001&url_id=6697&file_id=4493
52.210.2.133200 OK 57 B URL HTTP/1.1 tracking.perfoagy.com/aff_i?offer_id=1192&aff_id=1001&url_id=6697&file_id=4493
IP 52.210.2.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 993f651940189abf8792da0d5dbcef54
e73180601abfcaf9bfd8c026503fee5914a777d3
9e3e5c7f1c6ac6733bc013e89d4367cdc7bf6cd329d6e6566be52535e199b4d8
GET /aff_i?offer_id=1192&aff_id=1001&url_id=6697&file_id=4493 HTTP/1.1
Host: tracking.perfoagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_1192=6697; expires=Thu, 09 Feb 2023 19:56:20 GMT; path=/; SameSite=None; Secure
Tracking_id: 102bb960ca49e9073d3de8fccf30b4
Access-Control-Allow-Origin: *
X-Request-Id: f1eb976556cb1b99dbea84e68cb2d74a
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b5491b1c36845e52e6b2b1a86c266d60
9f7fb98dce608b7f50f6d529a550d2919d551a9d
e974f67585837852377b40e4339c2f23d26de6d2024931e94301a84e24b32861
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=107542
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:20 GMT
Etag: "63e2ff79-117"
Expires: Fri, 10 Feb 2023 01:48:42 GMT
Last-Modified: Wed, 08 Feb 2023 01:48:41 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
tracking.perfoagy.com/aff_i?offer_id=1221&aff_id=1001&url_id=6665&file_id=4466
52.210.2.133200 OK 57 B URL HTTP/1.1 tracking.perfoagy.com/aff_i?offer_id=1221&aff_id=1001&url_id=6665&file_id=4466
IP 52.210.2.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 993f651940189abf8792da0d5dbcef54
e73180601abfcaf9bfd8c026503fee5914a777d3
9e3e5c7f1c6ac6733bc013e89d4367cdc7bf6cd329d6e6566be52535e199b4d8
GET /aff_i?offer_id=1221&aff_id=1001&url_id=6665&file_id=4466 HTTP/1.1
Host: tracking.perfoagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_1221=6665; expires=Thu, 09 Feb 2023 19:56:20 GMT; path=/; SameSite=None; Secure
Tracking_id: 1027076389963da2e482d79e038d1f
Access-Control-Allow-Origin: *
X-Request-Id: 00e86be55f6aa290ade3610dbbc2cbad
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 78f432fe921e092017350936e331ebef
1f7c4959ba3b162644109c32d81d8a008cb670b9
122a7eb164295eee83722d8f88f12e9499a45afcdbdcfa27ac905804ccb276d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1353
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:20 GMT
Etag: "63e31d0f-117"
Last-Modified: Wed, 08 Feb 2023 19:33:47 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
tracking.perfoagy.com/aff_i?offer_id=405&aff_id=1001&url_id=6661&file_id=4463
52.210.2.133200 OK 57 B URL HTTP/1.1 tracking.perfoagy.com/aff_i?offer_id=405&aff_id=1001&url_id=6661&file_id=4463
IP 52.210.2.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 993f651940189abf8792da0d5dbcef54
e73180601abfcaf9bfd8c026503fee5914a777d3
9e3e5c7f1c6ac6733bc013e89d4367cdc7bf6cd329d6e6566be52535e199b4d8
GET /aff_i?offer_id=405&aff_id=1001&url_id=6661&file_id=4463 HTTP/1.1
Host: tracking.perfoagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_405=6661; expires=Thu, 09 Feb 2023 19:56:20 GMT; path=/; SameSite=None; Secure
Tracking_id: 1029ea4f731c8f5a80a02f152fdf58
Access-Control-Allow-Origin: *
X-Request-Id: 9f45c05cffaca4b56d18caacef9c8b9e
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
direct.juiceadv.com/aff_i?offer_id=2493&file_id=10379&aff_id=3189
63.35.20.105200 OK 57 B URL HTTP/1.1 direct.juiceadv.com/aff_i?offer_id=2493&file_id=10379&aff_id=3189
IP 63.35.20.105:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 993f651940189abf8792da0d5dbcef54
e73180601abfcaf9bfd8c026503fee5914a777d3
9e3e5c7f1c6ac6733bc013e89d4367cdc7bf6cd329d6e6566be52535e199b4d8
GET /aff_i?offer_id=2493&file_id=10379&aff_id=3189 HTTP/1.1
Host: direct.juiceadv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Tracking_id: 102a477abe8e2a0893141bfd1bb9b5
Access-Control-Allow-Origin: *
X-Request-Id: bf370fa1008731f44d912bb50e9c729d
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
href.li/?https://perfomail.it//web/4x92U.php
192.0.78.26200 OK 276 B URL HTTP/2 href.li/?https://perfomail.it//web/4x92U.php
IP 192.0.78.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d83291507752f0b11a2fe33593b77491
acb4ec3eb31b63721628995fcd73e34c968878c4
adb4573ba4c296d7b5b8fdbee76e9275d97dcc26f02df80a4b126c49c7fe5fad
GET /?https://perfomail.it//web/4x92U.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
www.ketchupadv.it/news/2023-02/telepassoburosso20230201/images/telepass-100.png
104.21.39.114200 OK 3.4 kB URL HTTP/2 www.ketchupadv.it/news/2023-02/telepassoburosso20230201/images/telepass-100.png
IP 104.21.39.114:0
File type PNG image data, 200 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash a16441ad8d4f484de1adbe33d75891c0
4e85a255bac8ea27a45e7b791261c8d78d950f44
94687a3711657d1b6d7c0eeceadd1db3db87357057764ca50bdb246976a71ca4
GET /news/2023-02/telepassoburosso20230201/images/telepass-100.png HTTP/1.1
Host: www.ketchupadv.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:56:20 GMT
content-type: image/png
content-length: 3404
last-modified: Wed, 01 Feb 2023 10:38:28 GMT
etag: "d4c-5f3a10c779100"
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cHNBBGvcFbgOD3MMrp17OAsmolAEAct1CNoaZ0tyDC5ttRLoqFOtAlnTq1NSPpzHKgIx3GiWJFEVE%2BSVteN13Xm0EID9tpvLsEDc9bA8HcwavVov4iTkUEegtUSDketTkyB9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7966ed919bf10afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.ketchupadv.it/news/2023-02/telepassoburosso20230201/images/apple-30.png
104.21.39.114200 OK 992 B URL HTTP/2 www.ketchupadv.it/news/2023-02/telepassoburosso20230201/images/apple-30.png
IP 104.21.39.114:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 7339bbb4fcc2685291ff7ed70facce21
3add8808057f6310881d9802b9b2579909e378b4
b06ea5d8cf068497bfb44d931096b6782841fcbbf3fa05bd635ee28c88c4f07b
GET /news/2023-02/telepassoburosso20230201/images/apple-30.png HTTP/1.1
Host: www.ketchupadv.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:56:20 GMT
content-type: image/png
content-length: 992
last-modified: Wed, 01 Feb 2023 10:38:28 GMT
etag: "3e0-5f3a10c779100"
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sIefJOU0rV16zR7TK3ZjTkbghJHAOGMMhuLHdJ7W933%2FiZPlb%2Fds6qXJim%2B6VOjAQijnC9aXJppArRrCqDxcUab6ZG1Jwf5ks73%2FHLpnshSuZ%2FBOVhpv6WmFBb16Vra4DeN3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7966ed919bf30afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.ketchupadv.it/news/2023-02/telepassoburosso_coppia_20230201/images/apple-30.png
104.21.39.114200 OK 992 B URL HTTP/2 www.ketchupadv.it/news/2023-02/telepassoburosso_coppia_20230201/images/apple-30.png
IP 104.21.39.114:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 7339bbb4fcc2685291ff7ed70facce21
3add8808057f6310881d9802b9b2579909e378b4
b06ea5d8cf068497bfb44d931096b6782841fcbbf3fa05bd635ee28c88c4f07b
GET /news/2023-02/telepassoburosso_coppia_20230201/images/apple-30.png HTTP/1.1
Host: www.ketchupadv.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:56:20 GMT
content-type: image/png
content-length: 992
last-modified: Wed, 01 Feb 2023 10:58:10 GMT
etag: "3e0-5f3a152eb7480"
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTGCif%2FEQ%2BK%2BYl2qb6LVI%2B3PpTj7rg3W5EtmQBzGghhbOyfkIIZIb%2FQ%2FhLKfLECX%2FfySoCQAurDKikbUV4ouEsOhZDres1EHhl5p5BFWFhM7dbG5nJXZwAed%2BTViPDotS2JQBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7966ed919bec0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.ketchupadv.it/news/2023-02/telepassoburosso20230201/images/separatore.png
104.21.39.114200 OK 32 kB URL HTTP/2 www.ketchupadv.it/news/2023-02/telepassoburosso20230201/images/separatore.png
IP 104.21.39.114:0
File type PNG image data, 600 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash 80211815e33db7364a9bd4662320d288
fc7592ca81646738346e4c93588db53043f3ad9d
11cd57eef041e1e3153b0d3f3e07679c28662503b0fd2f457279e0841952ef12
GET /news/2023-02/telepassoburosso20230201/images/separatore.png HTTP/1.1
Host: www.ketchupadv.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:56:20 GMT
content-type: image/png
content-length: 32260
last-modified: Wed, 01 Feb 2023 10:38:28 GMT
etag: "7e04-5f3a10c779100"
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4SxOSngJBZ82BAqU4hks9pLNmj3ZTnkVBp%2BCaECJh6vC5niTjQ1cbtihPQlsiAF4UI5Lip2F7j9QE8zj%2Bfsjb5iWwfEzzduCdoAqiNaSOr3%2FtZo6x4A1N%2Bu9Ihabia9L9LhRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7966ed919bf00afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
perfomail.it//web/qEcX6.php
65.109.89.174200 OK 226 kB URL HTTP/2 perfomail.it//web/qEcX6.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Size 226 kB (225988 bytes)
Hash db167c70bd06e07b792783e51fce76ac
9266e2a25071bfca4f93ee5785dbe550c5478f15
ed824fc8fc47fec53d3bddd102522c044f380936ef466bd4a426864fe68a54a7
GET //web/qEcX6.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
www.ketchupadv.it/news/2023-02/telepassoburosso20230201/images/android-30.png
104.21.39.114200 OK 954 B URL HTTP/2 www.ketchupadv.it/news/2023-02/telepassoburosso20230201/images/android-30.png
IP 104.21.39.114:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash db996262d41f8d6994dd6a89212b1dd1
5d0000062b307d5ffca021ed1d3f12d74243ed39
a2c04ab69a566c7a2d4b3c6fadcca0334f2d3f2f9a9a52d29679aa2f20879efa
GET /news/2023-02/telepassoburosso20230201/images/android-30.png HTTP/1.1
Host: www.ketchupadv.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:56:20 GMT
content-type: image/png
content-length: 954
last-modified: Wed, 01 Feb 2023 10:38:28 GMT
etag: "3ba-5f3a10c779100"
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6dyBkPdqOcl9bgImmPaZY72qRtqM3TtOpCpCmg2zppUnb%2BRgtMaApHVg0sgfOkMdTy7ctHpJMRZtAHRgtggcQFHHcxfssJ%2Bthi10ZI%2BcJOIYDZdm7rJHJO9BA7VXhWkbA%2BbnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7966ed919bf40afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.ketchupadv.it/news/2023-02/telepassoburosso_coppia_20230201/images/telepass-100.png
104.21.39.114200 OK 3.4 kB URL HTTP/2 www.ketchupadv.it/news/2023-02/telepassoburosso_coppia_20230201/images/telepass-100.png
IP 104.21.39.114:0
File type PNG image data, 200 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash a16441ad8d4f484de1adbe33d75891c0
4e85a255bac8ea27a45e7b791261c8d78d950f44
94687a3711657d1b6d7c0eeceadd1db3db87357057764ca50bdb246976a71ca4
GET /news/2023-02/telepassoburosso_coppia_20230201/images/telepass-100.png HTTP/1.1
Host: www.ketchupadv.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:56:20 GMT
content-type: image/png
content-length: 3404
last-modified: Wed, 01 Feb 2023 10:58:10 GMT
etag: "d4c-5f3a152eb7480"
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7GA6SS2QsCq%2BpEoRoXIIgknR3d4LGkpMgvdpiruWFrbxg4UqWOq1shsC%2BXYT%2F6mAgCI55eyId9HvKyfEDXmfis5DqkWMBZbrb3fXgDZgOhcRI7l%2BM%2Fdq%2FdM5WmL5m5uLiZOjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7966ed91ac0b0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tracking.perfoagy.com/aff_i?offer_id=749&aff_id=1001&url_id=6699&file_id=4495
52.210.2.133200 OK 57 B URL HTTP/1.1 tracking.perfoagy.com/aff_i?offer_id=749&aff_id=1001&url_id=6699&file_id=4495
IP 52.210.2.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 993f651940189abf8792da0d5dbcef54
e73180601abfcaf9bfd8c026503fee5914a777d3
9e3e5c7f1c6ac6733bc013e89d4367cdc7bf6cd329d6e6566be52535e199b4d8
GET /aff_i?offer_id=749&aff_id=1001&url_id=6699&file_id=4495 HTTP/1.1
Host: tracking.perfoagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_749=6699; expires=Thu, 09 Feb 2023 19:56:20 GMT; path=/; SameSite=None; Secure
Tracking_id: 102682765f36aeaa3c120c1fcc442f
Access-Control-Allow-Origin: *
X-Request-Id: ef55ce7d077fa16aa31aa7d40c5afc7c
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
www.ketchupadv.it/news/2023-02/telepassoburosso20230201/images/telepass-130.png
104.21.39.114200 OK 19 kB URL HTTP/2 www.ketchupadv.it/news/2023-02/telepassoburosso20230201/images/telepass-130.png
IP 104.21.39.114:0
File type PNG image data, 260 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash fd8339c9525865697ad22d70ffe17e95
ee8898fc38fca00b4305f5df06bc4037a010a2f5
8c8ff71005b85b51b68221f7fa54d77a20f024828c37f2523cf0ad14159c1b7f
GET /news/2023-02/telepassoburosso20230201/images/telepass-130.png HTTP/1.1
Host: www.ketchupadv.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:56:20 GMT
content-type: image/png
content-length: 18927
last-modified: Wed, 01 Feb 2023 10:38:28 GMT
etag: "49ef-5f3a10c779100"
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woh9X4V20uBwMKxLR7%2FBR%2Ff%2FvL9AYysbr6AnI1d1uxzJKCNe3X7mFr2Si0eVJ4YZtUuhNeO%2BR8pJeNM27jUdjhIwvXc4lge18p2WYfn019ov7CFtvu01Vv5Lsd%2FUHDEPyu07Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7966ed919bed0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
href.li/?https://perfomail.it//web/HLxIr.php
192.0.78.26200 OK 96 kB URL HTTP/2 href.li/?https://perfomail.it//web/HLxIr.php
IP 192.0.78.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a4ad311eaed4ad5f04cc9005e3b72b5f
591eba740d487014e0cc8bb19a0ae593d0e098b9
c77407409da157cf9bc365ad8a28cb11a0c601b7e0908a60d132bfc791f81fa8
GET /?https://perfomail.it//web/HLxIr.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
perfomail.it//web/atXhI.php
65.109.89.174200 OK 6.4 kB URL HTTP/2 perfomail.it//web/atXhI.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash 072a4dda1c339ae2977555f9040cdfe2
0316b272e7085a2f7b314fb3d350974c40d4bb2b
7d230e721661e44636d8bf07340ae1711799cfb66f11240c04bd4b32c4b2865f
GET //web/atXhI.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
perfomail.it//web/B7dWs.php
65.109.89.174200 OK 41 kB URL HTTP/2 perfomail.it//web/B7dWs.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash b0c4c8c6e10cb3db79e739bb54a80153
4417009daf4e2ea78ce30e1db8a7a270e6997973
9843106d559f8be77a99df3c5ac64d396328cd503b96e1b88868df4eed8c6507
GET //web/B7dWs.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Promo_New.png
178.62.120.218200 OK 26 kB URL HTTP/1.1 performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Promo_New.png
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 900 x 380, 8-bit/color RGBA, non-interlaced\012- data
Hash 4072b17baf32c014eeb20a8cd6020def
3f9af1c0993a5539083ae26a9327e46bdd1b485c
55f7037bca7551ff20a8651e38b15d93fbe987cfb4324342a2a28248b8be6de8
GET /upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Promo_New.png HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/png
Content-Length: 26146
Last-Modified: Tue, 31 Jan 2023 16:38:56 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63d94420-6622"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Separatore.png
178.62.120.218200 OK 2.6 kB URL HTTP/1.1 performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Separatore.png
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 1200 x 108, 8-bit/color RGBA, non-interlaced\012- data
Hash 34c93cbf4a1985fe359742b3435002c9
44b49dc9291691e871a5bb254bb38af95a36a9c0
8eb779a5f74e3f0a2fca67a4050597ece945b9b765c5f0ca3b65e67730972f45
GET /upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Separatore.png HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/png
Content-Length: 2587
Last-Modified: Tue, 31 Jan 2023 16:38:56 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63d94420-a1b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Header_2.jpg
178.62.120.218200 OK 150 kB URL HTTP/1.1 performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Header_2.jpg
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 668x966, components 3\012- data
Size 150 kB (149904 bytes)
Hash 66cec89a60888a0730449158241294c0
c211676d77b19000a4e59ca2005e4b4c4ded36ce
e96af08cc9aab8b8b2ac280c788f329d567a50b9e3368c9843c2ec4f58adfa76
GET /upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Header_2.jpg HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/jpeg
Content-Length: 149904
Last-Modified: Tue, 31 Jan 2023 16:38:54 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63d9441e-24990"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
performagency.it/upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/ALD_footer_FB_190x95.jpg
178.62.120.218200 OK 2.1 kB URL HTTP/1.1 performagency.it/upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/ALD_footer_FB_190x95.jpg
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 33x95, components 3\012- data
Hash 5dd17afb3af6a8420496e9c5c4648578
febd7d42c6141de2d4ecec20e41e0c2dce172398
e4501aa57c29db6dbf3c0c731cd51184b86afaaf1673b14b51036b6a457daf5c
GET /upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/ALD_footer_FB_190x95.jpg HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/jpeg
Content-Length: 2068
Last-Modified: Tue, 07 Feb 2023 08:46:13 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63e20fd5-814"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
tracking.perfoagy.com/aff_i?offer_id=1342&aff_id=1001&url_id=6652&file_id=4457
52.210.2.133200 OK 57 B URL HTTP/1.1 tracking.perfoagy.com/aff_i?offer_id=1342&aff_id=1001&url_id=6652&file_id=4457
IP 52.210.2.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 993f651940189abf8792da0d5dbcef54
e73180601abfcaf9bfd8c026503fee5914a777d3
9e3e5c7f1c6ac6733bc013e89d4367cdc7bf6cd329d6e6566be52535e199b4d8
GET /aff_i?offer_id=1342&aff_id=1001&url_id=6652&file_id=4457 HTTP/1.1
Host: tracking.perfoagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_1342=6652; expires=Thu, 09 Feb 2023 19:56:20 GMT; path=/; SameSite=None; Secure
Tracking_id: 10279be9967cefb0d209404a52b8de
Access-Control-Allow-Origin: *
X-Request-Id: a7c4f5a3503988123a342ac92417e008
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 78f432fe921e092017350936e331ebef
1f7c4959ba3b162644109c32d81d8a008cb670b9
122a7eb164295eee83722d8f88f12e9499a45afcdbdcfa27ac905804ccb276d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2918
Cache-Control: max-age=118033
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:20 GMT
Etag: "63e31d0f-117"
Expires: Fri, 10 Feb 2023 04:43:33 GMT
Last-Modified: Wed, 08 Feb 2023 03:54:55 GMT
Server: ECS (amb/6B8A)
X-Cache: HIT
Content-Length: 279
performagency.it/upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/Ready-to-Drive_550x160.png
178.62.120.218200 OK 212 kB URL HTTP/1.1 performagency.it/upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/Ready-to-Drive_550x160.png
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 550 x 160, 8-bit/color RGBA, non-interlaced\012- data
Size 212 kB (211728 bytes)
Hash 14ec10606a61c79b8acc91f5165e687f
082b69af41d40f2e6d1e02e56653927b1882f5f3
637cb8b4b2caec54c76b4960295eb09132260361cbc43b4e8740815fbc69a8c3
GET /upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/Ready-to-Drive_550x160.png HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/png
Content-Length: 211728
Last-Modified: Tue, 07 Feb 2023 08:46:13 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63e20fd5-33b10"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
perfomail.it//web/IoD2U.php
65.109.89.174200 OK 8.2 kB URL HTTP/2 perfomail.it//web/IoD2U.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1762), with CRLF, LF line terminators
Hash 34f3a420649cbde50c723bcfb4fa0d3c
cd644233bfc2b945d7d433d23f63ce1018c238ee
075cee6194309f9c99f079ce8e37424375366bb1d6cb3c5f23bdeeb222a77822
GET //web/IoD2U.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
tracking.perfoagy.com/aff_i?offer_id=391&aff_id=1001&url_id=6711&file_id=4502
52.210.2.133200 OK 57 B URL HTTP/1.1 tracking.perfoagy.com/aff_i?offer_id=391&aff_id=1001&url_id=6711&file_id=4502
IP 52.210.2.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 993f651940189abf8792da0d5dbcef54
e73180601abfcaf9bfd8c026503fee5914a777d3
9e3e5c7f1c6ac6733bc013e89d4367cdc7bf6cd329d6e6566be52535e199b4d8
GET /aff_i?offer_id=391&aff_id=1001&url_id=6711&file_id=4502 HTTP/1.1
Host: tracking.perfoagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_391=6711; expires=Thu, 09 Feb 2023 19:56:20 GMT; path=/; SameSite=None; Secure
Tracking_id: 1029e3fe5b8572173e6a239a9b1564
Access-Control-Allow-Origin: *
X-Request-Id: d09f491e7087151f7228ed7a8ecfe22b
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 78f432fe921e092017350936e331ebef
1f7c4959ba3b162644109c32d81d8a008cb670b9
122a7eb164295eee83722d8f88f12e9499a45afcdbdcfa27ac905804ccb276d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1353
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:20 GMT
Etag: "63e31d0f-117"
Last-Modified: Wed, 08 Feb 2023 19:33:47 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
performagency.it/upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/sevizi_550x162.png
178.62.120.218200 OK 51 kB URL HTTP/1.1 performagency.it/upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/sevizi_550x162.png
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 550 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash ba0eac5af70ff05935d968f1ca8fc96c
57c9483804d0485cad8a70e637e193572ae8aa30
de3f3a8d061dc0677961a89b9fcb59a0435cd2e8999b1c48bc424a25ba0a77d8
GET /upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/sevizi_550x162.png HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/png
Content-Length: 51406
Last-Modified: Tue, 07 Feb 2023 08:46:13 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63e20fd5-c8ce"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 78f432fe921e092017350936e331ebef
1f7c4959ba3b162644109c32d81d8a008cb670b9
122a7eb164295eee83722d8f88f12e9499a45afcdbdcfa27ac905804ccb276d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1353
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:20 GMT
Etag: "63e31d0f-117"
Last-Modified: Wed, 08 Feb 2023 19:33:47 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
performagency.it/upload/dem/ZurichV2/ZurichV2Febbraio_Crea_Auto/spacer.gif
178.62.120.218200 OK 43 B URL HTTP/1.1 performagency.it/upload/dem/ZurichV2/ZurichV2Febbraio_Crea_Auto/spacer.gif
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /upload/dem/ZurichV2/ZurichV2Febbraio_Crea_Auto/spacer.gif HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Tue, 07 Feb 2023 15:08:32 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63e26970-2b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
performagency.it/upload/dem/ZurichV2/ZurichV2Febbraio_Crea_Auto/header.jpg
178.62.120.218200 OK 96 kB URL HTTP/1.1 performagency.it/upload/dem/ZurichV2/ZurichV2Febbraio_Crea_Auto/header.jpg
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x270, components 3\012- data
Hash c6adfe404f24960c5cb0eb0cdb4996ac
16aa7c1629afbf1684e779463604c24169f2fe0a
fa1540a22640eb48b505bc383ebce35eaed720a8e152e9ad7b09919304aae34c
GET /upload/dem/ZurichV2/ZurichV2Febbraio_Crea_Auto/header.jpg HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/jpeg
Content-Length: 96009
Last-Modified: Tue, 07 Feb 2023 15:08:32 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63e26970-17709"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 78f432fe921e092017350936e331ebef
1f7c4959ba3b162644109c32d81d8a008cb670b9
122a7eb164295eee83722d8f88f12e9499a45afcdbdcfa27ac905804ccb276d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2918
Cache-Control: max-age=118033
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:20 GMT
Etag: "63e31d0f-117"
Expires: Fri, 10 Feb 2023 04:43:33 GMT
Last-Modified: Wed, 08 Feb 2023 03:54:55 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
performagency.it/upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/ALD_footer_IN_190x95.jpg
178.62.120.218200 OK 2.1 kB URL HTTP/1.1 performagency.it/upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/ALD_footer_IN_190x95.jpg
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 33x95, components 3\012- data
Hash ac020bc104241f7f6233729d1db13ae2
8c21576b89143ee621b54848d1d7bbcc02340c88
9f7676768ab381af03321d309223e48d484470b795eb3780c9f9e55c079df610
GET /upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/ALD_footer_IN_190x95.jpg HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/jpeg
Content-Length: 2123
Last-Modified: Tue, 07 Feb 2023 08:46:13 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63e20fd5-84b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.ketchupadv.it/news/2023-02/telepassoburosso_coppia_20230201/images/visore_600.png
104.21.39.114200 OK 483 kB URL HTTP/2 www.ketchupadv.it/news/2023-02/telepassoburosso_coppia_20230201/images/visore_600.png
IP 104.21.39.114:0
File type PNG image data, 600 x 638, 8-bit/color RGBA, non-interlaced\012- data
Size 483 kB (482570 bytes)
Hash f3852e2bc6d7f31e2ffdbb2e5e72b4ef
0284c11837d0ed5a9bfbc8c22b4bf9b44084cff8
bfbb8de3969892dcf20de784b4176561de6319be3461807b94c8dbbe6b400de0
GET /news/2023-02/telepassoburosso_coppia_20230201/images/visore_600.png HTTP/1.1
Host: www.ketchupadv.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:56:20 GMT
content-type: image/png
content-length: 482570
last-modified: Wed, 01 Feb 2023 10:58:10 GMT
etag: "75d0a-5f3a152eb7480"
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQMUTr6M7imHoHNshEIXMPFGMk6fOAxN29dAW3qonQSY%2Ba%2Fq2s4yyBp3nhDIVb6mA3AX67RX%2FHEnKZ%2F3KqQJX2sUiDwt9HCoYyWqHD5OUOqo4pSTrCpC6s4IMmQ0u%2FliaeSQsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7966ed941f620afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 7728720530c8d19d44928b0f274502b4
2eed000c8e731e3dfc28f28098144dc30c24cfb3
54e9eb7dcd6c78151fac6a36d4d3548893246d73dfcd079a05305edba9cc44ff
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111905
Date: Wed, 08 Feb 2023 19:56:20 GMT
Etag: "63e3010f-1d7"
Expires: Fri, 10 Feb 2023 03:01:25 GMT
Last-Modified: Wed, 08 Feb 2023 01:55:27 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dlgWXZOQs8p78GU-ERRd1e6Gwz7WfFg8s--EmjyZLV0P4K9TgRX_QQ==
Age: 3958
performagency.it/upload/dem/AgosV4/AgosV4Febbraio_Crea_PA/header_ragazza.png
178.62.120.218200 OK 395 kB URL HTTP/1.1 performagency.it/upload/dem/AgosV4/AgosV4Febbraio_Crea_PA/header_ragazza.png
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 716 x 792, 8-bit/color RGBA, non-interlaced\012- data
Size 395 kB (394911 bytes)
Hash 74e8ddbb6b62b52031ef779100532fae
dcd4b5b638c3b3135d92063b2ed5e15dd2a94cd9
7292b180dbad56de45bc275574cc72424c317c1a2b2a7862cdb84e5800915620
GET /upload/dem/AgosV4/AgosV4Febbraio_Crea_PA/header_ragazza.png HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/png
Content-Length: 394911
Last-Modified: Tue, 07 Feb 2023 15:50:28 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63e27344-6069f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 7728720530c8d19d44928b0f274502b4
2eed000c8e731e3dfc28f28098144dc30c24cfb3
54e9eb7dcd6c78151fac6a36d4d3548893246d73dfcd079a05305edba9cc44ff
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108327
Date: Wed, 08 Feb 2023 19:56:20 GMT
Etag: "63e3010f-1d7"
Expires: Fri, 10 Feb 2023 02:01:47 GMT
Last-Modified: Wed, 08 Feb 2023 01:55:27 GMT
Server: ECS (dcb/7F16)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mQ6HnyQBNfvgZznu_Gv9GLGK52xFLuuKquLnVeFnHZR1WJZbG6bOWg==
Age: 380
href.li/?https://perfomail.it//web/3KVp9.php
192.0.78.26200 OK 2.0 kB URL HTTP/2 href.li/?https://perfomail.it//web/3KVp9.php
IP 192.0.78.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash efd42cc77bb0f3735313b63dac00df05
10991f731cd0776686d85c8428eb3a4d5e36243d
5784557ed9fa4a27d81cf2b98e44d16bac0f0c9e9bbc02724611f98f0678d7f4
GET /?https://perfomail.it//web/3KVp9.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
www.ketchupadv.it/news/2023-02/telepassoburosso_coppia_20230201/images/separatore.png
104.21.39.114200 OK 47 kB URL HTTP/2 www.ketchupadv.it/news/2023-02/telepassoburosso_coppia_20230201/images/separatore.png
IP 104.21.39.114:0
File type PNG image data, 600 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash b74e0d380eb7e00ed24888b4bf3e8f11
36ef6c68e99058eff506ec442ed69653aa90999f
9558aa0ef5a39c2bfd0fbe74ae8fd3a78040b8f2478d1cb438dee1d82a6d8f9a
GET /news/2023-02/telepassoburosso_coppia_20230201/images/separatore.png HTTP/1.1
Host: www.ketchupadv.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:56:20 GMT
content-type: image/png
content-length: 47367
last-modified: Wed, 01 Feb 2023 10:58:10 GMT
etag: "b907-5f3a152eb7480"
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCSHeit7WkFvWr2cmAi7%2FCvq7qSRCKLTvJ5Fhq25jZx%2BfmZDDux%2F9iUmT%2FQz7w5IVKDc%2F4y8FKU%2BP9LmfoUexdmVutdh6mhot%2BNNU4J3alVAj25gPaC2aD3OmHEPqOwkHHUG9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7966ed93cf270afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
performagency.it/upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/visore_550x410.png
178.62.120.218200 OK 325 kB URL HTTP/1.1 performagency.it/upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/visore_550x410.png
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 550 x 410, 8-bit/color RGBA, non-interlaced\012- data
Size 325 kB (324673 bytes)
Hash 90adc6914c735ef7f43ae97db49c282e
872e3bb878dfe436df2ba153483fccf2774e48f6
c7d0f915e686a2bcd613b60f22d847177f89f2786f02ef2c09a550ed7e9b2dcc
GET /upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/visore_550x410.png HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/png
Content-Length: 324673
Last-Modified: Tue, 07 Feb 2023 08:46:13 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63e20fd5-4f441"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
performagency.it/upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/ALD_footer_IG_190x95.jpg
178.62.120.218200 OK 2.2 kB URL HTTP/1.1 performagency.it/upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/ALD_footer_IG_190x95.jpg
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 33x95, components 3\012- data
Hash e8432fcb2cf2920e5c7585965b728038
1609d77051f3387e477975913252055dd2795fa5
282456bc80c71f9e06062e33b24128de01f07bd1f3271c7a89dfd3870c7251a7
GET /upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/ALD_footer_IG_190x95.jpg HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/jpeg
Content-Length: 2225
Last-Modified: Tue, 07 Feb 2023 08:46:13 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63e20fd5-8b1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
perfomail.it/1guneoXo1h/cftc/AXQcFU/NEObcrrhhi/MENZaywUEwE/W0tVcnk/rei4
65.109.89.174200 OK 7.2 kB URL HTTP/2 perfomail.it/1guneoXo1h/cftc/AXQcFU/NEObcrrhhi/MENZaywUEwE/W0tVcnk/rei4
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash 68ca04f7b6c67bf4e5ed36d026613963
230bf6ac9b0407eef458c6a96d037cd10bb6e602
b2da9bcf5044e470930b0af0381c6f3eb82346f9898e4c463f9c177d4b44a5a0
GET /1guneoXo1h/cftc/AXQcFU/NEObcrrhhi/MENZaywUEwE/W0tVcnk/rei4 HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it//web/4x92U.php
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
go.ketchupadv.it/aff_i?offer_id=2642&aff_id=1423&file_id=18974
52.210.124.209200 OK 57 B URL HTTP/1.1 go.ketchupadv.it/aff_i?offer_id=2642&aff_id=1423&file_id=18974
IP 52.210.124.209:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 993f651940189abf8792da0d5dbcef54
e73180601abfcaf9bfd8c026503fee5914a777d3
9e3e5c7f1c6ac6733bc013e89d4367cdc7bf6cd329d6e6566be52535e199b4d8
GET /aff_i?offer_id=2642&aff_id=1423&file_id=18974 HTTP/1.1
Host: go.ketchupadv.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Tracking_id: 1025603a2b29119d411527a748209a
Access-Control-Allow-Origin: *
X-Request-Id: 2f65d0fea5cb4f2ff25802d70bbae188
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
perfomail.it//web/ErbFW.php
65.109.89.174200 OK 111 kB URL HTTP/2 perfomail.it//web/ErbFW.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Size 111 kB (111446 bytes)
Hash 76d0a2448abf17688aefa6fe42cee3e0
9a05eceb0245208c5c23d7930a466147a58ec309
c640568ad442be24249e6b4095fb5cf1a7651698712e66d9239881f77dddbb49
GET //web/ErbFW.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_2800.png
178.62.120.218200 OK 7.7 kB URL HTTP/1.1 performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_2800.png
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 252 x 78, 8-bit/color RGBA, non-interlaced\012- data
Hash 4ea3081a012d02d921b60266b5e5b144
144099b91bf2f4243418eddc3ba1669c1d359104
4353056d49c3e314e53efb1105ed0ffe505dbe9b5669491167959f14eae5a9e2
GET /upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_2800.png HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/png
Content-Length: 7723
Last-Modified: Tue, 31 Jan 2023 16:38:53 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63d9441d-1e2b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_200.png
178.62.120.218200 OK 5.4 kB URL HTTP/1.1 performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_200.png
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 252 x 78, 8-bit/color RGBA, non-interlaced\012- data
Hash de9d2c91c8f77a9d3827aafb2b7ca920
feac85100b42a864c63fe944ef7dcc773547daca
949855c2937b6d652970239288449bd58f0a2e02d5fa46db922a8aaa0b4b7a79
GET /upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_200.png HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/png
Content-Length: 5446
Last-Modified: Tue, 31 Jan 2023 16:38:53 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63d9441d-1546"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
href.li/?https://perfomail.it//web/b9YcQ.php
192.0.78.26200 OK 8.3 kB URL HTTP/2 href.li/?https://perfomail.it//web/b9YcQ.php
IP 192.0.78.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6608f06bbf9ce30fea63c300f90db5a0
1db8886f356e666acf116bd17c215826f90463a0
1ea109d1b260f71dc08b4aa804d7c6ce2d5bcfe08bb43632a55fb6846b61f90e
GET /?https://perfomail.it//web/b9YcQ.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Icon2.png
178.62.120.218200 OK 3.1 kB URL HTTP/1.1 performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Icon2.png
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 51b26de3280eaec4211230ac1cffde97
0d1995bcd467530524882eb437fd201c5dd4ba62
30a54428c2835d27331156fe4aa5357ec99a0a6630ec389eee1552174cf2c6ba
GET /upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Icon2.png HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/png
Content-Length: 3053
Last-Modified: Tue, 31 Jan 2023 16:38:55 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63d9441f-bed"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
perfomail.it//web/xgqBh.php
65.109.89.174200 OK 5.6 kB URL HTTP/2 perfomail.it//web/xgqBh.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash 9270e5ec9a710b616740a0922a802f82
92593439a7fa049d2e3dddbc79fe003830f2555c
699f1a243aff21253fe49119e114cea8d59945ebff46f45791d86831ebc0a2a2
GET //web/xgqBh.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
perfomail.it//web/DFPTC.php
65.109.89.174200 OK 7.1 kB URL HTTP/2 perfomail.it//web/DFPTC.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash 905d7ab01c2d8540008191abfe2321eb
d8f46c22ff00f999e82551082cf5747fc3a99987
afdc8b44b7979048be977cad799c8f78ad2a92f957724b7cc628ca5812511949
GET //web/DFPTC.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Logo-Footer.png
178.62.120.218200 OK 2.4 kB URL HTTP/1.1 performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Logo-Footer.png
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 222 x 62, 8-bit/color RGBA, non-interlaced\012- data
Hash a00d6a405c37b200077ac386658e664b
1f8fb7e47b901de60a88af8b77ddc8ca5e87149d
91b13973e899d6cc5ada38d777c14a00850012fcd78e5bb60956baa7af37f698
GET /upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Logo-Footer.png HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/png
Content-Length: 2370
Last-Modified: Tue, 31 Jan 2023 16:38:55 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63d9441f-942"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
performagency.it/upload/dem/AgosV4/AgosV4Febbraio_Crea_PA/_def_AGOS_logo_small.png
178.62.120.218200 OK 3.4 kB URL HTTP/1.1 performagency.it/upload/dem/AgosV4/AgosV4Febbraio_Crea_PA/_def_AGOS_logo_small.png
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 176 x 68, 8-bit/color RGBA, non-interlaced\012- data
Hash 69c86ca8bb4ae78a32caee4f4fe747e2
0dde24062f6a54b4b7052f822733955f820701f3
f082002807bee5dfe2b5ddbdafa6f4dd8920e92ca1a2a132b1e53d92bf033b6c
GET /upload/dem/AgosV4/AgosV4Febbraio_Crea_PA/_def_AGOS_logo_small.png HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/png
Content-Length: 3404
Last-Modified: Tue, 07 Feb 2023 15:50:28 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63e27344-d4c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
performagency.it/upload/dem/AgosV4/AgosV4Febbraio_Crea_PA/_def_ico_social_Facebook.png
178.62.120.218200 OK 2.0 kB URL HTTP/1.1 performagency.it/upload/dem/AgosV4/AgosV4Febbraio_Crea_PA/_def_ico_social_Facebook.png
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash 058421d57d980de523ebc693c2807168
22c9ccef5e5f56f3b92695a4b64b20494884a000
0adb08c246883be37910bf7d6a992148b11ac13e0f5a764da5916064ded909d6
GET /upload/dem/AgosV4/AgosV4Febbraio_Crea_PA/_def_ico_social_Facebook.png HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/png
Content-Length: 2028
Last-Modified: Tue, 07 Feb 2023 15:50:28 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63e27344-7ec"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
performagency.it/upload/dem/AgosV4/AgosV4Febbraio_Crea_PA/_def_ico_social_Instagram.png
178.62.120.218200 OK 1.8 kB URL HTTP/1.1 performagency.it/upload/dem/AgosV4/AgosV4Febbraio_Crea_PA/_def_ico_social_Instagram.png
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash acffa013fbc335dd49c4c1ca12bf62c1
d729bc57e38382c12b8630449c4e9dfd71e0db5a
78207e6dbbef38ffac07831f5cd6fc7be0dfb01eb5148a1d92c3154e8388c95e
GET /upload/dem/AgosV4/AgosV4Febbraio_Crea_PA/_def_ico_social_Instagram.png HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/png
Content-Length: 1821
Last-Modified: Tue, 07 Feb 2023 15:50:28 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63e27344-71d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
performagency.it/upload/dem/AgosV4/AgosV4Febbraio_Crea_PA/_def_ico_social_LinkdIn.png
178.62.120.218200 OK 2.0 kB URL HTTP/1.1 performagency.it/upload/dem/AgosV4/AgosV4Febbraio_Crea_PA/_def_ico_social_LinkdIn.png
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash 2b949f2cd2274f7d2da2df535512182f
0fec7012513d38d6742269633d2d5ce05f3c8c1c
341cd280c0e89d0bb377c8af72bd12f01ad31fbb07ac5f81199adffb20d08d7c
GET /upload/dem/AgosV4/AgosV4Febbraio_Crea_PA/_def_ico_social_LinkdIn.png HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/png
Content-Length: 1983
Last-Modified: Tue, 07 Feb 2023 15:50:28 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63e27344-7bf"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
tracking.perfoagy.com/aff_i?offer_id=628&aff_id=1001&url_id=6691&file_id=4485
52.210.2.133200 OK 57 B URL HTTP/1.1 tracking.perfoagy.com/aff_i?offer_id=628&aff_id=1001&url_id=6691&file_id=4485
IP 52.210.2.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 993f651940189abf8792da0d5dbcef54
e73180601abfcaf9bfd8c026503fee5914a777d3
9e3e5c7f1c6ac6733bc013e89d4367cdc7bf6cd329d6e6566be52535e199b4d8
GET /aff_i?offer_id=628&aff_id=1001&url_id=6691&file_id=4485 HTTP/1.1
Host: tracking.perfoagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_628=6691; expires=Thu, 09 Feb 2023 19:56:20 GMT; path=/; SameSite=None; Secure
Tracking_id: 102e621a15e0793977c3263c65d7e0
Access-Control-Allow-Origin: *
X-Request-Id: 4a5873667d2c6107c9a0716b4b4da4d2
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
performagency.it/upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/ALD_footer_logo_190x95.jpg
178.62.120.218200 OK 5.4 kB URL HTTP/1.1 performagency.it/upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/ALD_footer_logo_190x95.jpg
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 190x95, components 3\012- data
Hash 14739337db013d41fce36eb877f299b3
abb702cdab707692af1381e07aaaf4947ae36757
dd1756a83dfaff1d71d8cc2f7a0fe04fa43722d08828a7a5eb30bf5ceb07bc85
GET /upload/dem/ALDV6/ALDV6Febbraio_Crea_Sanremo_7-11/ALD_footer_logo_190x95.jpg HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/jpeg
Content-Length: 5353
Last-Modified: Tue, 07 Feb 2023 08:46:13 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63e20fd5-14e9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
go.ketchupadv.it/aff_i?offer_id=2642&aff_id=1423&file_id=18973
52.210.124.209200 OK 608 B URL HTTP/1.1 go.ketchupadv.it/aff_i?offer_id=2642&aff_id=1423&file_id=18973
IP 52.210.124.209:0
Hash 67b49a5ee2341c0862e8fba5de2dccfd
3eba1cbfa76bcbea10b2cbcc1cfb9855a7134cb9
166b54b55e8c215c48b5f1a58cf82758609c4af95d49a36d7f75b2b044a5d8e5
GET /aff_i?offer_id=2642&aff_id=1423&file_id=18973 HTTP/1.1
Host: go.ketchupadv.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Tracking_id: 1025603a2b29119d411527a748209a
Access-Control-Allow-Origin: *
X-Request-Id: 6557b1a4c01ff6c1531b4ad29ad8ebc0
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Header_1.jpg
178.62.120.218200 OK 8.8 kB URL HTTP/1.1 performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Header_1.jpg
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 266x966, components 3\012- data
Hash 736ce3514868ccf00a66a8f90114679f
00ac70d486cdbf3c4ca8c78662d7d6a446c19eb5
2d38381512a7b67ed68015c52d98e732fc276898d38296269858609c76cef89e
GET /upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Header_1.jpg HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/jpeg
Content-Length: 8796
Last-Modified: Tue, 31 Jan 2023 16:38:54 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63d9441e-225c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Header_3.jpg
178.62.120.218200 OK 10 kB URL HTTP/1.1 performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Header_3.jpg
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 266x966, components 3\012- data
Hash dec4467a7d64f147b44ea82ddbc49a3a
c050465d7155acfe9fc185018843154ee6ac8542
d0efd0afc85d8dcaad7199d9b0ad0a8aed1c27e02f2f156127e8faad388b731a
GET /upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/Fineco_CampagnaCC_DEM_Header_3.jpg HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/jpeg
Content-Length: 10165
Last-Modified: Tue, 31 Jan 2023 16:38:54 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63d9441e-27b5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/spacer.gif
178.62.120.218200 OK 43 B URL HTTP/1.1 performagency.it/upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/spacer.gif
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /upload/dem/FinecoV1/FinecoV1Febbraio_Crea_Banking/spacer.gif HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Tue, 31 Jan 2023 16:38:56 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63d94420-2b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
perfomail.it//web/leo4d.php
65.109.89.174200 OK 7.3 kB URL HTTP/2 perfomail.it//web/leo4d.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash 77b93109877b99956eb5c5c4c21178fe
7fc55eebc5f5ee2b6ae6d8dceaba8983ff3fdcdf
5eb52d8b1bdb585629ccac784aaa4e317fdc710e76c9a2fb594a3aea2667cae7
GET //web/leo4d.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
www.ketchupadv.it/news/2023-02/telepassoburosso_coppia_20230201/images/telepass-130.png
104.21.39.114200 OK 19 kB URL HTTP/2 www.ketchupadv.it/news/2023-02/telepassoburosso_coppia_20230201/images/telepass-130.png
IP 104.21.39.114:0
File type PNG image data, 260 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash fd8339c9525865697ad22d70ffe17e95
ee8898fc38fca00b4305f5df06bc4037a010a2f5
8c8ff71005b85b51b68221f7fa54d77a20f024828c37f2523cf0ad14159c1b7f
GET /news/2023-02/telepassoburosso_coppia_20230201/images/telepass-130.png HTTP/1.1
Host: www.ketchupadv.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:56:20 GMT
content-type: image/png
content-length: 18927
last-modified: Wed, 01 Feb 2023 10:58:10 GMT
etag: "49ef-5f3a152eb7480"
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YM3pImhHAnXs%2BlWXrfaaNuK8yLQq2fhIxmyRsFYQH%2FwX5nZ6OmZ2FCKeZXJIGoffYaTwAPelQHpG9weNwY4s7lVfBWiv0hZboiuHsj3nlDRIw908J55dqDet8fZSOloo%2BzwQzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7966ed940f580afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 1c4d1f98df372e464d7a7c3f4185773a
3d047026666dc137381986ac2dde68f6346f6575
17afffef3b1ff40ef673fbd35c5b5f34b672c44180fc120bddfe010a06056dd8
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 12 Feb 2023 19:12:43 GMT
ETag: "3d047026666dc137381986ac2dde68f6346f6575"
Last-Modified: Wed, 08 Feb 2023 19:12:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7966ed94d8feb529-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31f7c361019e555fef5bb0029e0bc9ac
56459e0689b3bedf77cde860cc939c5c42e804db
3c8f7227a1336f65e92b4a5105ea0e0b915e5e0f61014a60a5be8f733ceabf59
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C8F7227A1336F65E92B4A5105EA0E0B915E5E0F61014A60A5BE8F733CEABF59"
Last-Modified: Tue, 07 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4017
Expires: Wed, 08 Feb 2023 21:03:17 GMT
Date: Wed, 08 Feb 2023 19:56:20 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b5491b1c36845e52e6b2b1a86c266d60
9f7fb98dce608b7f50f6d529a550d2919d551a9d
e974f67585837852377b40e4339c2f23d26de6d2024931e94301a84e24b32861
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=107542
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:20 GMT
Etag: "63e2ff79-117"
Expires: Fri, 10 Feb 2023 01:48:42 GMT
Last-Modified: Wed, 08 Feb 2023 01:48:41 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
href.li/?https://perfomail.it//web/gFfyZ.php
192.0.78.26200 OK 274 B URL HTTP/2 href.li/?https://perfomail.it//web/gFfyZ.php
IP 192.0.78.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2fb88edab70dd55626dca3eba81f79de
c4142dbc67a25100b978ceaba3406f19b2e26bfa
f2f6239771bf9015b0abe15d81037cf4c30f3dedc283f060306f04f04a98278b
GET /?https://perfomail.it//web/gFfyZ.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
repo.edenred.it/DEM/CREATIVITA/HERO/2021/TR/09_SETTEMBRE/edenred-tr_21-09_DEMadv-box01.jpg
18.196.92.184200 OK 67 kB URL HTTP/1.1 repo.edenred.it/DEM/CREATIVITA/HERO/2021/TR/09_SETTEMBRE/edenred-tr_21-09_DEMadv-box01.jpg
IP 18.196.92.184:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1440x932, components 3\012- data
Hash e3879883d45f08af9bf52196a7d640cd
2a32eaac1582bb2b0a26d83a0f8b12f95624c763
2c0bf4a2095780fc615f18b01ca14ac3e929837b66f15930d9ace72dfbdd72ad
GET /DEM/CREATIVITA/HERO/2021/TR/09_SETTEMBRE/edenred-tr_21-09_DEMadv-box01.jpg HTTP/1.1
Host: repo.edenred.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 19:56:20 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Tue, 02 Nov 2021 13:32:37 GMT
ETag: "10772-5cfce53b1e073"
Accept-Ranges: bytes
Content-Length: 67442
Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
href.li/?https://perfomail.it//web/oUTZ5.php
192.0.78.26200 OK 1.8 kB URL HTTP/2 href.li/?https://perfomail.it//web/oUTZ5.php
IP 192.0.78.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1a33d3322d24a5e88a87d8790e82b684
1db52fdf000c7d7ffa2b5f76a2d83be4f14ecd78
61cbf52ec8d72337592e47e8d916512f37af9c160a1788f97ed63d70c3975522
GET /?https://perfomail.it//web/oUTZ5.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
repo.edenred.it/DEM/CREATIVITA/SPENDIBILITA/2021/09_SETTEMBRE/edenred-tr_21-09_DEMadv-sendibilitaLocali.jpg
18.196.92.184200 OK 159 kB URL HTTP/1.1 repo.edenred.it/DEM/CREATIVITA/SPENDIBILITA/2021/09_SETTEMBRE/edenred-tr_21-09_DEMadv-sendibilitaLocali.jpg
IP 18.196.92.184:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x432, components 3\012- data
Size 159 kB (159177 bytes)
Hash dcfb16f89942f8b24de50853a0b26015
0dce7d02315c65e9ac26287072422a248ca17d6a
f2675cfd71b8b9112c2a666a8a8e6841974c20ab8122f18b1167b66a4b4473db
GET /DEM/CREATIVITA/SPENDIBILITA/2021/09_SETTEMBRE/edenred-tr_21-09_DEMadv-sendibilitaLocali.jpg HTTP/1.1
Host: repo.edenred.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 19:56:20 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Mon, 27 Sep 2021 13:04:30 GMT
ETag: "26dc9-5ccf9bcd72cd5"
Accept-Ranges: bytes
Content-Length: 159177
Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
track.perfoss.com/v2/open/lh2nvl8443t6itgbw59/%7Bemail%7D
192.46.236.54200 OK 43 B URL HTTP/2 track.perfoss.com/v2/open/lh2nvl8443t6itgbw59/%7Bemail%7D
IP 192.46.236.54:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /v2/open/lh2nvl8443t6itgbw59/%7Bemail%7D HTTP/1.1
Host: track.perfoss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: image/gif
content-length: 43
x-powered-by: PHP/7.4.28
set-cookie: op[lh2nvl8443t6itgbw59]=1; expires=Fri, 10-Mar-2023 19:56:20 GMT; Max-Age=2592000; path=/; secure; SameSite=None
cache-control: max-age=10
x-robots-tag: noindex
x-served-by: track.perfoss.com
X-Firefox-Spdy: h2
repo.edenred.it/DEM/CREATIVITA/HERO/2022/TR/12_DICEMBRE/edenred-tr_22-12_DemADV-visualHero.jpg
18.196.92.184200 OK 274 kB URL HTTP/1.1 repo.edenred.it/DEM/CREATIVITA/HERO/2022/TR/12_DICEMBRE/edenred-tr_22-12_DemADV-visualHero.jpg
IP 18.196.92.184:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 1200x600, components 3\012- data
Size 274 kB (274191 bytes)
Hash 46e3a71fe852bdad8e8e1eb5c0f0330e
a2b656c9764af76b103e55781ca653a9c489f83b
bec5b3d698ca1e966b27ed2b3a236b45e6c58515ec4fe77c341134dd6ad77d34
GET /DEM/CREATIVITA/HERO/2022/TR/12_DICEMBRE/edenred-tr_22-12_DemADV-visualHero.jpg HTTP/1.1
Host: repo.edenred.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 19:56:20 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Tue, 20 Dec 2022 14:20:33 GMT
ETag: "42f0f-5f043238a2e4b"
Accept-Ranges: bytes
Content-Length: 274191
Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 282728bc9b70f4dbf0e831759e5a4bfa
30e3c2da19305f78965d104c3b41f10839c2314a
e5c0ddec6c545b6ae42bba0dd3c39ae126a08f1a8b2217e431a23f326d778f92
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 07 Feb 2023 07:57:04 GMT
Expires: Tue, 14 Feb 2023 07:57:03 GMT
Etag: "30e3c2da19305f78965d104c3b41f10839c2314a"
Cache-Control: max-age=474642,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7966ed96cf13b4ed-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 1c4d1f98df372e464d7a7c3f4185773a
3d047026666dc137381986ac2dde68f6346f6575
17afffef3b1ff40ef673fbd35c5b5f34b672c44180fc120bddfe010a06056dd8
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 12 Feb 2023 19:12:43 GMT
ETag: "3d047026666dc137381986ac2dde68f6346f6575"
Last-Modified: Wed, 08 Feb 2023 19:12:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7966ed970c0db529-OSL
perfomail.it//web/AN5tf.php
65.109.89.174200 OK 288 kB URL HTTP/2 perfomail.it//web/AN5tf.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Size 288 kB (287788 bytes)
Hash 483274837ce2439858e668333201b851
c15d29082bd47b31e2a5e946f1bb93fa67d601bb
16c5500d4cc4f7543ce30262664c729aa4c1c974567f797a8be8f2f60d22892c
GET //web/AN5tf.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash e9722ba8e49b3ceeba51930c5faa7adc
4103e3fe97ef19bd9687ecbc292d5e1619b1a37b
09b7848f2350cf01f0b8e31cc999010151293d2c1d80515e897654e296198f88
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155354
Date: Wed, 08 Feb 2023 19:56:20 GMT
Etag: "63e3af4b-1d7"
Expires: Fri, 10 Feb 2023 15:05:34 GMT
Last-Modified: Wed, 08 Feb 2023 14:18:51 GMT
Server: ECS (dcb/7EA4)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mIhn5Nw4Xf9Ya5XVaYgS-LqIds1DJzG3shWtuoOStv8uG6OwmSp9jQ==
Age: 2803
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 282728bc9b70f4dbf0e831759e5a4bfa
30e3c2da19305f78965d104c3b41f10839c2314a
e5c0ddec6c545b6ae42bba0dd3c39ae126a08f1a8b2217e431a23f326d778f92
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 07 Feb 2023 07:57:04 GMT
Expires: Tue, 14 Feb 2023 07:57:03 GMT
Etag: "30e3c2da19305f78965d104c3b41f10839c2314a"
Cache-Control: max-age=474642,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7966ed96dd510b51-OSL
tracking.perfoagy.com/aff_i?offer_id=1201&aff_id=1001&url_id=6680&file_id=4474
52.210.2.133200 OK 57 B URL HTTP/1.1 tracking.perfoagy.com/aff_i?offer_id=1201&aff_id=1001&url_id=6680&file_id=4474
IP 52.210.2.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 993f651940189abf8792da0d5dbcef54
e73180601abfcaf9bfd8c026503fee5914a777d3
9e3e5c7f1c6ac6733bc013e89d4367cdc7bf6cd329d6e6566be52535e199b4d8
GET /aff_i?offer_id=1201&aff_id=1001&url_id=6680&file_id=4474 HTTP/1.1
Host: tracking.perfoagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://perfomail.it/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:20 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_1201=6680; expires=Thu, 09 Feb 2023 19:56:20 GMT; path=/; SameSite=None; Secure
Tracking_id: 1028bfa65829bb7902758355ec2459
Access-Control-Allow-Origin: *
X-Request-Id: e6abffb7b50a4bc1668d543ac42038b0
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
perfomail.it//web/0hGJ3.php
65.109.89.174200 OK 12 kB URL HTTP/2 perfomail.it//web/0hGJ3.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash 3ad6b20306daa2450018271c83c78b92
ce1770502426cb78ef745afc2eeac8be01c92f02
152805670f1f76a02a15762ae8b6e6d03701977b138934e9b43d4491c45cb2b6
GET //web/0hGJ3.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1480de327e624204ce9067b45c255a0
342910afb35107f01b322b92e7cef9fe164f841f
3e16613be27aaefc0748d60bdac49682d652adaddee64d33b1d300943d8e48b7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E16613BE27AAEFC0748D60BDAC49682D652ADADDEE64D33B1D300943D8E48B7"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18496
Expires: Thu, 09 Feb 2023 01:04:37 GMT
Date: Wed, 08 Feb 2023 19:56:21 GMT
Connection: keep-alive
perfomail.it//web/Jzn41.php
65.109.89.174200 OK 4.6 kB URL HTTP/2 perfomail.it//web/Jzn41.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash 27e2e649e5c7ce15f507c9b2cdcc6b87
588e9c296f1225f7d7fe9452f642ce84fc0a8236
b314fb1d2cf25be55de58b3c6274709b4e3806ffe26b980f89a11d248e06fc26
GET //web/Jzn41.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
repo.edenred.it/DEM/CREATIVITA/LOGOS/TR/ticketRestaurant-color.png
18.196.92.184200 OK 34 kB URL HTTP/1.1 repo.edenred.it/DEM/CREATIVITA/LOGOS/TR/ticketRestaurant-color.png
IP 18.196.92.184:0
File type PNG image data, 1837 x 534, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b1d803ad5cb0a5d6ef36dbb89d1d075
8dccc7116e555483bf6d268ce282fb5390b55d71
86ffdc9abe163dbdc9112e111e41b291c1c950a90da0fa6b8ba62708ab2c17f1
GET /DEM/CREATIVITA/LOGOS/TR/ticketRestaurant-color.png HTTP/1.1
Host: repo.edenred.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 19:56:21 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Wed, 03 Mar 2021 18:00:08 GMT
ETag: "851a-5bca59f12fa00"
Accept-Ranges: bytes
Content-Length: 34074
Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
esclusiva-perte.it/dem/ald-2life-2023/ALD_footer_FB_190x95.jpg
46.16.95.229200 OK 2.1 kB URL HTTP/1.1 esclusiva-perte.it/dem/ald-2life-2023/ALD_footer_FB_190x95.jpg
IP 46.16.95.229:0
ASN #52030 Server Plan S.r.l.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 33x95, components 3\012- data
Hash 5dd17afb3af6a8420496e9c5c4648578
febd7d42c6141de2d4ecec20e41e0c2dce172398
e4501aa57c29db6dbf3c0c731cd51184b86afaaf1673b14b51036b6a457daf5c
GET /dem/ald-2life-2023/ALD_footer_FB_190x95.jpg HTTP/1.1
Host: esclusiva-perte.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 19:56:21 GMT
Server: Apache
Last-Modified: Tue, 31 Jan 2023 09:36:29 GMT
ETag: "eb007-814-5f38c10fc2e39"
Accept-Ranges: bytes
Content-Length: 2068
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
cdn.triboomedia.it/dem/Vodafone_Fixedline/2022/giugno/v1/logo-vodafone-partner.png
185.59.220.199200 OK 12 kB URL HTTP/2 cdn.triboomedia.it/dem/Vodafone_Fixedline/2022/giugno/v1/logo-vodafone-partner.png
IP 185.59.220.199:0
ASN #60068 Datacamp Limited
File type PNG image data, 800 x 232, 8-bit/color RGBA, non-interlaced\012- data
Hash 1e314601c99f176169d7c0d804a461fe
5f4ac88304899ddda48db342238ce4f487dcc206
eb7ca103381ed1e972dae5cfdc98a7ee0405963ea8f69d78d6dbb792b67fef01
GET /dem/Vodafone_Fixedline/2022/giugno/v1/logo-vodafone-partner.png HTTP/1.1
Host: cdn.triboomedia.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: image/png
content-length: 12031
server: BunnyCDN-DE1-722
cdn-pullzone: 113549
cdn-uid: 3d4fb050-dd03-48b3-b835-50a6dd316dc7
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=2592000
last-modified: Wed, 01 Jun 2022 13:33:08 GMT
cdn-storageserver: DE-199
cdn-fileserver: 306
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 11/18/2022 09:29:21
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: acedae5b1b149eae4b834d8e2477e0f9
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.triboomedia.it/dem/Telepass/2023/feb/coppia/apple-30.png
185.59.220.199200 OK 992 B URL HTTP/2 cdn.triboomedia.it/dem/Telepass/2023/feb/coppia/apple-30.png
IP 185.59.220.199:0
ASN #60068 Datacamp Limited
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 7339bbb4fcc2685291ff7ed70facce21
3add8808057f6310881d9802b9b2579909e378b4
b06ea5d8cf068497bfb44d931096b6782841fcbbf3fa05bd635ee28c88c4f07b
GET /dem/Telepass/2023/feb/coppia/apple-30.png HTTP/1.1
Host: cdn.triboomedia.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: image/png
content-length: 992
server: BunnyCDN-DE1-722
cdn-pullzone: 113549
cdn-uid: 3d4fb050-dd03-48b3-b835-50a6dd316dc7
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=2592000
last-modified: Wed, 01 Feb 2023 11:26:26 GMT
cdn-storageserver: DE-168
cdn-fileserver: 542
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 02/01/2023 11:37:36
cdn-edgestorageid: 860
cdn-status: 200
cdn-requestid: c09f83771afbbafb776e5b056becbb71
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.triboomedia.it/dem/Telepass/2023/feb/coppia/telepass-100.png
185.59.220.199200 OK 3.4 kB URL HTTP/2 cdn.triboomedia.it/dem/Telepass/2023/feb/coppia/telepass-100.png
IP 185.59.220.199:0
ASN #60068 Datacamp Limited
File type PNG image data, 200 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash a16441ad8d4f484de1adbe33d75891c0
4e85a255bac8ea27a45e7b791261c8d78d950f44
94687a3711657d1b6d7c0eeceadd1db3db87357057764ca50bdb246976a71ca4
GET /dem/Telepass/2023/feb/coppia/telepass-100.png HTTP/1.1
Host: cdn.triboomedia.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: image/png
content-length: 3404
server: BunnyCDN-DE1-722
cdn-pullzone: 113549
cdn-uid: 3d4fb050-dd03-48b3-b835-50a6dd316dc7
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=2592000
last-modified: Wed, 01 Feb 2023 11:26:26 GMT
cdn-storageserver: DE-164
cdn-fileserver: 549
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 02/01/2023 11:37:36
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: a61fd5206a32a1a94edfe90a170c6e63
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.triboomedia.it/dem/Telepass/2023/feb/coppia/android-30.png
185.59.220.199200 OK 954 B URL HTTP/2 cdn.triboomedia.it/dem/Telepass/2023/feb/coppia/android-30.png
IP 185.59.220.199:0
ASN #60068 Datacamp Limited
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash db996262d41f8d6994dd6a89212b1dd1
5d0000062b307d5ffca021ed1d3f12d74243ed39
a2c04ab69a566c7a2d4b3c6fadcca0334f2d3f2f9a9a52d29679aa2f20879efa
GET /dem/Telepass/2023/feb/coppia/android-30.png HTTP/1.1
Host: cdn.triboomedia.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: image/png
content-length: 954
server: BunnyCDN-DE1-722
cdn-pullzone: 113549
cdn-uid: 3d4fb050-dd03-48b3-b835-50a6dd316dc7
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=2592000
last-modified: Wed, 01 Feb 2023 11:26:26 GMT
cdn-storageserver: DE-165
cdn-fileserver: 551
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 02/01/2023 11:37:36
cdn-edgestorageid: 1075
cdn-status: 200
cdn-requestid: 9e36dbd1ff3bbdecb6d77fb47a8b0896
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
perfomail.it/js/scripts.js
65.109.89.174200 OK 3.8 kB URL HTTP/2 perfomail.it/js/scripts.js
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash 5514dd9b720503c2b4322b2c2e57a946
0fe82ac7f6c4a517ee9302e85228f672353c9579
62dd9434c5d3666e744110737dc7175d0f76ed37497ffe9eddc11c0bfa077422
GET /js/scripts.js HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-3f25"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
perfomail.it/1guneoXo1h/cftc/AXQcFU/NEObcrrhhi/MENZaywUEwE/W0tVcnk/rei4
65.109.89.174200 OK 6.6 kB URL HTTP/2 perfomail.it/1guneoXo1h/cftc/AXQcFU/NEObcrrhhi/MENZaywUEwE/W0tVcnk/rei4
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash cae747a92fcc4885b961a0858cfb35d6
8c13802728afe0b3bcc0e3752e23413f982aec9a
6003a47b7213973daace86fb98bcddd168d5f8b8257790c12423d1435fe3e56f
GET /1guneoXo1h/cftc/AXQcFU/NEObcrrhhi/MENZaywUEwE/W0tVcnk/rei4 HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it//web/IoD2U.php
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
href.li/?https://perfomail.it//web/B7dWs.php
192.0.78.26200 OK 83 kB URL HTTP/2 href.li/?https://perfomail.it//web/B7dWs.php
IP 192.0.78.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a73abb40f265b4577d2ded0a6443a18b
e249692529466ac1fb72d970404368114e40c3b4
a821651365a058f35d3e73326f91157c42c774ffb82c514955bfada6eeed5b20
GET /?https://perfomail.it//web/B7dWs.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/B5UKyugTYCM
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/B5UKyugTYCM
IP 142.250.74.163:0
Hash 157eefd40d9e3af5fc89b0cc2e2a05fd
430f2a9bbc40ea5aa0fcac723bc6126022605913
57de770235e9d5711053d5e5d9a4026f402d011b442f9d9124d82488b828ab6f
POST /s/gts1d4/B5UKyugTYCM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1480de327e624204ce9067b45c255a0
342910afb35107f01b322b92e7cef9fe164f841f
3e16613be27aaefc0748d60bdac49682d652adaddee64d33b1d300943d8e48b7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E16613BE27AAEFC0748D60BDAC49682D652ADADDEE64D33B1D300943D8E48B7"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18496
Expires: Thu, 09 Feb 2023 01:04:37 GMT
Date: Wed, 08 Feb 2023 19:56:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1480de327e624204ce9067b45c255a0
342910afb35107f01b322b92e7cef9fe164f841f
3e16613be27aaefc0748d60bdac49682d652adaddee64d33b1d300943d8e48b7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E16613BE27AAEFC0748D60BDAC49682D652ADADDEE64D33B1D300943D8E48B7"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18496
Expires: Thu, 09 Feb 2023 01:04:37 GMT
Date: Wed, 08 Feb 2023 19:56:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1480de327e624204ce9067b45c255a0
342910afb35107f01b322b92e7cef9fe164f841f
3e16613be27aaefc0748d60bdac49682d652adaddee64d33b1d300943d8e48b7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E16613BE27AAEFC0748D60BDAC49682D652ADADDEE64D33B1D300943D8E48B7"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18496
Expires: Thu, 09 Feb 2023 01:04:37 GMT
Date: Wed, 08 Feb 2023 19:56:21 GMT
Connection: keep-alive
esclusiva-perte.it/dem/ald-2life-2023/1_550x226.png
46.16.95.229200 OK 74 kB URL HTTP/1.1 esclusiva-perte.it/dem/ald-2life-2023/1_550x226.png
IP 46.16.95.229:0
ASN #52030 Server Plan S.r.l.
File type PNG image data, 550 x 226, 8-bit/color RGBA, non-interlaced\012- data
Hash 6e5c77057db0f732968302193fcdbddb
407c1cd1dfb7a699cc34ae1ba5caeccad830e4e2
e5dbb3a51b66cc394217471e0eadb3c9e60d36e919cd3d2752d2e045c41e07f6
GET /dem/ald-2life-2023/1_550x226.png HTTP/1.1
Host: esclusiva-perte.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 19:56:21 GMT
Server: Apache
Last-Modified: Tue, 31 Jan 2023 09:36:29 GMT
ETag: "ea56c-1206a-5f38c10fd66b9"
Accept-Ranges: bytes
Content-Length: 73834
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: image/png
cdn.triboomedia.it/dem/Telepass/2023/feb/coppia/separatore.png
185.59.220.199200 OK 47 kB URL HTTP/2 cdn.triboomedia.it/dem/Telepass/2023/feb/coppia/separatore.png
IP 185.59.220.199:0
ASN #60068 Datacamp Limited
File type PNG image data, 600 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash b74e0d380eb7e00ed24888b4bf3e8f11
36ef6c68e99058eff506ec442ed69653aa90999f
9558aa0ef5a39c2bfd0fbe74ae8fd3a78040b8f2478d1cb438dee1d82a6d8f9a
GET /dem/Telepass/2023/feb/coppia/separatore.png HTTP/1.1
Host: cdn.triboomedia.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: image/png
content-length: 47367
server: BunnyCDN-DE1-722
cdn-pullzone: 113549
cdn-uid: 3d4fb050-dd03-48b3-b835-50a6dd316dc7
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=2592000
last-modified: Wed, 01 Feb 2023 11:26:26 GMT
cdn-storageserver: DE-167
cdn-fileserver: 549
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 02/01/2023 11:37:36
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: d35e64552dec2631f5a473ccee74a456
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d4749a51dd329695e7a07525096f5e31
508690298abdb7381ca8144aea2f36f629420779
b3f1c4d57a89e234b9823e5f789ccc3223fd7b0e7b5cc2322b80e429eff96ee9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1619
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:21 GMT
Last-Modified: Wed, 08 Feb 2023 19:29:22 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
esclusiva-perte.it/dem/ald-2life-2023/visore_550x226.png
46.16.95.229200 OK 188 kB URL HTTP/1.1 esclusiva-perte.it/dem/ald-2life-2023/visore_550x226.png
IP 46.16.95.229:0
ASN #52030 Server Plan S.r.l.
File type PNG image data, 550 x 226, 8-bit/color RGBA, non-interlaced\012- data
Size 188 kB (187819 bytes)
Hash be2eaa4e231759a88ee037eb72e4782e
748b7825ec57805e671872157a6befbc97356c46
17fd250ce68df662bfe27b1885812b574fcf9e18cc036e6d75fdbb4db7a6f0e7
GET /dem/ald-2life-2023/visore_550x226.png HTTP/1.1
Host: esclusiva-perte.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 19:56:21 GMT
Server: Apache
Last-Modified: Tue, 31 Jan 2023 09:36:29 GMT
ETag: "eb447-2ddab-5f38c110029c1"
Accept-Ranges: bytes
Content-Length: 187819
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: image/png
esclusiva-perte.it/dem/ald-2life-2023/2_550x226.png
46.16.95.229200 OK 85 kB URL HTTP/1.1 esclusiva-perte.it/dem/ald-2life-2023/2_550x226.png
IP 46.16.95.229:0
ASN #52030 Server Plan S.r.l.
File type PNG image data, 550 x 226, 8-bit/color RGBA, non-interlaced\012- data
Hash 46bd0403069d120a35198b87593fcace
504a393711d547969d755afc914c271b53cf69c3
bb9e792752464e73ccdbd1ee688aed30102ad227f884b79fa915632e0a0cf5fb
GET /dem/ald-2life-2023/2_550x226.png HTTP/1.1
Host: esclusiva-perte.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 19:56:21 GMT
Server: Apache
Last-Modified: Tue, 31 Jan 2023 09:36:29 GMT
ETag: "ea5b6-14d9c-5f38c10fddfd1"
Accept-Ranges: bytes
Content-Length: 85404
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d4749a51dd329695e7a07525096f5e31
508690298abdb7381ca8144aea2f36f629420779
b3f1c4d57a89e234b9823e5f789ccc3223fd7b0e7b5cc2322b80e429eff96ee9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1619
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:21 GMT
Last-Modified: Wed, 08 Feb 2023 19:29:22 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11001
Expires: Wed, 08 Feb 2023 22:59:42 GMT
Date: Wed, 08 Feb 2023 19:56:21 GMT
Connection: keep-alive
cdn.triboomedia.it/dem/Telepass/2023/feb/coppia/telepass-130.png
185.59.220.199200 OK 19 kB URL HTTP/2 cdn.triboomedia.it/dem/Telepass/2023/feb/coppia/telepass-130.png
IP 185.59.220.199:0
ASN #60068 Datacamp Limited
File type PNG image data, 260 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash fd8339c9525865697ad22d70ffe17e95
ee8898fc38fca00b4305f5df06bc4037a010a2f5
8c8ff71005b85b51b68221f7fa54d77a20f024828c37f2523cf0ad14159c1b7f
GET /dem/Telepass/2023/feb/coppia/telepass-130.png HTTP/1.1
Host: cdn.triboomedia.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: image/png
content-length: 18927
server: BunnyCDN-DE1-722
cdn-pullzone: 113549
cdn-uid: 3d4fb050-dd03-48b3-b835-50a6dd316dc7
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=2592000
last-modified: Wed, 01 Feb 2023 11:26:26 GMT
cdn-storageserver: DE-165
cdn-fileserver: 553
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 02/01/2023 11:37:36
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: 750e8038bcd17e362052396f40338f7e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
esclusiva-perte.it/dem/ald-2life-2023/sevizi_550x162.png
46.16.95.229200 OK 47 kB URL HTTP/1.1 esclusiva-perte.it/dem/ald-2life-2023/sevizi_550x162.png
IP 46.16.95.229:0
ASN #52030 Server Plan S.r.l.
File type PNG image data, 550 x 162, 8-bit/color RGB, non-interlaced\012- data
Hash d26ec1737d5b12c2cb733b2639990648
91b4d23be265f377d4881eb556621f589f0baa74
bce065f4fe54b2808925de42c1cb73a3ccc9a2a89432ae6e56e5d811f08f266c
GET /dem/ald-2life-2023/sevizi_550x162.png HTTP/1.1
Host: esclusiva-perte.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 19:56:21 GMT
Server: Apache
Last-Modified: Tue, 31 Jan 2023 09:36:29 GMT
ETag: "eb444-b620-5f38c10fe9769"
Accept-Ranges: bytes
Content-Length: 46624
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: image/png
esclusiva-perte.it/dem/ald-2life-2023/ALD_footer_IG_190x95.jpg
46.16.95.229200 OK 2.2 kB URL HTTP/1.1 esclusiva-perte.it/dem/ald-2life-2023/ALD_footer_IG_190x95.jpg
IP 46.16.95.229:0
ASN #52030 Server Plan S.r.l.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 33x95, components 3\012- data
Hash e8432fcb2cf2920e5c7585965b728038
1609d77051f3387e477975913252055dd2795fa5
282456bc80c71f9e06062e33b24128de01f07bd1f3271c7a89dfd3870c7251a7
GET /dem/ald-2life-2023/ALD_footer_IG_190x95.jpg HTTP/1.1
Host: esclusiva-perte.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 19:56:21 GMT
Server: Apache
Last-Modified: Tue, 31 Jan 2023 09:36:29 GMT
ETag: "eaa15-8b1-5f38c10fc12e1"
Accept-Ranges: bytes
Content-Length: 2225
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9c2a9eee923b84d4e06438a8b2acaff
520b122e3ce52220af153fee26bb7067283f9075
9ff4236fdcd05210a9c8bb48ea68179e142b1b05c8b19dd66282590dff69fa22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10058
x-amzn-requestid: 94374454-1e89-4c43-895b-0a90f39b851d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O5vEgcoAMFctg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c50a-0bf11cad4b0818c36188ba91;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qYXu_I4vL00EOopA1nQcxCTMKf4nObKFk9XQozhw6FezKsfTDem3Mw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:06:35 GMT
etag: "520b122e3ce52220af153fee26bb7067283f9075"
content-type: image/jpeg
age: 78586
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.triboomedia.it/dem/Telepass/2023/feb/coppia/visore_600.png
185.59.220.199200 OK 483 kB URL HTTP/2 cdn.triboomedia.it/dem/Telepass/2023/feb/coppia/visore_600.png
IP 185.59.220.199:0
ASN #60068 Datacamp Limited
File type PNG image data, 600 x 638, 8-bit/color RGBA, non-interlaced\012- data
Size 483 kB (482570 bytes)
Hash f3852e2bc6d7f31e2ffdbb2e5e72b4ef
0284c11837d0ed5a9bfbc8c22b4bf9b44084cff8
bfbb8de3969892dcf20de784b4176561de6319be3461807b94c8dbbe6b400de0
GET /dem/Telepass/2023/feb/coppia/visore_600.png HTTP/1.1
Host: cdn.triboomedia.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: image/png
content-length: 482570
server: BunnyCDN-DE1-722
cdn-pullzone: 113549
cdn-uid: 3d4fb050-dd03-48b3-b835-50a6dd316dc7
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=2592000
last-modified: Wed, 01 Feb 2023 11:26:25 GMT
cdn-storageserver: DE-200
cdn-fileserver: 550
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 02/01/2023 11:37:36
cdn-edgestorageid: 1078
cdn-status: 200
cdn-requestid: 81374261efbda8735be24853aba6b61e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2bf626b824fefec1ecaceb9243f2e5ec
f222976d76d889a0cd767bfd73075ee114c531ce
3f981850c6e6628245be7f7e26418d8b945dbeaf45e06492d8e2ee9409245195
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12772
x-amzn-requestid: a4603c5c-c842-4a1d-bf09-550f160e1082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7OEz8oAMFbOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-763b7ecf50411a4d13dd8a25;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ECAdRS7as57pL15HxK4Ep0YOho8Kba8RFhMVnXGdJuKYItQHNf2yHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:54:14 GMT
age: 79327
etag: "f222976d76d889a0cd767bfd73075ee114c531ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c65144dcdaf688643761916851b151c0
1419c4eefac8032e8cfaf2d65dd4a57bff5b25a1
974b5a62f2d051b2dd2c609f7bd08a4ef339dab0d31bccaa0f9898893c3ba6b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3379
x-amzn-requestid: 6f8c97bc-c1f9-4681-9544-f2863dc7f782
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f5aSYH47oAMF-ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e070db-4a730cd079f03c8b1cf77997;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 03:15:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Qnk0MflT4eIxNuooDKhm0uauKq1dYj1iG9O_prtNU8c0IoAwODZxig==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 03:28:45 GMT
age: 59256
etag: "1419c4eefac8032e8cfaf2d65dd4a57bff5b25a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11001
Expires: Wed, 08 Feb 2023 22:59:42 GMT
Date: Wed, 08 Feb 2023 19:56:21 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 78f432fe921e092017350936e331ebef
1f7c4959ba3b162644109c32d81d8a008cb670b9
122a7eb164295eee83722d8f88f12e9499a45afcdbdcfa27ac905804ccb276d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1354
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:21 GMT
Etag: "63e31d0f-117"
Last-Modified: Wed, 08 Feb 2023 19:33:47 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d4749a51dd329695e7a07525096f5e31
508690298abdb7381ca8144aea2f36f629420779
b3f1c4d57a89e234b9823e5f789ccc3223fd7b0e7b5cc2322b80e429eff96ee9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4082
Cache-Control: max-age=90008
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:21 GMT
Etag: "63e2ab0b-1d7"
Expires: Thu, 09 Feb 2023 20:56:29 GMT
Last-Modified: Tue, 07 Feb 2023 19:48:27 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
esclusiva-perte.it/dem/ald-2life-2023/3_550x226.png
46.16.95.229200 OK 94 kB URL HTTP/1.1 esclusiva-perte.it/dem/ald-2life-2023/3_550x226.png
IP 46.16.95.229:0
ASN #52030 Server Plan S.r.l.
File type PNG image data, 550 x 226, 8-bit/color RGBA, non-interlaced\012- data
Hash b6f68804a9b1908fea1ba0b1ad255e68
ebd2f264a48e43ee3954a91d6f15b9c3caaf652f
e08140f8f155fccea1612a52a0123de192eea4d56a04d2aa22724e02d3aa75fa
GET /dem/ald-2life-2023/3_550x226.png HTTP/1.1
Host: esclusiva-perte.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 19:56:21 GMT
Server: Apache
Last-Modified: Tue, 31 Jan 2023 09:36:29 GMT
ETag: "ea663-16ded-5f38c10fdef71"
Accept-Ranges: bytes
Content-Length: 93677
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Content-Type: image/png
href.li/?https://perfomail.it//web/atXhI.php
192.0.78.26200 OK 3.6 kB URL HTTP/2 href.li/?https://perfomail.it//web/atXhI.php
IP 192.0.78.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a45c7c528984b13ea778cc8a4028d451
bcca17b4dd10320e47dcc6dcaf301b0b78a4ea20
e5cccccaec77a5d64d5238572131df48af652b4b7caffed2e0099feffc1ca045
GET /?https://perfomail.it//web/atXhI.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4252883-1cf4-4e4a-98fa-fee2d1bd1a6c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4252883-1cf4-4e4a-98fa-fee2d1bd1a6c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 298eca3ae092fd28108db52acaa59545
ee865a4919befec21c73f7a1cf0c2405c34743b7
d490b601b1dc9e89392b902b7b7376815c81019ef53ab06aa27ed563600bb1a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4252883-1cf4-4e4a-98fa-fee2d1bd1a6c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13371
x-amzn-requestid: 2fd56339-7b32-4058-8eea-8565cae3037c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2opoHjGoAMFsMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df54a3-5b0bd42e1e21d7d65ac7c7f1;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 07:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JsUVBJdjaEX5lknubVE44HzNtrl9gAxfQVmj1G6Wm1yaJ8gmmiOJKw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 10:47:25 GMT
age: 32936
etag: "ee865a4919befec21c73f7a1cf0c2405c34743b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn-images.mailchimp.com/awesomebar-sprite.png
54.230.217.92200 OK 1.8 kB URL HTTP/1.1 cdn-images.mailchimp.com/awesomebar-sprite.png
IP 54.230.217.92:0
File type PNG image data, 32 x 360, 8-bit/color RGBA, non-interlaced\012- data
Hash 22313a9b5ebfee32f60cfca56e01ff9f
b7ade64141b739e7a1eed1ea5ee7297522f941fb
e7df3ca83c43e7c1602a5df22ce6f44135e6b06de295fd045b00a4996f745d5e
GET /awesomebar-sprite.png HTTP/1.1
Host: cdn-images.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us20.campaign-archive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1835
Connection: keep-alive
Last-Modified: Fri, 22 Jun 2012 19:56:07 GMT
x-amz-meta-s3fox-filesize: 1835
x-amz-version-id: null
x-amz-meta-s3fox-modifiedtime: 1340394950000
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 08 Feb 2023 01:40:19 GMT
ETag: "22313a9b5ebfee32f60cfca56e01ff9f"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Gn05AzGlGagdR-Mfl-zUJFLTy5zGG5x4Ns1RWUwM5TwRTSuhbB9Ylw==
Age: 65763
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe800d6af728cd622a6192ad5e7dda6a
3a301dd894fc428c7d1863c9d5eaf2652f5c2083
f4923c211ef24e933bbe73bd8d2033d6b6da4a9fa0c9d4699a1041a7bd8bf5a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12216
x-amzn-requestid: cc61a63b-35fe-4bfa-ad20-1db3f4165446
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFrCIAMFoYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-2b5e27c62218510b74ea0989;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Cf13Lp2SFHQ4SSF6_KpC4zx339tZRkMmnmF-OKM_2hbWbIoR3OLJ_g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:50:49 GMT
age: 79532
etag: "3a301dd894fc428c7d1863c9d5eaf2652f5c2083"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
esclusiva-perte.it/dem/ald-2life-2023/Ready-to-Drive_550x160.png
46.16.95.229200 OK 54 kB URL HTTP/1.1 esclusiva-perte.it/dem/ald-2life-2023/Ready-to-Drive_550x160.png
IP 46.16.95.229:0
ASN #52030 Server Plan S.r.l.
File type PNG image data, 550 x 160, 8-bit/color RGBA, non-interlaced\012- data
Hash 81c820cddfa40ce3e63b4df4af4112b3
d8e1efb872f07deee29913a2778ac615d4dbf30c
afc2792737ee89309279ed9121a460c859b58764b30042b649890f3ec55b56fe
GET /dem/ald-2life-2023/Ready-to-Drive_550x160.png HTTP/1.1
Host: esclusiva-perte.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 19:56:21 GMT
Server: Apache
Last-Modified: Tue, 31 Jan 2023 09:36:29 GMT
ETag: "eb441-d22f-5f38c10fe0eb1"
Accept-Ranges: bytes
Content-Length: 53807
Keep-Alive: timeout=1, max=98
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/s/gts1d4/uDIhkgc9W0M
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/uDIhkgc9W0M
IP 142.250.74.163:0
Hash ece2c49f26d36a128c32e876b8820ee6
19326f9316e12fcd11c7ef4d1127dbec8ee24e37
a6752e8aadaa26ecc51c75aea4e7d3f9b2c1033906de0f722e829b97a26b8a67
POST /s/gts1d4/uDIhkgc9W0M HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 18a84ae645223aba0709b5e16c0207f7
0b865e797846520ccc6fff6fb2ee38d8836bd2c0
b1e4868045f074a84e3de1d82ec3ae22f6d2a1a4131b2a40bcce7f3f5375aff7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9760
x-amzn-requestid: d5d8fdde-048f-4705-9fa4-99fd7d29d804
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f582DETSIAMFmEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a826-52a3b175584df1914260c8ae;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wUaruDuqNDIlR6CWz9G7DAofcvS7UNmtPM7C2ve-RRbp57J43rWPxQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 07:27:43 GMT
age: 44918
etag: "0b865e797846520ccc6fff6fb2ee38d8836bd2c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
perfomail.it//web/7gTzN.php
65.109.89.174200 OK 32 kB URL HTTP/2 perfomail.it//web/7gTzN.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash dbb42d88ad2e977f38f23f8644047424
da82ad235ba2a3b783d81a88be52f66f77efc54c
6e73fd609e1ec24bd272647841f6ee52e4f297986dc1980dc5ea6670ea9759a1
GET //web/7gTzN.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
perfomail.it//web/M5XSa.php
65.109.89.174200 OK 69 kB URL HTTP/2 perfomail.it//web/M5XSa.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash defd6a117fae6be06e01178f20d0e2b3
0685fa3ca91e05a01ee24e85cc1e46365df5041a
40806aa4e598214390364f9f9ada1305daa8ec64c9aa385077e88f7455c80ef0
GET //web/M5XSa.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
perfomail.it//web/qWwDm.php
65.109.89.174200 OK 8.9 kB URL HTTP/2 perfomail.it//web/qWwDm.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash 7609d174be4ff2b9b8c10118023c0e63
c243d28e44b4d929e36aa126f40ee477a98b7f97
c59954401af049e12152fceea658a6f28f0df4febe6b77a9fe02cf9252c907ad
GET //web/qWwDm.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
perfomail.it//web/MzDsx.php
65.109.89.174200 OK 6.5 kB URL HTTP/2 perfomail.it//web/MzDsx.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash 71c7602dddb4adeb27cd0c3348d39b9c
7867499c9ea7e18e60db8f9d1b0411de1b99fa75
c87cc718572362748c0d3e56668dd107d077bf1ecd1b0c25df97010df19ebe94
GET //web/MzDsx.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
perfomail.it//web/wuPei.php
65.109.89.174200 OK 8.4 kB URL HTTP/2 perfomail.it//web/wuPei.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Hash 7c83d2615c9e6cd702fb1a98a910e71a
8fb8d277ffb2196ce4245f5f0313b0645276c803
eee1c046d154969d7e6c0a2a8e3e1f04e18d0b49c0f1aebd94672ef7ceabfdc0
GET //web/wuPei.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perfomail.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 08 Feb 2023 19:44:05 GMT
expires: Wed, 08 Feb 2023 21:44:05 GMT
cache-control: public, max-age=7200
age: 736
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash c471b21d134490ae24442cdb78208a9d
bfa9c84e2ee28ac6fdc9d505fd00439d8792043b
d1b607c65d35a568c2b04ae86635d85bb84912cfe78f6e2915e325d659259b08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash f30ebb7855430e77d7f7e78185824905
f833d3fbb268c2d0b289b8af527a13ea6ab3535d
ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track.adform.net/adfserve/?bn=61468253;1x1inv=1;srctype=3;ord=[timestamp]
37.157.3.20302 Found 679 B URL HTTP/2 track.adform.net/adfserve/?bn=61468253;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.3.20:0
Hash 88b708ef6b425d0f6a3893969d78f028
fca12295892a02f1ffe4dfaab3abf65145fdaac8
16db78e2c9224c6516477f08820d00763bef82d9d4897f1ed68d6c6a5ce97581
GET /adfserve/?bn=61468253;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=61468253;1x1inv=1;srctype=3;ord=[timestamp]
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Mar-2023 19:56:21 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ad.doubleclick.net/ddm/trackimp/N526601.1116336GROUPMPLUS-LIGHTR/B29039499.355132054;dc_trk_aid=545952491;dc_trk_cid=81266811;site=Xaxis;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
216.58.207.230200 OK 42 B URL HTTP/2 ad.doubleclick.net/ddm/trackimp/N526601.1116336GROUPMPLUS-LIGHTR/B29039499.355132054;dc_trk_aid=545952491;dc_trk_cid=81266811;site=Xaxis;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
IP 216.58.207.230:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/trackimp/N526601.1116336GROUPMPLUS-LIGHTR/B29039499.355132054;dc_trk_aid=545952491;dc_trk_cid=81266811;site=Xaxis;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=? HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perfomail.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 19:56:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 08-Feb-2023 20:11:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad.doubleclick.net/ddm/trackimp/N1476871.2465109OMG_REFINEDIRECT/B29155098.355730048;dc_trk_aid=546858096;dc_trk_cid=184435859;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
216.58.207.230200 OK 42 B URL HTTP/2 ad.doubleclick.net/ddm/trackimp/N1476871.2465109OMG_REFINEDIRECT/B29155098.355730048;dc_trk_aid=546858096;dc_trk_cid=184435859;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
IP 216.58.207.230:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/trackimp/N1476871.2465109OMG_REFINEDIRECT/B29155098.355730048;dc_trk_aid=546858096;dc_trk_cid=184435859;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=? HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 19:56:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 08-Feb-2023 20:11:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60475920;1x1inv=1;srctype=3;ord=[timestamp]
37.157.3.20200 OK 39 B URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60475920;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.3.20:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash cb5aa45fea457183287f28dc02e3574f
93aba85fea48037e30a6d3a38e7994f1194e6bca
c60c1e3f3da5a043d330bd6fca23387ddf30893c7a3b4fdf6c1e0d954fe91d91
GET /adfserve/?CC=1&bn=60475920;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perfomail.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=43428256&t=pageview&_s=1&dl=https%3A%2F%2Fperfomail.it%2F%2Fweb%2FatXhI.php&dh=.campaign-archive.com&ul=en-us&de=UTF-8&dt=Le%20tue%20news%20settimanali%20da%20Offertometro&sd=24-bit&sr=1280x1024&vp=&je=0&_u=QACAAAABAAAAAC~&jid=&gjid=&cid=1321085455.1675886237&tid=UA-329148-88&_gid=981210200.1675886237&_slc=1&z=944340171
142.250.74.110200 OK 3 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=43428256&t=pageview&_s=1&dl=https%3A%2F%2Fperfomail.it%2F%2Fweb%2FatXhI.php&dh=.campaign-archive.com&ul=en-us&de=UTF-8&dt=Le%20tue%20news%20settimanali%20da%20Offertometro&sd=24-bit&sr=1280x1024&vp=&je=0&_u=QACAAAABAAAAAC~&jid=&gjid=&cid=1321085455.1675886237&tid=UA-329148-88&_gid=981210200.1675886237&_slc=1&z=944340171
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash dec002daa3f9abe33f5ab1a61ba58e91
b286614a767c86a75059fb1d4557be706e7c3812
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
POST /j/collect?v=1&_v=j99&a=43428256&t=pageview&_s=1&dl=https%3A%2F%2Fperfomail.it%2F%2Fweb%2FatXhI.php&dh=.campaign-archive.com&ul=en-us&de=UTF-8&dt=Le%20tue%20news%20settimanali%20da%20Offertometro&sd=24-bit&sr=1280x1024&vp=&je=0&_u=QACAAAABAAAAAC~&jid=&gjid=&cid=1321085455.1675886237&tid=UA-329148-88&_gid=981210200.1675886237&_slc=1&z=944340171 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perfomail.it/
Content-Type: text/plain
Content-Length: 0
Origin: https://perfomail.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://perfomail.it
date: Wed, 08 Feb 2023 19:56:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
track.perfoss.com/v2/open/73r2mvl0jwd225i7jb6/%7Bemail%7D
192.46.236.54200 OK 43 B URL HTTP/2 track.perfoss.com/v2/open/73r2mvl0jwd225i7jb6/%7Bemail%7D
IP 192.46.236.54:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /v2/open/73r2mvl0jwd225i7jb6/%7Bemail%7D HTTP/1.1
Host: track.perfoss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 08 Feb 2023 19:56:20 GMT
content-type: image/gif
content-length: 43
x-powered-by: PHP/7.4.28
set-cookie: op[73r2mvl0jwd225i7jb6]=1; expires=Fri, 10-Mar-2023 19:56:21 GMT; Max-Age=2592000; path=/; secure; SameSite=None
cache-control: max-age=10
x-robots-tag: noindex
x-served-by: track.perfoss.com
X-Firefox-Spdy: h2
track.adform.net/adfserve/?bn=61185011;1x1inv=1;srctype=3;ord=[timestamp]
37.157.3.20302 Found 245 B URL HTTP/2 track.adform.net/adfserve/?bn=61185011;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.3.20:0
Hash 8980c218b99ce86f0991987d37ad343b
cdf29481db1dc7969522ec47773edf8eb78d2772
e498856a39a4b5a98cf601820588c90c51d75e0ad81c56665a6f69e8aec42f71
GET /adfserve/?bn=61185011;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=61185011;1x1inv=1;srctype=3;ord=[timestamp]
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Mar-2023 19:56:21 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash f30ebb7855430e77d7f7e78185824905
f833d3fbb268c2d0b289b8af527a13ea6ab3535d
ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
perfomail.it/js/fontawesome-all.min.js
65.109.89.174200 OK 431 kB URL HTTP/2 perfomail.it/js/fontawesome-all.min.js
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
Size 431 kB (431175 bytes)
Hash 09dd31ce8cf2b59044b91eaaf6cb9f86
9bcc3a5dd8af3ad99726ba541d45db09b377b591
ea059e9c62b6931eb379a8a247c5daf680c3198ed3d1ead49f1f5e05230cb628
GET /js/fontawesome-all.min.js HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-117579"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/uDIhkgc9W0M
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/uDIhkgc9W0M
IP 142.250.74.163:0
Hash ece2c49f26d36a128c32e876b8820ee6
19326f9316e12fcd11c7ef4d1127dbec8ee24e37
a6752e8aadaa26ecc51c75aea4e7d3f9b2c1033906de0f722e829b97a26b8a67
POST /s/gts1d4/uDIhkgc9W0M HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track.adform.net/adfserve/?bn=61260313;1x1inv=1;srctype=3;ord=[timestamp]
37.157.3.20302 Found 678 B URL HTTP/2 track.adform.net/adfserve/?bn=61260313;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.3.20:0
Hash 13a7e4bc39165677b8c37296d3405c3c
444a65c1e118592f9fd4d63e4a11cc77a2058e02
e530eb6d5854fa3872be0eb07f71235ac5737316ea483b6aab073df36ab84874
GET /adfserve/?bn=61260313;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=61260313;1x1inv=1;srctype=3;ord=[timestamp]
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Mar-2023 19:56:21 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-329148-88&cid=1321085455.1675886237&jid=1782009649&gjid=885432177&_gid=981210200.1675886237&_u=YEBAAAAAAAAAAC~&z=1937304170
64.233.164.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-329148-88&cid=1321085455.1675886237&jid=1782009649&gjid=885432177&_gid=981210200.1675886237&_u=YEBAAAAAAAAAAC~&z=1937304170
IP 64.233.164.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-329148-88&cid=1321085455.1675886237&jid=1782009649&gjid=885432177&_gid=981210200.1675886237&_u=YEBAAAAAAAAAAC~&z=1937304170 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perfomail.it/
Content-Type: text/plain
Content-Length: 0
Origin: https://perfomail.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://perfomail.it
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Feb 2023 19:56:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 7ec32dff957003dae195c36ca9e3bd6c
6761a20819b0d5a48216d74782e3ea752af7257a
953a3a2d35250df7b506b42f7d1d8813301dd1f9f9bcc30d2d100bd0788e4c76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 2ccbef7dcf1b1d32956833f5127c1ad5
af220576c82f064130ee7bfa3ea966d033e51707
f6eceec81f5b6deb7005fa9f3855ecb54e4bd6b3159c705decf0921e3a49067d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track.adform.net/adfserve/?CC=1&bn=61468253;1x1inv=1;srctype=3;ord=[timestamp]
37.157.3.20200 OK 541 B URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=61468253;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.3.20:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 79dc482f315806329b3ec06d51dfd8c4
e254d2dd00b7aeca12c9cd10285425c81c67c9b2
55adab2d0c5dcbf0f90c94543312950d7af5abba6b77419ea29f75cd475d61a7
GET /adfserve/?CC=1&bn=61468253;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perfomail.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-329148-88&cid=1321085455.1675886237&jid=1782009649&_u=YEBAAAAAAAAAAC~&z=98727409
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-329148-88&cid=1321085455.1675886237&jid=1782009649&_u=YEBAAAAAAAAAAC~&z=98727409
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-329148-88&cid=1321085455.1675886237&jid=1782009649&_u=YEBAAAAAAAAAAC~&z=98727409 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perfomail.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 19:56:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-329148-88&cid=1321085455.1675886237&jid=1782009649&_u=YEBAAAAAAAAAAC~&z=98727409
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-329148-88&cid=1321085455.1675886237&jid=1782009649&_u=YEBAAAAAAAAAAC~&z=98727409
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-329148-88&cid=1321085455.1675886237&jid=1782009649&_u=YEBAAAAAAAAAAC~&z=98727409 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perfomail.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 19:56:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:56:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ketchupadv.it/news/2023-02/telepassoburosso_coppia_20230201/images/android-30.png
104.21.39.114200 OK 954 B URL HTTP/2 www.ketchupadv.it/news/2023-02/telepassoburosso_coppia_20230201/images/android-30.png
IP 104.21.39.114:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash db996262d41f8d6994dd6a89212b1dd1
5d0000062b307d5ffca021ed1d3f12d74243ed39
a2c04ab69a566c7a2d4b3c6fadcca0334f2d3f2f9a9a52d29679aa2f20879efa
GET /news/2023-02/telepassoburosso_coppia_20230201/images/android-30.png HTTP/1.1
Host: www.ketchupadv.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: image/png
content-length: 954
last-modified: Wed, 01 Feb 2023 10:58:10 GMT
etag: "3ba-5f3a152eb7480"
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rgHWIGtsbzw4JJsfYys%2Fhs7YPzYNQLzBAEe9wAX7ZZqUy7RpA02SUxfhqpCHFzXiPwT6dDESsAz2RdSCuK4Mer8pB%2BJh1xLfdmY3QJqBk%2BXu%2BgN6O%2Bt%2FE3SCrEAzGtjprtLIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7966ed943f990afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
performagency.it/upload/newsletter/Toyota/ToyotaFebbraio_Crea_Gamma/600x600.jpg.
178.62.120.218301 Moved Permanently 0 B URL HTTP/1.1 performagency.it/upload/newsletter/Toyota/ToyotaFebbraio_Crea_Gamma/600x600.jpg.
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /upload/newsletter/Toyota/ToyotaFebbraio_Crea_Gamma/600x600.jpg. HTTP/1.1
Host: performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://perfomail.it/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 08 Feb 2023 19:56:22 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://www.performagency.it/upload/newsletter/Toyota/ToyotaFebbraio_Crea_Gamma/600x600.jpg
www.performagency.it/upload/newsletter/Toyota/ToyotaFebbraio_Crea_Gamma/600x600.jpg
178.62.120.218200 OK 169 kB URL HTTP/1.1 www.performagency.it/upload/newsletter/Toyota/ToyotaFebbraio_Crea_Gamma/600x600.jpg
IP 178.62.120.218:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 600x600, components 3\012- data
Size 169 kB (168772 bytes)
Hash cbaaaf1be514986f8f2ef2eabdd829c4
a3c2d6aba999f5c38988481a5a8d3e7dfaaf9a2a
e0aec846bae4c84b40890f461fbce9db1fd27941c14b6a1831ea9f5a9c8d1b44
GET /upload/newsletter/Toyota/ToyotaFebbraio_Crea_Gamma/600x600.jpg HTTP/1.1
Host: www.performagency.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://perfomail.it/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 19:56:22 GMT
Content-Type: image/jpeg
Content-Length: 168772
Last-Modified: Fri, 03 Feb 2023 09:34:39 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63dcd52f-29344"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
perfomail.it/js/vendor/jquery-1.11.2.min.js
65.109.89.174200 OK 0 B URL HTTP/2 perfomail.it/js/vendor/jquery-1.11.2.min.js
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
GET /js/vendor/jquery-1.11.2.min.js HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-176bb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
href.li/?https://perfomail.it//web/Jzn41.php
192.0.78.26200 OK 0 B URL HTTP/2 href.li/?https://perfomail.it//web/Jzn41.php
IP 192.0.78.26:0
GET /?https://perfomail.it//web/Jzn41.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
perfomail.it//web/G5xjq.php
65.109.89.174200 OK 0 B URL HTTP/2 perfomail.it//web/G5xjq.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
GET //web/G5xjq.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
href.li/?https://perfomail.it//web/wuPei.php
192.0.78.26200 OK 0 B URL HTTP/2 href.li/?https://perfomail.it//web/wuPei.php
IP 192.0.78.26:0
GET /?https://perfomail.it//web/wuPei.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
perfomail.it/js/bootstrap-multiselect.js
65.109.89.174200 OK 0 B URL HTTP/2 perfomail.it/js/bootstrap-multiselect.js
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
GET /js/bootstrap-multiselect.js HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-fd12"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
perfomail.it/css/bootstrap-switch.min.css
65.109.89.174200 OK 0 B URL HTTP/2 perfomail.it/css/bootstrap-switch.min.css
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
GET /css/bootstrap-switch.min.css HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: text/css
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-186f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
perfomail.it/js/vendor/bootstrap.min.js
65.109.89.174200 OK 0 B URL HTTP/2 perfomail.it/js/vendor/bootstrap.min.js
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
GET /js/vendor/bootstrap.min.js HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-8b11"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=61451834;1x1inv=1;srctype=3;ord=[timestamp]
37.157.3.20200 OK 0 B URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=61451834;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.3.20:0
GET /adfserve/?CC=1&bn=61451834;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perfomail.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
href.li/?https://perfomail.it//web/4S7yK.php
192.0.78.26200 OK 0 B URL HTTP/2 href.li/?https://perfomail.it//web/4S7yK.php
IP 192.0.78.26:0
GET /?https://perfomail.it//web/4S7yK.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
perfomail.it//web/GtzP9.php
65.109.89.174200 OK 0 B URL HTTP/2 perfomail.it//web/GtzP9.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
GET //web/GtzP9.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
href.li/?https://perfomail.it//web/M5XSa.php
192.0.78.26200 OK 0 B URL HTTP/2 href.li/?https://perfomail.it//web/M5XSa.php
IP 192.0.78.26:0
GET /?https://perfomail.it//web/M5XSa.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
href.li/?https://perfomail.it//web/leo4d.php
192.0.78.26200 OK 0 B URL HTTP/2 href.li/?https://perfomail.it//web/leo4d.php
IP 192.0.78.26:0
GET /?https://perfomail.it//web/leo4d.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
perfomail.it//favicon.ico
65.109.89.174200 OK 0 B URL HTTP/2 perfomail.it//favicon.ico
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
GET //favicon.ico HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: image/x-icon
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-5a596"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
perfomail.it/plugins/linkifyjs/linkify.min.js
65.109.89.174200 OK 0 B URL HTTP/2 perfomail.it/plugins/linkifyjs/linkify.min.js
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
GET /plugins/linkifyjs/linkify.min.js HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-3b5f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
track.adform.net/adfserve/?bn=61260312;1x1inv=1;srctype=3;ord=[timestamp]
37.157.3.20302 Found 0 B URL HTTP/2 track.adform.net/adfserve/?bn=61260312;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.3.20:0
GET /adfserve/?bn=61260312;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=61260312;1x1inv=1;srctype=3;ord=[timestamp]
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Mar-2023 19:56:21 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
perfomail.it/css/red.css
65.109.89.174200 OK 0 B IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
GET /css/red.css HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: text/css
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-225"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
perfomail.it/css/select2.min.css
65.109.89.174200 OK 0 B URL HTTP/2 perfomail.it/css/select2.min.css
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
GET /css/select2.min.css HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: text/css
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-3b5c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
href.li/?https://perfomail.it//web/DFPTC.php
192.0.78.26200 OK 0 B URL HTTP/2 href.li/?https://perfomail.it//web/DFPTC.php
IP 192.0.78.26:0
GET /?https://perfomail.it//web/DFPTC.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
href.li/?https://perfomail.it//web/qWwDm.php
192.0.78.26200 OK 0 B URL HTTP/2 href.li/?https://perfomail.it//web/qWwDm.php
IP 192.0.78.26:0
GET /?https://perfomail.it//web/qWwDm.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
track.adform.net/adfserve/?bn=60475920;1x1inv=1;srctype=3;ord=[timestamp]
37.157.3.20302 Found 0 B URL HTTP/2 track.adform.net/adfserve/?bn=60475920;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.3.20:0
GET /adfserve/?bn=60475920;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=60475920;1x1inv=1;srctype=3;ord=[timestamp]
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Mar-2023 19:56:21 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
perfomail.it/css/main.css
65.109.89.174200 OK 0 B URL HTTP/2 perfomail.it/css/main.css
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
GET /css/main.css HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: text/css
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-e67"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
perfomail.it/js/vendor/modernizr-2.8.3-respond-1.4.2.min.js
65.109.89.174200 OK 0 B URL HTTP/2 perfomail.it/js/vendor/modernizr-2.8.3-respond-1.4.2.min.js
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
GET /js/vendor/modernizr-2.8.3-respond-1.4.2.min.js HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-4e8a"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
track.adform.net/adfserve/?bn=61264759;1x1inv=1;srctype=3;ord=[timestamp]
37.157.3.20302 Found 0 B URL HTTP/2 track.adform.net/adfserve/?bn=61264759;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.3.20:0
GET /adfserve/?bn=61264759;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=61264759;1x1inv=1;srctype=3;ord=[timestamp]
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Mar-2023 19:56:21 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=61260313;1x1inv=1;srctype=3;ord=[timestamp]
37.157.3.20200 OK 0 B URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=61260313;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.3.20:0
GET /adfserve/?CC=1&bn=61260313;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perfomail.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
href.li/?https://perfomail.it//web/MzDsx.php
192.0.78.26200 OK 0 B URL HTTP/2 href.li/?https://perfomail.it//web/MzDsx.php
IP 192.0.78.26:0
GET /?https://perfomail.it//web/MzDsx.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
perfomail.it/js/bootstrap-switch.min.js
65.109.89.174200 OK 0 B URL HTTP/2 perfomail.it/js/bootstrap-switch.min.js
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
GET /js/bootstrap-switch.min.js HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-3d6c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
track.adform.net/adfserve/?bn=61360644;1x1inv=1;srctype=3;ord=[timestamp]
37.157.3.20302 Found 0 B URL HTTP/2 track.adform.net/adfserve/?bn=61360644;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.3.20:0
GET /adfserve/?bn=61360644;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perfomail.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=61360644;1x1inv=1;srctype=3;ord=[timestamp]
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Mar-2023 19:56:21 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
href.li/?https://perfomail.it//web/AN5tf.php
192.0.78.26200 OK 0 B URL HTTP/2 href.li/?https://perfomail.it//web/AN5tf.php
IP 192.0.78.26:0
GET /?https://perfomail.it//web/AN5tf.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
track.adform.net/adfserve/?bn=61451834;1x1inv=1;srctype=3;ord=[timestamp]
37.157.3.20302 Found 0 B URL HTTP/2 track.adform.net/adfserve/?bn=61451834;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.3.20:0
GET /adfserve/?bn=61451834;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=61451834;1x1inv=1;srctype=3;ord=[timestamp]
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Mar-2023 19:56:21 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
perfomail.it/css/font-awesome.min.css
65.109.89.174200 OK 0 B URL HTTP/2 perfomail.it/css/font-awesome.min.css
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
GET /css/font-awesome.min.css HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: text/css
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-d9c9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
href.li/?https://perfomail.it//web/7gTzN.php
192.0.78.26200 OK 0 B URL HTTP/2 href.li/?https://perfomail.it//web/7gTzN.php
IP 192.0.78.26:0
GET /?https://perfomail.it//web/7gTzN.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=61260312;1x1inv=1;srctype=3;ord=[timestamp]
37.157.3.20200 OK 0 B URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=61260312;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.3.20:0
GET /adfserve/?CC=1&bn=61260312;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perfomail.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?bn=61312422;1x1inv=1;srctype=3;ord=[timestamp]
37.157.3.20302 Found 0 B URL HTTP/2 track.adform.net/adfserve/?bn=61312422;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.3.20:0
GET /adfserve/?bn=61312422;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=61312422;1x1inv=1;srctype=3;ord=[timestamp]
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Mar-2023 19:56:21 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=61360644;1x1inv=1;srctype=3;ord=[timestamp]
37.157.3.20200 OK 0 B URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=61360644;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.3.20:0
GET /adfserve/?CC=1&bn=61360644;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perfomail.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
perfomail.it/cmpgi.php
65.109.89.174200 OK 0 B IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
GET /cmpgi.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
track.adform.net/adfserve/?bn=61360536;1x1inv=1;srctype=3;ord=[timestamp]
37.157.3.20302 Found 0 B URL HTTP/2 track.adform.net/adfserve/?bn=61360536;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.3.20:0
GET /adfserve/?bn=61360536;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perfomail.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=61360536;1x1inv=1;srctype=3;ord=[timestamp]
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Mar-2023 19:56:21 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
perfomail.it/js/jquery.noreferrer.js
65.109.89.174200 OK 0 B URL HTTP/2 perfomail.it/js/jquery.noreferrer.js
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
GET /js/jquery.noreferrer.js HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=i0vlnkhkfsb4n2v8eaft76vn1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 21 Dec 2022 12:16:39 GMT
vary: Accept-Encoding
etag: W/"63a2f927-502"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
track.adform.net/adfserve/?bn=61260687;1x1inv=1;srctype=3;ord=[timestamp]
37.157.3.20302 Found 0 B URL HTTP/2 track.adform.net/adfserve/?bn=61260687;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.3.20:0
GET /adfserve/?bn=61260687;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=61260687;1x1inv=1;srctype=3;ord=[timestamp]
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Mar-2023 19:56:21 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
href.li/?https://perfomail.it//web/G5xjq.php
192.0.78.26200 OK 0 B URL HTTP/2 href.li/?https://perfomail.it//web/G5xjq.php
IP 192.0.78.26:0
GET /?https://perfomail.it//web/G5xjq.php HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
perfomail.it//web/b9YcQ.php
65.109.89.174200 OK 0 B URL HTTP/2 perfomail.it//web/b9YcQ.php
IP 65.109.89.174:0
ASN #24940 Hetzner Online GmbH
GET //web/b9YcQ.php HTTP/1.1
Host: perfomail.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:56:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
track.adform.net/adfserve/?bn=61470010;1x1inv=1;srctype=3;ord=[timestamp]
37.157.3.20302 Found 0 B URL HTTP/2 track.adform.net/adfserve/?bn=61470010;1x1inv=1;srctype=3;ord=[timestamp]
IP 37.157.3.20:0
GET /adfserve/?bn=61470010;1x1inv=1;srctype=3;ord=[timestamp] HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://perfomail.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 19:56:21 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=61470010;1x1inv=1;srctype=3;ord=[timestamp]
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Mar-2023 19:56:21 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2