promo.car.to.it Open in urlscan Pro
95.110.140.142  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set 40 Show response promo.car.to.it/external/page/	111 KB 80 KB	153ms 69ms	Document text/html	95.110.140.142 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://promo.car.to.it/external/page/40?coupon=YELLOW Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 95.110.140.142 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS host142-140-110-95.serverdedicati.aruba.it Software Apache/2.4.29 (Ubuntu) / Resource Hash 0c413213ae9e38dc5e401fda8b4851ade77a4a93c58c8a473002088055ca1dfd Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Host promo.car.to.it Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 17 Jun 2021 01:01:29 GMT Server Apache/2.4.29 (Ubuntu) Cache-Control no-cache, private Set-Cookie XSRF-TOKEN=eyJpdiI6IklRWU03Y1p3Mjh4ek9VWmJERUVmNXc9PSIsInZhbHVlIjoiRDdSY05EOTU4MXFCcUdkY0VHYWRhWUxUWlBGYXlXcUdrQWd2NHZTa2pYUGJjVmU3MEphZ09TYndmVkk0ZVJROUFjVDl1NERHRGI1NkhzSU9wQUZuMFE9PSIsIm1hYyI6IjkyZGVhYzY5ZWM2ZjVkZmJhYjNkMDZhMWUxZDA4NmUxNGM5YTQyYTIzOTVlYTEyODEyNGNiZjA0YmUxNDM0OTIifQ%3D%3D; expires=Thu, 17-Jun-2021 03:01:29 GMT; Max-Age=7200; path=/ telma_session=eyJpdiI6Im83WmJKUkRXa3FEeldhVlwvU1hyQUZnPT0iLCJ2YWx1ZSI6IjBkdjZ0XC9KQXI5XC9raGN2RWZIM1ZhYnlrdW1kVHd4STB6WWVPS08zZ2tPSHlET1pyWEMyR1dKMEV1QkFsVlFhZVwvSmoxOGFTdHpudHJMUytvUE13M1FBPT0iLCJtYWMiOiJlZTEwNjFiYjU3YjE3NGZiMDA3OTNmNGUwZWFlMTFjNjI4MTdlODZmYjc3NTY1MmYyNjcyZjdjYmUyMGIzMjhlIn0%3D; expires=Thu, 17-Jun-2021 03:01:29 GMT; Max-Age=7200; path=/; httponly Content-Security-Policy upgrade-insecure-requests Vary Accept-Encoding Content-Encoding gzip Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/	138 KB 19 KB	38ms 18ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css Requested by Host: promo.car.to.it URL: https://promo.car.to.it/external/page/40?coupon=YELLOW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://promo.car.to.it Referer https://promo.car.to.it/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 17 Jun 2021 01:01:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 601, 617, 617 age 4136 cdn-cachedat 2021-06-08 11:53:48 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0ab915d80000001f351e9e0000000001 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:06 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 50030c32e219db5960ea30500ab1603b cf-ray 660858d3392f1f35-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H2	200	all.css use.fontawesome.com/releases/v5.6.3/css/	52 KB 13 KB	61ms 19ms	Stylesheet text/css	23.111.9.35 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.6.3/css/all.css Requested by Host: promo.car.to.it URL: https://promo.car.to.it/external/page/40?coupon=YELLOW Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a Request headers Origin https://promo.car.to.it Referer https://promo.car.to.it/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 17 Jun 2021 01:01:29 GMT content-encoding gzip last-modified Thu, 20 Dec 2018 17:45:13 GMT server NetDNA-cache/2.2 etag W/"dc93d584e41f8417f6b7163320d34329" vary Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type text/css access-control-allow-origin * access-control-max-age 3000 cache-control max-age=31556926 x-cache HIT
GET H/1.1	200 OK	content.css promo.car.to.it/ContentBuilder/assets/minimalist-basic/	32 KB 6 KB	86ms 39ms	Stylesheet text/css	95.110.140.142 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://promo.car.to.it/ContentBuilder/assets/minimalist-basic/content.css Requested by Host: promo.car.to.it URL: https://promo.car.to.it/external/page/40?coupon=YELLOW Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 95.110.140.142 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS host142-140-110-95.serverdedicati.aruba.it Software Apache/2.4.29 (Ubuntu) / Resource Hash 11f247ac3374542b05dda93ce9dce0085e5153336c8488be29ce729541158c25 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host promo.car.to.it Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://promo.car.to.it/external/page/40?coupon=YELLOW Cookie XSRF-TOKEN=eyJpdiI6IklRWU03Y1p3Mjh4ek9VWmJERUVmNXc9PSIsInZhbHVlIjoiRDdSY05EOTU4MXFCcUdkY0VHYWRhWUxUWlBGYXlXcUdrQWd2NHZTa2pYUGJjVmU3MEphZ09TYndmVkk0ZVJROUFjVDl1NERHRGI1NkhzSU9wQUZuMFE9PSIsIm1hYyI6IjkyZGVhYzY5ZWM2ZjVkZmJhYjNkMDZhMWUxZDA4NmUxNGM5YTQyYTIzOTVlYTEyODEyNGNiZjA0YmUxNDM0OTIifQ%3D%3D; telma_session=eyJpdiI6Im83WmJKUkRXa3FEeldhVlwvU1hyQUZnPT0iLCJ2YWx1ZSI6IjBkdjZ0XC9KQXI5XC9raGN2RWZIM1ZhYnlrdW1kVHd4STB6WWVPS08zZ2tPSHlET1pyWEMyR1dKMEV1QkFsVlFhZVwvSmoxOGFTdHpudHJMUytvUE13M1FBPT0iLCJtYWMiOiJlZTEwNjFiYjU3YjE3NGZiMDA3OTNmNGUwZWFlMTFjNjI4MTdlODZmYjc3NTY1MmYyNjcyZjdjYmUyMGIzMjhlIn0%3D Connection keep-alive Referer https://promo.car.to.it/external/page/40?coupon=YELLOW User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 17 Jun 2021 01:01:29 GMT Content-Encoding gzip Last-Modified Thu, 23 Apr 2020 10:05:56 GMT Server Apache/2.4.29 (Ubuntu) ETag "7ed5-5a3f265141896-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000, public Content-Security-Policy upgrade-insecure-requests Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 5518
GET H/1.1	200 OK	contentbuilder.css promo.car.to.it/ContentBuilder/contentbuilder/	31 KB 7 KB	115ms 39ms	Stylesheet text/css	95.110.140.142 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://promo.car.to.it/ContentBuilder/contentbuilder/contentbuilder.css Requested by Host: promo.car.to.it URL: https://promo.car.to.it/external/page/40?coupon=YELLOW Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 95.110.140.142 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS host142-140-110-95.serverdedicati.aruba.it Software Apache/2.4.29 (Ubuntu) / Resource Hash 24e51c3637242659666657cb01ada8cca3d82b089e98c80d6a9e9bc9fe148460 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host promo.car.to.it Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://promo.car.to.it/external/page/40?coupon=YELLOW Cookie XSRF-TOKEN=eyJpdiI6IklRWU03Y1p3Mjh4ek9VWmJERUVmNXc9PSIsInZhbHVlIjoiRDdSY05EOTU4MXFCcUdkY0VHYWRhWUxUWlBGYXlXcUdrQWd2NHZTa2pYUGJjVmU3MEphZ09TYndmVkk0ZVJROUFjVDl1NERHRGI1NkhzSU9wQUZuMFE9PSIsIm1hYyI6IjkyZGVhYzY5ZWM2ZjVkZmJhYjNkMDZhMWUxZDA4NmUxNGM5YTQyYTIzOTVlYTEyODEyNGNiZjA0YmUxNDM0OTIifQ%3D%3D; telma_session=eyJpdiI6Im83WmJKUkRXa3FEeldhVlwvU1hyQUZnPT0iLCJ2YWx1ZSI6IjBkdjZ0XC9KQXI5XC9raGN2RWZIM1ZhYnlrdW1kVHd4STB6WWVPS08zZ2tPSHlET1pyWEMyR1dKMEV1QkFsVlFhZVwvSmoxOGFTdHpudHJMUytvUE13M1FBPT0iLCJtYWMiOiJlZTEwNjFiYjU3YjE3NGZiMDA3OTNmNGUwZWFlMTFjNjI4MTdlODZmYjc3NTY1MmYyNjcyZjdjYmUyMGIzMjhlIn0%3D Connection keep-alive Referer https://promo.car.to.it/external/page/40?coupon=YELLOW User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 17 Jun 2021 01:01:29 GMT Content-Encoding gzip Last-Modified Thu, 23 Apr 2020 10:05:56 GMT Server Apache/2.4.29 (Ubuntu) ETag "7c00-5a3f26516c823-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000, public Content-Security-Policy upgrade-insecure-requests Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 6934
GET H2	200	css fonts.googleapis.com/	4 KB 714 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,300 Requested by Host: promo.car.to.it URL: https://promo.car.to.it/external/page/40?coupon=YELLOW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e7f8fb3de1908cf50ce35acee4c5932760e17fba860ec7c2a591ea5dcffa306d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://promo.car.to.it/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 17 Jun 2021 00:06:09 GMT server ESF date Thu, 17 Jun 2021 01:01:29 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 17 Jun 2021 01:01:29 GMT
GET H/1.1	200 OK	website.css promo.car.to.it/css/	247 KB 40 KB	123ms 45ms	Stylesheet text/css	95.110.140.142 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://promo.car.to.it/css/website.css Requested by Host: promo.car.to.it URL: https://promo.car.to.it/external/page/40?coupon=YELLOW Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 95.110.140.142 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS host142-140-110-95.serverdedicati.aruba.it Software Apache/2.4.29 (Ubuntu) / Resource Hash d6fe583bba41412b12d36fffa8d54db27cf020abac592fe98fb46e91f4e5413d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host promo.car.to.it Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://promo.car.to.it/external/page/40?coupon=YELLOW Cookie XSRF-TOKEN=eyJpdiI6IklRWU03Y1p3Mjh4ek9VWmJERUVmNXc9PSIsInZhbHVlIjoiRDdSY05EOTU4MXFCcUdkY0VHYWRhWUxUWlBGYXlXcUdrQWd2NHZTa2pYUGJjVmU3MEphZ09TYndmVkk0ZVJROUFjVDl1NERHRGI1NkhzSU9wQUZuMFE9PSIsIm1hYyI6IjkyZGVhYzY5ZWM2ZjVkZmJhYjNkMDZhMWUxZDA4NmUxNGM5YTQyYTIzOTVlYTEyODEyNGNiZjA0YmUxNDM0OTIifQ%3D%3D; telma_session=eyJpdiI6Im83WmJKUkRXa3FEeldhVlwvU1hyQUZnPT0iLCJ2YWx1ZSI6IjBkdjZ0XC9KQXI5XC9raGN2RWZIM1ZhYnlrdW1kVHd4STB6WWVPS08zZ2tPSHlET1pyWEMyR1dKMEV1QkFsVlFhZVwvSmoxOGFTdHpudHJMUytvUE13M1FBPT0iLCJtYWMiOiJlZTEwNjFiYjU3YjE3NGZiMDA3OTNmNGUwZWFlMTFjNjI4MTdlODZmYjc3NTY1MmYyNjcyZjdjYmUyMGIzMjhlIn0%3D Connection keep-alive Referer https://promo.car.to.it/external/page/40?coupon=YELLOW User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 17 Jun 2021 01:01:29 GMT Content-Encoding gzip Last-Modified Wed, 18 Nov 2020 13:04:03 GMT Server Apache/2.4.29 (Ubuntu) ETag "3dc78-5b4613ee92293-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000, public Content-Security-Policy upgrade-insecure-requests Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 40753
GET H2	200	css fonts.googleapis.com/	11 KB 945 B	17ms 17ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Nunito:400,700%7CRoboto:300,400,500%7CMuli:300,400 Requested by Host: promo.car.to.it URL: https://promo.car.to.it/external/page/40?coupon=YELLOW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9324f07947e5c0b8825bf60870c5e411a033883b5f034064b0b9c222af267b17 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://promo.car.to.it/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 16 Jun 2021 23:38:13 GMT server ESF date Thu, 17 Jun 2021 01:01:29 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 17 Jun 2021 01:01:29 GMT
GET H/1.1	200 OK	paypal-logo-png-27.png secure.tcserver.it/images/	31 KB 32 KB	281ms 62ms	Image image/png	212.91.72.68 ASN-ENTER
General Check archive.org Show headers Download Go to Show image Full URL https://secure.tcserver.it/images/paypal-logo-png-27.png Requested by Host: promo.car.to.it URL: https://promo.car.to.it/external/page/40?coupon=YELLOW Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 212.91.72.68 Milan, Italy, ASN12850 (ASN-ENTER, IT), Reverse DNS host-68-72.91-212.enter.it Software Apache / Resource Hash 8a7335a7df43ed905611db7de9162c57aad10e9fe82e756e690ba3096b642909 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://promo.car.to.it/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 17 Jun 2021 01:01:29 GMT Last-Modified Tue, 15 May 2018 08:48:28 GMT Server Apache X-Frame-Options SAMEORIGIN Content-Type image/png Connection close Accept-Ranges bytes Content-Length 32211
GET H/1.1	200 OK	CompareCreditCards.png secure.tcserver.it/images/	13 KB 13 KB	284ms 61ms	Image image/png	212.91.72.68 ASN-ENTER
General Check archive.org Show headers Download Go to Show image Full URL https://secure.tcserver.it/images/CompareCreditCards.png Requested by Host: promo.car.to.it URL: https://promo.car.to.it/external/page/40?coupon=YELLOW Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 212.91.72.68 Milan, Italy, ASN12850 (ASN-ENTER, IT), Reverse DNS host-68-72.91-212.enter.it Software Apache / Resource Hash 17fabe2d9cf5cd761cd38bd3fede40b8d976515addfbcebd9333c48e82176738 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://promo.car.to.it/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 17 Jun 2021 01:01:29 GMT Last-Modified Tue, 15 May 2018 08:37:07 GMT Server Apache X-Frame-Options SAMEORIGIN Content-Type image/png Connection close Accept-Ranges bytes Content-Length 13144
GET H/1.1	200 OK	onshop.png secure.tcserver.it/images/	68 KB 69 KB	285ms 62ms	Image image/png	212.91.72.68 ASN-ENTER
General Check archive.org Show headers Download Go to Show image Full URL https://secure.tcserver.it/images/onshop.png Requested by Host: promo.car.to.it URL: https://promo.car.to.it/external/page/40?coupon=YELLOW Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 212.91.72.68 Milan, Italy, ASN12850 (ASN-ENTER, IT), Reverse DNS host-68-72.91-212.enter.it Software Apache / Resource Hash 1c165f9f164cfdc0c030957131c38d774d3f16ff81d7e79a4f5d750d2ae90c8a Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://promo.car.to.it/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 17 Jun 2021 01:01:29 GMT Last-Modified Wed, 03 Apr 2019 08:29:10 GMT Server Apache X-Frame-Options SAMEORIGIN Content-Type image/png Connection close Accept-Ranges bytes Content-Length 70114
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/	85 KB 27 KB	14ms 12ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: promo.car.to.it URL: https://promo.car.to.it/external/page/40?coupon=YELLOW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://promo.car.to.it/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 17 Jun 2021 01:01:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 7444150 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 27433 cf-request-id 0ab915d81e0000c29a5c1e0000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-1538f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pa86NQrv%2BaNOYxBvUYeIVvqDhtOKFpSqQ56DJNheT4Nb85JhkOCBkVwOqtyYIZTtYUxzimSn5%2BH18exxYMKrdTd27gYMfYVvD0RgpYM%2F9QEfPhHwImiDDo5FnJZf9vyhS3AVEP%2FfCQdesz%2Fv3g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 660858d36e34c29a-FRA expires Tue, 07 Jun 2022 01:01:29 GMT
GET H2	200	popper.min.js Show response cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/	20 KB 7 KB	35ms 19ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js Requested by Host: promo.car.to.it URL: https://promo.car.to.it/external/page/40?coupon=YELLOW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Origin https://promo.car.to.it Referer https://promo.car.to.it/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 17 Jun 2021 01:01:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 3649966 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 6451 cf-request-id 0ab915d82c00004a5beb900000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:15:37 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fa9-4f71" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MUiemk9BaFAzbknTJZHiYjl56vheSLKEnXUJfBa%2FoZfLeaKy2o1BJ3rehTobC%2F78F%2BG1dRPm%2FYcEXQenS70MHL1alshM29nRb%2FyTWhNju5wdyUI9pLdWjZJCZHNJno2eRr2%2FXBHirxLhHo14CQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 660858d37b5f4a5b-FRA expires Tue, 07 Jun 2022 01:01:29 GMT
GET H3-29	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/	50 KB 14 KB	27ms 17ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js Requested by Host: promo.car.to.it URL: https://promo.car.to.it/external/page/40?coupon=YELLOW Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://promo.car.to.it Referer https://promo.car.to.it/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 17 Jun 2021 01:01:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 723, 718, 718 age 4134 cdn-cachedat 2021-06-08 21:25:21 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0ab915d82600004a91df0dd000000001 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:06 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid d7202ac8710ec716d164b27cc7f622cf cf-ray 660858d37d054a91-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H/1.1	200 OK	tc_3.js Show response secure.tcserver.it/js/	7 KB 7 KB	238ms 51ms	Script text/javascript	212.91.72.68 ASN-ENTER
General Check archive.org Show headers Download Go to Full URL https://secure.tcserver.it/js/tc_3.js Requested by Host: promo.car.to.it URL: https://promo.car.to.it/external/page/40?coupon=YELLOW Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 212.91.72.68 Milan, Italy, ASN12850 (ASN-ENTER, IT), Reverse DNS host-68-72.91-212.enter.it Software Apache / Resource Hash 9edcd0cb305feb5b60da211dd8349cda4872113e6e301d930c902cb6bfcdb5e5 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://promo.car.to.it/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 17 Jun 2021 01:01:29 GMT Last-Modified Wed, 10 Feb 2021 04:03:50 GMT Server Apache X-Frame-Options SAMEORIGIN Content-Type text/javascript Connection close Accept-Ranges bytes Content-Length 7049
GET H3-29	200	css fonts.googleapis.com/	8 KB 729 B	23ms 22ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,800 Requested by Host: promo.car.to.it URL: https://promo.car.to.it/ContentBuilder/assets/minimalist-basic/content.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 211c395325a9314343b455edabe8e23f801912b04e6b8b06058492aae767e255 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://promo.car.to.it/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 16 Jun 2021 23:38:34 GMT server ESF date Thu, 17 Jun 2021 01:01:29 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 17 Jun 2021 01:01:29 GMT
GET H/1.1	200 OK	fontello.css promo.car.to.it/ContentBuilder/assets/icons/css/	3 KB 1 KB	39ms 38ms	Stylesheet text/css	95.110.140.142 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://promo.car.to.it/ContentBuilder/assets/icons/css/fontello.css Requested by Host: promo.car.to.it URL: https://promo.car.to.it/ContentBuilder/assets/minimalist-basic/content.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 95.110.140.142 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS host142-140-110-95.serverdedicati.aruba.it Software Apache/2.4.29 (Ubuntu) / Resource Hash 8bbb8d59997ddc21a860e0c22b16a99457f22ae614979758468faad7778ccb41 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host promo.car.to.it Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://promo.car.to.it/ContentBuilder/assets/minimalist-basic/content.css Cookie XSRF-TOKEN=eyJpdiI6IklRWU03Y1p3Mjh4ek9VWmJERUVmNXc9PSIsInZhbHVlIjoiRDdSY05EOTU4MXFCcUdkY0VHYWRhWUxUWlBGYXlXcUdrQWd2NHZTa2pYUGJjVmU3MEphZ09TYndmVkk0ZVJROUFjVDl1NERHRGI1NkhzSU9wQUZuMFE9PSIsIm1hYyI6IjkyZGVhYzY5ZWM2ZjVkZmJhYjNkMDZhMWUxZDA4NmUxNGM5YTQyYTIzOTVlYTEyODEyNGNiZjA0YmUxNDM0OTIifQ%3D%3D; telma_session=eyJpdiI6Im83WmJKUkRXa3FEeldhVlwvU1hyQUZnPT0iLCJ2YWx1ZSI6IjBkdjZ0XC9KQXI5XC9raGN2RWZIM1ZhYnlrdW1kVHd4STB6WWVPS08zZ2tPSHlET1pyWEMyR1dKMEV1QkFsVlFhZVwvSmoxOGFTdHpudHJMUytvUE13M1FBPT0iLCJtYWMiOiJlZTEwNjFiYjU3YjE3NGZiMDA3OTNmNGUwZWFlMTFjNjI4MTdlODZmYjc3NTY1MmYyNjcyZjdjYmUyMGIzMjhlIn0%3D Connection keep-alive Referer https://promo.car.to.it/ContentBuilder/assets/minimalist-basic/content.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 17 Jun 2021 01:01:29 GMT Content-Encoding gzip Last-Modified Thu, 23 Apr 2020 10:05:56 GMT Server Apache/2.4.29 (Ubuntu) ETag "b61-5a3f26513ca74-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000, public Content-Security-Policy upgrade-insecure-requests Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1051
GET H/1.1	200 OK	ionicons.min.css promo.car.to.it/ContentBuilder/assets/ionicons/css/	50 KB 9 KB	40ms 39ms	Stylesheet text/css	95.110.140.142 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://promo.car.to.it/ContentBuilder/assets/ionicons/css/ionicons.min.css Requested by Host: promo.car.to.it URL: https://promo.car.to.it/ContentBuilder/assets/minimalist-basic/content.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 95.110.140.142 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS host142-140-110-95.serverdedicati.aruba.it Software Apache/2.4.29 (Ubuntu) / Resource Hash de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host promo.car.to.it Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://promo.car.to.it/ContentBuilder/assets/minimalist-basic/content.css Cookie XSRF-TOKEN=eyJpdiI6IklRWU03Y1p3Mjh4ek9VWmJERUVmNXc9PSIsInZhbHVlIjoiRDdSY05EOTU4MXFCcUdkY0VHYWRhWUxUWlBGYXlXcUdrQWd2NHZTa2pYUGJjVmU3MEphZ09TYndmVkk0ZVJROUFjVDl1NERHRGI1NkhzSU9wQUZuMFE9PSIsIm1hYyI6IjkyZGVhYzY5ZWM2ZjVkZmJhYjNkMDZhMWUxZDA4NmUxNGM5YTQyYTIzOTVlYTEyODEyNGNiZjA0YmUxNDM0OTIifQ%3D%3D; telma_session=eyJpdiI6Im83WmJKUkRXa3FEeldhVlwvU1hyQUZnPT0iLCJ2YWx1ZSI6IjBkdjZ0XC9KQXI5XC9raGN2RWZIM1ZhYnlrdW1kVHd4STB6WWVPS08zZ2tPSHlET1pyWEMyR1dKMEV1QkFsVlFhZVwvSmoxOGFTdHpudHJMUytvUE13M1FBPT0iLCJtYWMiOiJlZTEwNjFiYjU3YjE3NGZiMDA3OTNmNGUwZWFlMTFjNjI4MTdlODZmYjc3NTY1MmYyNjcyZjdjYmUyMGIzMjhlIn0%3D Connection keep-alive Referer https://promo.car.to.it/ContentBuilder/assets/minimalist-basic/content.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 17 Jun 2021 01:01:29 GMT Content-Encoding gzip Last-Modified Thu, 23 Apr 2020 10:05:56 GMT Server Apache/2.4.29 (Ubuntu) ETag "c854-5a3f26513da14-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000, public Content-Security-Policy upgrade-insecure-requests Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 8284
GET H/1.1	200 OK	bootstrap.css promo.car.to.it/ContentBuilder/assets/bootstrap/css/	170 KB 23 KB	71ms 41ms	Stylesheet text/css	95.110.140.142 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://promo.car.to.it/ContentBuilder/assets/bootstrap/css/bootstrap.css Requested by Host: promo.car.to.it URL: https://promo.car.to.it/ContentBuilder/assets/minimalist-basic/content.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 95.110.140.142 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS host142-140-110-95.serverdedicati.aruba.it Software Apache/2.4.29 (Ubuntu) / Resource Hash 4a64845cd000ad3810f1247a90aa723ff37e8c0f1ff2af0aa46d2a4257522a8b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host promo.car.to.it Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://promo.car.to.it/ContentBuilder/assets/minimalist-basic/content.css Cookie XSRF-TOKEN=eyJpdiI6IklRWU03Y1p3Mjh4ek9VWmJERUVmNXc9PSIsInZhbHVlIjoiRDdSY05EOTU4MXFCcUdkY0VHYWRhWUxUWlBGYXlXcUdrQWd2NHZTa2pYUGJjVmU3MEphZ09TYndmVkk0ZVJROUFjVDl1NERHRGI1NkhzSU9wQUZuMFE9PSIsIm1hYyI6IjkyZGVhYzY5ZWM2ZjVkZmJhYjNkMDZhMWUxZDA4NmUxNGM5YTQyYTIzOTVlYTEyODEyNGNiZjA0YmUxNDM0OTIifQ%3D%3D; telma_session=eyJpdiI6Im83WmJKUkRXa3FEeldhVlwvU1hyQUZnPT0iLCJ2YWx1ZSI6IjBkdjZ0XC9KQXI5XC9raGN2RWZIM1ZhYnlrdW1kVHd4STB6WWVPS08zZ2tPSHlET1pyWEMyR1dKMEV1QkFsVlFhZVwvSmoxOGFTdHpudHJMUytvUE13M1FBPT0iLCJtYWMiOiJlZTEwNjFiYjU3YjE3NGZiMDA3OTNmNGUwZWFlMTFjNjI4MTdlODZmYjc3NTY1MmYyNjcyZjdjYmUyMGIzMjhlIn0%3D Connection keep-alive Referer https://promo.car.to.it/ContentBuilder/assets/minimalist-basic/content.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 17 Jun 2021 01:01:29 GMT Content-Encoding gzip Last-Modified Thu, 23 Apr 2020 10:05:56 GMT Server Apache/2.4.29 (Ubuntu) ETag "2a61d-5a3f26512248c-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000, public Content-Security-Policy upgrade-insecure-requests Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 22936
GET H/1.1	200 OK	fontello.css promo.car.to.it/ContentBuilder/contentbuilder/icons/css/	5 KB 2 KB	47ms 38ms	Stylesheet text/css	95.110.140.142 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://promo.car.to.it/ContentBuilder/contentbuilder/icons/css/fontello.css Requested by Host: promo.car.to.it URL: https://promo.car.to.it/ContentBuilder/contentbuilder/contentbuilder.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 95.110.140.142 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS host142-140-110-95.serverdedicati.aruba.it Software Apache/2.4.29 (Ubuntu) / Resource Hash 9ea9fb7938c9d61860ac6de614367776e890a0f6d6d7b76da5ac1557dac74061 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host promo.car.to.it Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://promo.car.to.it/ContentBuilder/contentbuilder/contentbuilder.css Cookie XSRF-TOKEN=eyJpdiI6IklRWU03Y1p3Mjh4ek9VWmJERUVmNXc9PSIsInZhbHVlIjoiRDdSY05EOTU4MXFCcUdkY0VHYWRhWUxUWlBGYXlXcUdrQWd2NHZTa2pYUGJjVmU3MEphZ09TYndmVkk0ZVJROUFjVDl1NERHRGI1NkhzSU9wQUZuMFE9PSIsIm1hYyI6IjkyZGVhYzY5ZWM2ZjVkZmJhYjNkMDZhMWUxZDA4NmUxNGM5YTQyYTIzOTVlYTEyODEyNGNiZjA0YmUxNDM0OTIifQ%3D%3D; telma_session=eyJpdiI6Im83WmJKUkRXa3FEeldhVlwvU1hyQUZnPT0iLCJ2YWx1ZSI6IjBkdjZ0XC9KQXI5XC9raGN2RWZIM1ZhYnlrdW1kVHd4STB6WWVPS08zZ2tPSHlET1pyWEMyR1dKMEV1QkFsVlFhZVwvSmoxOGFTdHpudHJMUytvUE13M1FBPT0iLCJtYWMiOiJlZTEwNjFiYjU3YjE3NGZiMDA3OTNmNGUwZWFlMTFjNjI4MTdlODZmYjc3NTY1MmYyNjcyZjdjYmUyMGIzMjhlIn0%3D Connection keep-alive Referer https://promo.car.to.it/ContentBuilder/contentbuilder/contentbuilder.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 17 Jun 2021 01:01:29 GMT Content-Encoding gzip Last-Modified Thu, 23 Apr 2020 10:05:57 GMT Server Apache/2.4.29 (Ubuntu) ETag "13ad-5a3f26517b288-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000, public Content-Security-Policy upgrade-insecure-requests Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 1482
GET H/1.1	200 OK	animation.css promo.car.to.it/ContentBuilder/contentbuilder/icons/css/	2 KB 659 B	49ms 38ms	Stylesheet text/css	95.110.140.142 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://promo.car.to.it/ContentBuilder/contentbuilder/icons/css/animation.css Requested by Host: promo.car.to.it URL: https://promo.car.to.it/ContentBuilder/contentbuilder/contentbuilder.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 95.110.140.142 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS host142-140-110-95.serverdedicati.aruba.it Software Apache/2.4.29 (Ubuntu) / Resource Hash c5221cfe37e6f0b011346164e7b3378c106807dc0d42fc0887440ab36c09e205 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host promo.car.to.it Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://promo.car.to.it/ContentBuilder/contentbuilder/contentbuilder.css Cookie XSRF-TOKEN=eyJpdiI6IklRWU03Y1p3Mjh4ek9VWmJERUVmNXc9PSIsInZhbHVlIjoiRDdSY05EOTU4MXFCcUdkY0VHYWRhWUxUWlBGYXlXcUdrQWd2NHZTa2pYUGJjVmU3MEphZ09TYndmVkk0ZVJROUFjVDl1NERHRGI1NkhzSU9wQUZuMFE9PSIsIm1hYyI6IjkyZGVhYzY5ZWM2ZjVkZmJhYjNkMDZhMWUxZDA4NmUxNGM5YTQyYTIzOTVlYTEyODEyNGNiZjA0YmUxNDM0OTIifQ%3D%3D; telma_session=eyJpdiI6Im83WmJKUkRXa3FEeldhVlwvU1hyQUZnPT0iLCJ2YWx1ZSI6IjBkdjZ0XC9KQXI5XC9raGN2RWZIM1ZhYnlrdW1kVHd4STB6WWVPS08zZ2tPSHlET1pyWEMyR1dKMEV1QkFsVlFhZVwvSmoxOGFTdHpudHJMUytvUE13M1FBPT0iLCJtYWMiOiJlZTEwNjFiYjU3YjE3NGZiMDA3OTNmNGUwZWFlMTFjNjI4MTdlODZmYjc3NTY1MmYyNjcyZjdjYmUyMGIzMjhlIn0%3D Connection keep-alive Referer https://promo.car.to.it/ContentBuilder/contentbuilder/contentbuilder.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 17 Jun 2021 01:01:29 GMT Content-Encoding gzip Last-Modified Thu, 23 Apr 2020 10:05:57 GMT Server Apache/2.4.29 (Ubuntu) ETag "741-5a3f26517b288-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000, public Content-Security-Policy upgrade-insecure-requests Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 232
GET H/1.1	200 OK	eIeyWZPSGtpurZPCfNMhRO3EKs0wjSqzKF2WdWP4.jpeg promo.car.to.it/storage/uploads/photos/	200 KB 201 KB	39ms 38ms	Image image/jpeg	95.110.140.142 ARUBA-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://promo.car.to.it/storage/uploads/photos/eIeyWZPSGtpurZPCfNMhRO3EKs0wjSqzKF2WdWP4.jpeg?updated_at=1614801945 Requested by Host: promo.car.to.it URL: https://promo.car.to.it/external/page/40?coupon=YELLOW Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 95.110.140.142 Ponte San Pietro, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS host142-140-110-95.serverdedicati.aruba.it Software Apache/2.4.29 (Ubuntu) / Resource Hash 049cf84e17ac18be410efb53efab8876530c2b6b141b8e36cb0e0b1f7fad06ad Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host promo.car.to.it Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://promo.car.to.it/external/page/40?coupon=YELLOW Cookie XSRF-TOKEN=eyJpdiI6IklRWU03Y1p3Mjh4ek9VWmJERUVmNXc9PSIsInZhbHVlIjoiRDdSY05EOTU4MXFCcUdkY0VHYWRhWUxUWlBGYXlXcUdrQWd2NHZTa2pYUGJjVmU3MEphZ09TYndmVkk0ZVJROUFjVDl1NERHRGI1NkhzSU9wQUZuMFE9PSIsIm1hYyI6IjkyZGVhYzY5ZWM2ZjVkZmJhYjNkMDZhMWUxZDA4NmUxNGM5YTQyYTIzOTVlYTEyODEyNGNiZjA0YmUxNDM0OTIifQ%3D%3D; telma_session=eyJpdiI6Im83WmJKUkRXa3FEeldhVlwvU1hyQUZnPT0iLCJ2YWx1ZSI6IjBkdjZ0XC9KQXI5XC9raGN2RWZIM1ZhYnlrdW1kVHd4STB6WWVPS08zZ2tPSHlET1pyWEMyR1dKMEV1QkFsVlFhZVwvSmoxOGFTdHpudHJMUytvUE13M1FBPT0iLCJtYWMiOiJlZTEwNjFiYjU3YjE3NGZiMDA3OTNmNGUwZWFlMTFjNjI4MTdlODZmYjc3NTY1MmYyNjcyZjdjYmUyMGIzMjhlIn0%3D Connection keep-alive Referer https://promo.car.to.it/external/page/40?coupon=YELLOW User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 17 Jun 2021 01:01:29 GMT Last-Modified Wed, 03 Mar 2021 20:05:45 GMT Server Apache/2.4.29 (Ubuntu) ETag "32118-5bca7605abaa0" Content-Type image/jpeg Cache-Control max-age=2592000, public Content-Security-Policy upgrade-insecure-requests Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 205080
GET DATA	200 OK	truncated /	74 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 820b1d463489849497892f59b12671c7287e32edcf32eceefbfe9d0bfede8913 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	XRXW3I6Li01BKofAjsOUYevI.woff2 fonts.gstatic.com/s/nunito/v16/	19 KB 19 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Nunito:400,700%7CRoboto:300,400,500%7CMuli:300,400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://promo.car.to.it Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 12 Jun 2021 08:36:44 GMT x-content-type-options nosniff age 404685 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19088 x-xss-protection 0 last-modified Wed, 25 Nov 2020 02:44:23 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 12 Jun 2022 08:36:44 GMT
GET H/1.1	200 OK	service_dynamic_coupon.cgi Show response secure.tcserver.it/cgi-bin/	34 B 270 B	424ms 237ms	XHR text/json	212.91.72.68 ASN-ENTER
General Check archive.org Show headers Download Go to Full URL https://secure.tcserver.it/cgi-bin/service_dynamic_coupon.cgi?merchant=102324&precompiled_dynamic_coupon=0 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 212.91.72.68 Milan, Italy, ASN12850 (ASN-ENTER, IT), Reverse DNS host-68-72.91-212.enter.it Software Apache / Resource Hash 5d01a4f94c40ba1a7c5c775a2a65a97773aa960e5655aae84ce9752670fcbcfa Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://promo.car.to.it/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-control-allow-origin * Date Thu, 17 Jun 2021 01:01:29 GMT Server Apache Connection close X-Frame-Options SAMEORIGIN Transfer-Encoding chunked Content-Type text/json; charset=ISO-8859-1
GET H/1.1	200 OK	service_tariffa3.cgi Show response secure.tcserver.it/cgi-bin/	2 KB 3 KB	460ms 269ms	XHR text/json	212.91.72.68 ASN-ENTER
General Check archive.org Show headers Download Go to Full URL https://secure.tcserver.it/cgi-bin/service_tariffa3.cgi?merchant=102324&lng=ITA Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 212.91.72.68 Milan, Italy, ASN12850 (ASN-ENTER, IT), Reverse DNS host-68-72.91-212.enter.it Software Apache / Resource Hash f590d22f2928bc99bc682cb04a7151a6b41d227ce19f064c838e4b8e9806b34a Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://promo.car.to.it/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-control-allow-origin * Date Thu, 17 Jun 2021 01:01:29 GMT Server Apache Connection close X-Frame-Options SAMEORIGIN Transfer-Encoding chunked Content-Type text/json; charset=ISO-8859-1
GET H/1.1	200 OK	service_tariffa3.cgi Show response secure.tcserver.it/cgi-bin/	2 KB 3 KB	387ms 267ms	XHR text/json	212.91.72.68 ASN-ENTER
General Check archive.org Show headers Download Go to Full URL https://secure.tcserver.it/cgi-bin/service_tariffa3.cgi?merchant=102324&lng=ITA&coupon=YELLOW&ani=&country=39 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 212.91.72.68 Milan, Italy, ASN12850 (ASN-ENTER, IT), Reverse DNS host-68-72.91-212.enter.it Software Apache / Resource Hash f590d22f2928bc99bc682cb04a7151a6b41d227ce19f064c838e4b8e9806b34a Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://promo.car.to.it/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-control-allow-origin * Date Thu, 17 Jun 2021 01:01:30 GMT Server Apache Connection close X-Frame-Options SAMEORIGIN Transfer-Encoding chunked Content-Type text/json; charset=ISO-8859-1

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| Popper object| bootstrap function| getParameterByName string| $coupon object| $hide_coupon object| $country object| $tel object| $disabled_tel object| $hide_confirm number| min_len_coupon number| min_len_ani function| update_tagli_on_tc_coupon function| load_tc_form function| load_tc_form_tagli function| load_tc_coupon object| obj_coupon

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			promo.car.to.it/	1970-01-19 19:04:58	Name: telma_session Value: eyJpdiI6Im83WmJKUkRXa3FEeldhVlwvU1hyQUZnPT0iLCJ2YWx1ZSI6IjBkdjZ0XC9KQXI5XC9raGN2RWZIM1ZhYnlrdW1kVHd4STB6WWVPS08zZ2tPSHlET1pyWEMyR1dKMEV1QkFsVlFhZVwvSmoxOGFTdHpudHJMUytvUE13M1FBPT0iLCJtYWMiOiJlZTEwNjFiYjU3YjE3NGZiMDA3OTNmNGUwZWFlMTFjNjI4MTdlODZmYjc3NTY1MmYyNjcyZjdjYmUyMGIzMjhlIn0%3D
			promo.car.to.it/	1970-01-19 19:04:58	Name: XSRF-TOKEN Value: eyJpdiI6IklRWU03Y1p3Mjh4ek9VWmJERUVmNXc9PSIsInZhbHVlIjoiRDdSY05EOTU4MXFCcUdkY0VHYWRhWUxUWlBGYXlXcUdrQWd2NHZTa2pYUGJjVmU3MEphZ09TYndmVkk0ZVJROUFjVDl1NERHRGI1NkhzSU9wQUZuMFE9PSIsIm1hYyI6IjkyZGVhYzY5ZWM2ZjVkZmJhYjNkMDZhMWUxZDA4NmUxNGM5YTQyYTIzOTVlYTEyODEyNGNiZjA0YmUxNDM0OTIifQ%3D%3D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://secure.tcserver.it/js/tc_3.js(Line 177) Message: Field Coupon Presence 1 , Precompiled Coupon :
console-api	log	URL: https://secure.tcserver.it/js/tc_3.js(Line 116) Message: tc_taglio_filter value= 1,2,3,4,5,6,7,8,9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
promo.car.to.it
secure.tcserver.it
stackpath.bootstrapcdn.com
use.fontawesome.com
212.91.72.68
23.111.9.35
2606:4700::6810:125e
2606:4700::6810:135e
2606:4700::6812:bcf
2a00:1450:4001:802::200a
2a00:1450:4001:827::2003
95.110.140.142
049cf84e17ac18be410efb53efab8876530c2b6b141b8e36cb0e0b1f7fad06ad
0c413213ae9e38dc5e401fda8b4851ade77a4a93c58c8a473002088055ca1dfd
11f247ac3374542b05dda93ce9dce0085e5153336c8488be29ce729541158c25
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17fabe2d9cf5cd761cd38bd3fede40b8d976515addfbcebd9333c48e82176738
1c165f9f164cfdc0c030957131c38d774d3f16ff81d7e79a4f5d750d2ae90c8a
211c395325a9314343b455edabe8e23f801912b04e6b8b06058492aae767e255
24e51c3637242659666657cb01ada8cca3d82b089e98c80d6a9e9bc9fe148460
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4a64845cd000ad3810f1247a90aa723ff37e8c0f1ff2af0aa46d2a4257522a8b
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5d01a4f94c40ba1a7c5c775a2a65a97773aa960e5655aae84ce9752670fcbcfa
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
820b1d463489849497892f59b12671c7287e32edcf32eceefbfe9d0bfede8913
8a7335a7df43ed905611db7de9162c57aad10e9fe82e756e690ba3096b642909
8bbb8d59997ddc21a860e0c22b16a99457f22ae614979758468faad7778ccb41
9324f07947e5c0b8825bf60870c5e411a033883b5f034064b0b9c222af267b17
9ea9fb7938c9d61860ac6de614367776e890a0f6d6d7b76da5ac1557dac74061
9edcd0cb305feb5b60da211dd8349cda4872113e6e301d930c902cb6bfcdb5e5
c5221cfe37e6f0b011346164e7b3378c106807dc0d42fc0887440ab36c09e205
d6fe583bba41412b12d36fffa8d54db27cf020abac592fe98fb46e91f4e5413d
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
e7f8fb3de1908cf50ce35acee4c5932760e17fba860ec7c2a591ea5dcffa306d
f590d22f2928bc99bc682cb04a7151a6b41d227ce19f064c838e4b8e9806b34a
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e