urlscan.io logo urlscan.io
SecurityTrails logo

www.palazzodivarignana.com Open in urlscan Pro
94.245.104.73  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.palazzodivarignana.com/en-GB/
Effective URL: https://www.palazzodivarignana.com/en-GB/
Submission: On May 04 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 34 HTTP transactions. The main IP is 94.245.104.73, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is www.palazzodivarignana.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 29th 2019. Valid for: 3 months.
This is the only time www.palazzodivarignana.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 94.245.104.73 8075 (MICROSOFT...)
1 13.32.223.16 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.239.137.68 8075 (MICROSOFT...)
2 13.32.223.164 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 52.218.21.50 16509 (AMAZON-02)
34 10
17    94.245.104.73 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: waws-prod-db3-001.cloudapp.net
www.palazzodivarignana.com
secure.hoteldoor.it
wsipcountry.azurewebsites.net
1    13.32.223.16 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-223-16.fra56.r.cloudfront.net
widget.travelappeal.com
2    2a00:1450:4001:81c::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
2    52.239.137.68 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
hoteldoor.blob.core.windows.net
2    13.32.223.164 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-223-164.fra56.r.cloudfront.net
widget.travelappeal.com
1    2a00:1450:4001:824::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    2a00:1450:4001:819::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
8    2a00:1450:4001:815::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    52.218.21.50 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
Domain Requested by
14 www.palazzodivarignana.com 1 redirects www.palazzodivarignana.com
ajax.googleapis.com
8 fonts.gstatic.com ajax.googleapis.com
3 widget.travelappeal.com www.palazzodivarignana.com
2 secure.hoteldoor.it www.palazzodivarignana.com
secure.hoteldoor.it
2 hoteldoor.blob.core.windows.net www.palazzodivarignana.com
2 www.gstatic.com www.palazzodivarignana.com
www.gstatic.com
1 wsipcountry.azurewebsites.net secure.hoteldoor.it
1 s3-eu-west-1.amazonaws.com
1 fonts.googleapis.com ajax.googleapis.com
1 ajax.googleapis.com www.palazzodivarignana.com
34 10
Subject Issuer Validity Valid
palazzodivarignana.com
Let's Encrypt Authority X3		 2019-04-29 -
2019-07-28		 3 months crt.sh
*.travelappeal.com
COMODO RSA Domain Validation Secure Server CA		 2017-12-05 -
2020-01-10		 2 years crt.sh
*.google.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
*.blob.core.windows.net
Microsoft IT TLS CA 2		 2017-11-09 -
2019-11-09		 2 years crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
secure.hoteldoor.it
Let's Encrypt Authority X3		 2019-04-01 -
2019-06-30		 3 months crt.sh
*.s3-eu-west-1.amazonaws.com
DigiCert Baltimore CA-2 G2		 2018-11-08 -
2019-11-06		 a year crt.sh
*.azurewebsites.net
Microsoft IT TLS CA 4		 2017-12-17 -
2019-12-17		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.palazzodivarignana.com/en-GB/
Frame ID: DE2537B0430F05E9532CFE16E9E27342
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.palazzodivarignana.com/en-GB/ HTTP 301
    https://www.palazzodivarignana.com/en-GB/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^TweenMax$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

34
Requests

100 %
HTTPS

44 %
IPv6

8
Domains

10
Subdomains

10
IPs

2
Countries

17722 kB
Transfer

19181 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.palazzodivarignana.com/en-GB/ HTTP 301
    https://www.palazzodivarignana.com/en-GB/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.palazzodivarignana.com/en-GB/
Redirect Chain
  • http://www.palazzodivarignana.com/en-GB/
  • https://www.palazzodivarignana.com/en-GB/
81 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.palazzodivarignana.com/en-GB/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.245.104.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-db3-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e97cb32ad72c29d49773e502a40fb87760a4684e8c2ef9cf2ee48111147d77f2

Request headers

:method
GET
:authority
www.palazzodivarignana.com
:scheme
https
:path
/en-GB/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
cookie
ARRAffinity=01a5b65c0621a1d976c226f4e7162d9c376fb29020e806cad87f6a4ad7a873ac
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
cache-control
private
content-length
29209
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=dch5yxybtch3zqntl3yyajoe; path=/; HttpOnly ht-referer=; domain=.palazzodivarignana.com; path=/
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Sat, 04 May 2019 17:02:32 GMT

Redirect headers

Content-Length
164
Content-Type
text/html; charset=UTF-8
Location
https://www.palazzodivarignana.com/en-GB/
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Set-Cookie
ARRAffinity=01a5b65c0621a1d976c226f4e7162d9c376fb29020e806cad87f6a4ad7a873ac;Path=/;HttpOnly;Domain=www.palazzodivarignana.com
Date
Sat, 04 May 2019 17:02:32 GMT
site.min.css
www.palazzodivarignana.com/Content/css/production/ 		71 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.palazzodivarignana.com/Content/css/production/site.min.css?v=636904890673946533
Requested by
Host: www.palazzodivarignana.com
URL: https://www.palazzodivarignana.com/en-GB/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.245.104.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-db3-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eeeb6d562c0bd129370960eabf8001dc1d073b3edcdfe689cab5831ab4efde58

Request headers

Referer
https://www.palazzodivarignana.com/en-GB/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 04 May 2019 17:02:32 GMT
content-encoding
gzip
last-modified
Wed, 10 Apr 2019 10:31:07 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"a55fdd8188efd41:0"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public,max-age=2592000
accept-ranges
bytes
content-length
15843
jquery-1.11.3.min.js
www.palazzodivarignana.com/Scripts/production/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palazzodivarignana.com/Scripts/production/jquery-1.11.3.min.js
Requested by
Host: www.palazzodivarignana.com
URL: https://www.palazzodivarignana.com/en-GB/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.245.104.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-db3-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523

Request headers

Referer
https://www.palazzodivarignana.com/en-GB/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 04 May 2019 17:02:32 GMT
content-encoding
gzip
last-modified
Wed, 29 Aug 2018 12:50:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"80dde4d4963fd41:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public,max-age=2592000
accept-ranges
bytes
content-length
33406
site.min.js
www.palazzodivarignana.com/Scripts/Production/ 		318 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palazzodivarignana.com/Scripts/Production/site.min.js?v=636904890674446285
Requested by
Host: www.palazzodivarignana.com
URL: https://www.palazzodivarignana.com/en-GB/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.245.104.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-db3-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
17cc97f7997da62f67b4c77d85c6fac9a9933048dfc905f46ce2b09bfe243291

Request headers

Referer
https://www.palazzodivarignana.com/en-GB/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 04 May 2019 17:02:32 GMT
content-encoding
gzip
last-modified
Wed, 10 Apr 2019 10:31:07 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"cdffe48188efd41:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public,max-age=2592000
accept-ranges
bytes
loader.js
widget.travelappeal.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.travelappeal.com/loader.js
Requested by
Host: www.palazzodivarignana.com
URL: https://www.palazzodivarignana.com/en-GB/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.223.16 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-223-16.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bda728b46630f588415128a397d8861a9eade4df0c426ab27205058c2dc19cc5

Request headers

Referer
https://www.palazzodivarignana.com/en-GB/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 04 May 2019 17:02:34 GMT
via
1.1 63db28734e1b9429c04087abd41a1692.cloudfront.net (CloudFront)
last-modified
Tue, 03 Jul 2018 19:10:34 GMT
server
AmazonS3
etag
"7d14088d3a945f2bbbd528d7ab2032ca"
x-cache
RefreshHit from cloudfront
content-type
application/octet-stream
status
200
cache-control
max-age=5
accept-ranges
bytes
content-length
4495
x-amz-cf-id
Y-YURiVGbC7EpukJRLW2hV0HW0KhcqWV30Y4kkL8e4s7DgXwJMaFhw==
loader.js
www.gstatic.com/wcm/ 		397 B
404 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: www.palazzodivarignana.com
URL: https://www.palazzodivarignana.com/en-GB/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a8acb724d73ae588279ecca1b04ddf7c1fd4693242785e47405807ed50c9bf64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.palazzodivarignana.com/en-GB/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 04 May 2019 16:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Oct 2018 16:45:00 GMT
server
sffe
age
2434
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
274
x-xss-protection
0
expires
Sat, 04 May 2019 17:21:59 GMT
loader.gif
www.palazzodivarignana.com/Content/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.palazzodivarignana.com/Content/images/loader.gif
Requested by
Host: www.palazzodivarignana.com
URL: https://www.palazzodivarignana.com/en-GB/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.245.104.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-db3-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1bfd2b8ee2bad7c2bea71fcdc30cac76e08d1074ab5856d9ba04d667057fa1f5

Request headers

Referer
https://www.palazzodivarignana.com/en-GB/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 04 May 2019 17:02:32 GMT
last-modified
Thu, 29 Mar 2018 12:51:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"598e0b55cc7d31:0"
content-type
image/gif
status
200
cache-control
public,max-age=2592000
accept-ranges
bytes
content-length
26472
truncated
/ 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b721bfad392fb0b8572c3dee65106aa0b27f07239b1236941960820fc8455362

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
sprites.png
www.palazzodivarignana.com/Content/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.palazzodivarignana.com/Content/images/sprites.png
Requested by
Host: www.palazzodivarignana.com
URL: https://www.palazzodivarignana.com/en-GB/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.245.104.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-db3-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
caf871f4f5a312efd6d375cdec35a0dc23aef3c286eea3c25dad7e87992fc14c

Request headers

Referer
https://www.palazzodivarignana.com/en-GB/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 04 May 2019 17:02:32 GMT
last-modified
Thu, 18 Apr 2019 11:05:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"88c1cf99d6f5d41:0"
content-type
image/png
status
200
cache-control
public,max-age=2592000
accept-ranges
bytes
content-length
14225
video_b.jpg
www.palazzodivarignana.com/Content/images/ 		353 KB
353 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.palazzodivarignana.com/Content/images/video_b.jpg
Requested by
Host: www.palazzodivarignana.com
URL: https://www.palazzodivarignana.com/en-GB/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.245.104.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-db3-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ba71fb211b912261ce3c9d9a2ceb7101b4a4e38b2f7b68dce760b9ebdc1a7e33

Request headers

Referer
https://www.palazzodivarignana.com/en-GB/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 04 May 2019 17:02:32 GMT
last-modified
Thu, 29 Mar 2018 12:51:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8637e6b55cc7d31:0"
content-type
image/jpeg
status
200
cache-control
public,max-age=2592000
accept-ranges
bytes
content-length
361035
palazzodivarignana_homepage.mp4
hoteldoor.blob.core.windows.net/asset-70a45687-cb6a-4f42-852e-88e8124cc62a/ 		896 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://hoteldoor.blob.core.windows.net/asset-70a45687-cb6a-4f42-852e-88e8124cc62a/palazzodivarignana_homepage.mp4?sv=2017-04-17&sr=c&si=11035aec-7265-4d51-9e18-ad55331ff793&sig=%2FDQBO5kz3x5IfmnR%2Fy1mMoaBwGJfe7LP82dce26mfQg%3D&se=2119-02-25T15%3A50%3A05Z
Requested by
Host: www.palazzodivarignana.com
URL: https://www.palazzodivarignana.com/en-GB/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.137.68 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://www.palazzodivarignana.com/en-GB/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range
bytes=0-
chrome-proxy
frfr

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 04 May 2019 17:02:32 GMT
Last-Modified
Mon, 25 Feb 2019 15:49:48 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D69B38DF02D1C0"
x-ms-server-encrypted
true
x-ms-blob-content-md5
UJD0hjaU6Ip1FrTb7PgxJw==
Content-Type
video/mp4
Content-Range
bytes 0-18096639/18096640
x-ms-request-id
f6f6a135-c01e-009f-239b-024e6c000000
x-ms-version
2017-04-17
Accept-Ranges
bytes
Content-Length
18096640
x-ms-lease-state
available
impl-1_31.js
www.gstatic.com/wcm/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/wcm/impl-1_31.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a7270152c4aeda08b74c5adccd10e8dd2769d47fd98a924ba3c4b0e48b7e7a60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.palazzodivarignana.com/en-GB/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 02:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Sep 2018 20:15:00 GMT
server
sffe
age
4890613
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
12086
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 02:32:20 GMT
1fedfb6e0fdac928f4f8124b82276fbf7a9303a5117a9ac42a871033efc72f40
widget.travelappeal.com/data/ 		892 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.travelappeal.com/data/1fedfb6e0fdac928f4f8124b82276fbf7a9303a5117a9ac42a871033efc72f40
Requested by
Host: www.palazzodivarignana.com
URL: https://www.palazzodivarignana.com/Scripts/production/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.223.164 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-223-164.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f38a50917845d15f7fa6a1e27ec3eb5019a9bccdac0ecbc1556fbb0b68bcf14a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.palazzodivarignana.com/en-GB/
Origin
https://www.palazzodivarignana.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 04 May 2019 12:20:10 GMT
via
1.1 7a04ed7b69e0edefa91e397390fa9ad0.cloudfront.net (CloudFront)
last-modified
Sat, 04 May 2019 00:13:26 GMT
server
AmazonS3
status
200
etag
"97a7ace2beb2e62d0a1d01595df27a0e"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=3600
x-cache
RefreshHit from cloudfront
accept-ranges
bytes
content-length
892
x-amz-cf-id
P1jdZiBgENOCuEfpesD8u9HoF84iui6p3rQFlDAl3Fh2aD0tfcFFaQ==
svg.svg
www.palazzodivarignana.com/Content/images/svg/production/ 		41 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.palazzodivarignana.com/Content/images/svg/production/svg.svg
Requested by
Host: www.palazzodivarignana.com
URL: https://www.palazzodivarignana.com/Scripts/production/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.245.104.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-db3-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2db5c671240e252b93f3d7a7ffc17278fb5b615541e3e3be5b232eef59757cd6

Request headers

Accept
*/*
Referer
https://www.palazzodivarignana.com/en-GB/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 04 May 2019 17:02:33 GMT
content-encoding
gzip
etag
"8027a18188efd41:0"
last-modified
Wed, 10 Apr 2019 10:31:07 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public,max-age=2592000
accept-ranges
bytes
content-length
13877
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.4.7/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Requested by
Host: www.palazzodivarignana.com
URL: https://www.palazzodivarignana.com/en-GB/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.palazzodivarignana.com/en-GB/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 03:30:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4887110
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
6756
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Mar 2020 03:30:43 GMT
brg_service.js
secure.hoteldoor.it/Scripts/ViewSpecific/WebMarketingRules/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.hoteldoor.it/Scripts/ViewSpecific/WebMarketingRules/brg_service.js
Requested by
Host: www.palazzodivarignana.com
URL: https://www.palazzodivarignana.com/en-GB/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.245.104.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-db3-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9c73d404452768387a4dd07650728779a34453160c2e67ce3611f4cb48434e73

Request headers

Referer
https://www.palazzodivarignana.com/en-GB/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 04 May 2019 17:02:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Feb 2019 17:00:56 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"0d4f2b06bfd41:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
access-control-allow-origin
*
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
access-control-allow-headers
content-type
Content-Length
10198
3.html
widget.travelappeal.com/ 		21 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.travelappeal.com/3.html?1
Requested by
Host: www.palazzodivarignana.com
URL: https://www.palazzodivarignana.com/Scripts/production/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.223.164 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-223-164.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7216135914de7b342c1909132a9e39c3602f15c6a9951c72f99bbd15adf4a24b

Request headers

Accept
*/*
Referer
https://www.palazzodivarignana.com/en-GB/
Origin
https://www.palazzodivarignana.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 04 May 2019 07:40:43 GMT
via
1.1 7a04ed7b69e0edefa91e397390fa9ad0.cloudfront.net (CloudFront)
last-modified
Tue, 03 Jul 2018 19:10:38 GMT
server
AmazonS3
status
200
etag
"40573b2e116faea5020908f3838962eb"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=5
x-cache
RefreshHit from cloudfront
accept-ranges
bytes
content-length
21606
x-amz-cf-id
Xd_buJy32gXgoqPwXvtlVbR-JTtNOFAZGZRFgKq3EvyBlJm811FhUw==
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Courgette%7CMaterial+Icons%7CAlegreya+Sans:300,400,700%7COpen+Sans:300,400,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
0a074bb71839592f86e8d88aecb5e9c0f83d33b33d5bf6468b8fa881acd1a553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.palazzodivarignana.com/en-GB/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 04 May 2019 17:02:34 GMT
server
ESF
access-control-allow-origin
*
date
Sat, 04 May 2019 17:02:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sat, 04 May 2019 17:02:34 GMT
fonts.min.css
www.palazzodivarignana.com/Content/css/production/ 		896 B
455 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.palazzodivarignana.com/Content/css/production/fonts.min.css
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.245.104.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-db3-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1714650ec5ddae2d2de1943209c43e6bec8946af24b87de8ce13158d5f7bd9e8

Request headers

Referer
https://www.palazzodivarignana.com/en-GB/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 04 May 2019 17:02:33 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 11:50:48 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"b5fa8eae92ced41:0"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public,max-age=2592000
accept-ranges
bytes
content-length
373
5aUz9_-1phKLFgshYDvh6Vwt7VptvWdUhm8.woff2
fonts.gstatic.com/s/alegreyasans/v9/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/alegreyasans/v9/5aUz9_-1phKLFgshYDvh6Vwt7VptvWdUhm8.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a34b38515bf44d4bc80c18f63e05e4de2c3df0460a83d245bdc5333d57e1718f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Courgette%7CMaterial+Icons%7CAlegreya+Sans:300,400,700%7COpen+Sans:300,400,700
Origin
https://www.palazzodivarignana.com

Response headers

date
Sat, 09 Mar 2019 01:20:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Jan 2019 19:53:30 GMT
server
sffe
age
4894926
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14020
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 01:20:28 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v16/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Courgette%7CMaterial+Icons%7CAlegreya+Sans:300,400,700%7COpen+Sans:300,400,700
Origin
https://www.palazzodivarignana.com

Response headers

date
Mon, 25 Mar 2019 20:19:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:10:29 GMT
server
sffe
age
3444181
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:33 GMT
5aUu9_-1phKLFgshYDvh6Vwt5fFPqEp2i0VBuxM.woff2
fonts.gstatic.com/s/alegreyasans/v9/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/alegreyasans/v9/5aUu9_-1phKLFgshYDvh6Vwt5fFPqEp2i0VBuxM.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
11cd23393ed7cfcb58423194e69189dffa58575c565a2f19a357729e9ef229de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Courgette%7CMaterial+Icons%7CAlegreya+Sans:300,400,700%7COpen+Sans:300,400,700
Origin
https://www.palazzodivarignana.com

Response headers

date
Wed, 01 May 2019 13:18:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Jan 2019 19:52:52 GMT
server
sffe
age
272627
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14080
x-xss-protection
0
expires
Thu, 30 Apr 2020 13:18:47 GMT
wEO_EBrAnc9BLjLQAUk1VvoK_kgXiQ.woff2
fonts.gstatic.com/s/courgette/v6/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/courgette/v6/wEO_EBrAnc9BLjLQAUk1VvoK_kgXiQ.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4d72fce6de25ddf303366a118d8dadef432d03b9f5c38a3205bc0e6fb2799fe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Courgette%7CMaterial+Icons%7CAlegreya+Sans:300,400,700%7COpen+Sans:300,400,700
Origin
https://www.palazzodivarignana.com

Response headers

date
Sat, 09 Mar 2019 21:07:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Jan 2019 19:38:03 GMT
server
sffe
age
4823679
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
18308
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 21:07:55 GMT
playfairdisplay-regular.ttf
www.palazzodivarignana.com/Content/css/fonts/ 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.palazzodivarignana.com/Content/css/fonts/playfairdisplay-regular.ttf
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.245.104.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-db3-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
93496f6dfb4273e5a5ffe6d25ca6855e98b0d7ea6a729c4225ade32f0329291e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.palazzodivarignana.com/Content/css/production/fonts.min.css
Origin
https://www.palazzodivarignana.com

Response headers

date
Sat, 04 May 2019 17:02:33 GMT
last-modified
Thu, 29 Mar 2018 12:51:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"d52edcb55cc7d31:0"
content-type
application/x-font-ttf
status
200
cache-control
public,max-age=2592000
accept-ranges
bytes
content-length
100000
flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v47/ 		59 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v47/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Courgette%7CMaterial+Icons%7CAlegreya+Sans:300,400,700%7COpen+Sans:300,400,700
Origin
https://www.palazzodivarignana.com

Response headers

date
Tue, 26 Mar 2019 18:19:49 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Mar 2019 18:13:56 GMT
server
sffe
age
3364965
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
60840
x-xss-protection
0
expires
Wed, 25 Mar 2020 18:19:49 GMT
5aUu9_-1phKLFgshYDvh6Vwt5eFIqEp2i0VBuxM.woff2
fonts.gstatic.com/s/alegreyasans/v9/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/alegreyasans/v9/5aUu9_-1phKLFgshYDvh6Vwt5eFIqEp2i0VBuxM.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c07193bc23c8c932dc948dc4e8ec8469f672bd73130f6da73f8f1e5766ed61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Courgette%7CMaterial+Icons%7CAlegreya+Sans:300,400,700%7COpen+Sans:300,400,700
Origin
https://www.palazzodivarignana.com

Response headers

date
Sat, 09 Mar 2019 05:14:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Jan 2019 19:52:26 GMT
server
sffe
age
4880867
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14048
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 05:14:47 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Courgette%7CMaterial+Icons%7CAlegreya+Sans:300,400,700%7COpen+Sans:300,400,700
Origin
https://www.palazzodivarignana.com

Response headers

date
Mon, 25 Mar 2019 20:20:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:11:28 GMT
server
sffe
age
3444139
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9016
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:20:15 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Courgette%7CMaterial+Icons%7CAlegreya+Sans:300,400,700%7COpen+Sans:300,400,700
Origin
https://www.palazzodivarignana.com

Response headers

date
Mon, 25 Mar 2019 20:19:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:12:28 GMT
server
sffe
age
3444181
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9080
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:33 GMT
slick.woff
www.palazzodivarignana.com/Content/css/fonts/ 		1 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.palazzodivarignana.com/Content/css/fonts/slick.woff
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.245.104.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-db3-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.palazzodivarignana.com/Content/css/production/fonts.min.css
Origin
https://www.palazzodivarignana.com

Response headers

date
Sat, 04 May 2019 17:02:33 GMT
last-modified
Wed, 29 Aug 2018 12:50:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"b945f3d4963fd41:0"
content-type
application/x-font-woff
status
200
cache-control
public,max-age=2592000
accept-ranges
bytes
content-length
1380
certified_by.png
s3-eu-west-1.amazonaws.com/widget.travelappeal.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/widget.travelappeal.com/certified_by.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.21.50 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
784825bd2684934082b53cc648e73a22aef1d95db8452eef3b8cea1f475e4d73

Request headers

Referer
https://www.palazzodivarignana.com/en-GB/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 04 May 2019 17:02:35 GMT
Last-Modified
Fri, 23 Feb 2018 18:14:34 GMT
Server
AmazonS3
x-amz-request-id
90B6B13212C5DB53
ETag
"ab0acb9b2922ebcb7ceae16d252b8d87"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1312
x-amz-id-2
ob8yBx64B79GPPNNelBJv5x5vp3B1wiV/O2UONHD+icy1Z24Brpu554iL8fm42l2xBOvsCTRug0=
CircularStd-Bold.otf
www.palazzodivarignana.com/en-GB/assets/fonts/circular-std-book/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.palazzodivarignana.com/en-GB/assets/fonts/circular-std-book/CircularStd-Bold.otf
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.245.104.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-db3-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.palazzodivarignana.com/en-GB/
Origin
https://www.palazzodivarignana.com

Response headers

date
Sat, 04 May 2019 17:02:33 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html; charset=utf-8
status
404
cache-control
private
content-length
647
CircularStd-Medium.otf
www.palazzodivarignana.com/en-GB/assets/fonts/circular-std-book/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.palazzodivarignana.com/en-GB/assets/fonts/circular-std-book/CircularStd-Medium.otf
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.245.104.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-db3-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.palazzodivarignana.com/en-GB/
Origin
https://www.palazzodivarignana.com

Response headers

date
Sat, 04 May 2019 17:02:33 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html; charset=utf-8
status
404
cache-control
private
content-length
647
/
wsipcountry.azurewebsites.net/GeoLoc.svc/ 		220 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wsipcountry.azurewebsites.net/GeoLoc.svc/
Requested by
Host: secure.hoteldoor.it
URL: https://secure.hoteldoor.it/Scripts/ViewSpecific/WebMarketingRules/brg_service.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.245.104.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-db3-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
825ca9d76026ee20f721a39197b084ce90ef8baa93e80e0d61aca8229b170cd4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.palazzodivarignana.com/en-GB/
Origin
https://www.palazzodivarignana.com

Response headers

Date
Sat, 04 May 2019 17:02:34 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
284
palazzodivarignana_homepage.mp4
hoteldoor.blob.core.windows.net/asset-70a45687-cb6a-4f42-852e-88e8124cc62a/ 		16 MB
16 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://hoteldoor.blob.core.windows.net/asset-70a45687-cb6a-4f42-852e-88e8124cc62a/palazzodivarignana_homepage.mp4?sv=2017-04-17&sr=c&si=11035aec-7265-4d51-9e18-ad55331ff793&sig=%2FDQBO5kz3x5IfmnR%2Fy1mMoaBwGJfe7LP82dce26mfQg%3D&se=2119-02-25T15%3A50%3A05Z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.137.68 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://www.palazzodivarignana.com/en-GB/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range
bytes=917504-

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 04 May 2019 17:02:33 GMT
Last-Modified
Mon, 25 Feb 2019 15:49:48 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D69B38DF02D1C0"
x-ms-server-encrypted
true
x-ms-blob-content-md5
UJD0hjaU6Ip1FrTb7PgxJw==
Content-Type
video/mp4
Content-Range
bytes 917504-18096639/18096640
x-ms-request-id
6b75bad1-201e-0174-129b-02f6c5000000
x-ms-version
2017-04-17
Accept-Ranges
bytes
Content-Length
17179136
x-ms-lease-state
available
GetJsonRules
secure.hoteldoor.it/WebMarketingRules/ 		135 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.hoteldoor.it/WebMarketingRules/GetJsonRules?groupID=1130
Requested by
Host: secure.hoteldoor.it
URL: https://secure.hoteldoor.it/Scripts/ViewSpecific/WebMarketingRules/brg_service.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.245.104.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-db3-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
97d042c903be948f2ec43d145c5b1e189d093d428f9c8e3a60d95328301073fa

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.palazzodivarignana.com/en-GB/
Origin
https://www.palazzodivarignana.com

Response headers

Date
Sat, 04 May 2019 17:02:34 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
access-control-allow-origin
*
Cache-Control
private
access-control-allow-headers
content-type
Content-Length
29400
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| _googWcmImpl string| _googWcmAk function| _googWcmGet function| _loadAnalytics function| _googWccDebug function| _loadAS function| $ function| jQuery function| mapV1 function| mapV2 function| getCookie_zxcvbnm function| checkCookie_zxcvbnm function| isIta_zxcvbnm function| getPrivacyUrl_zxcvbnm function| addEvent function| loadSVG function| hashScroll function| removeHash function| InitSlick function| onArticleCallComplete function| initDatepickerLanguages function| initModule function| toggle_menu object| _gsScope object| localCache object| lazySizesConfig object| lazySizes object| jQuery1113022446624352669842 object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup object| NiceScroll object| FX string| cName object| pCOOKIES number| bb object| NmeVal object| q object| patt object| res boolean| Ba object| webfont object| WebFont number| timer number| serviceCheck object| jsonCondition number| groupId string| nation object| _brg_service function| startServiceCheck function| stopServiceCheck function| serviceInitialize function| checkRulesWM function| checkSubConditionFrequency function| checkFrequencyForParallelCondition function| checkNumOfVisitCondition function| checkIfuserHasVisitedNTimes function| checkIfuserHasVisitedNPages function| checkIfuserHasVisitedThisCondition function| checkIfIsFirstTime function| startAction function| checkDateWM function| normalizeData function| normalizeDataWithHours function| getCurrentData function| getCurrentDataWithHours function| checkSubConditionDevice function| checkSubCondition function| checkRegularExp function| goActionWM function| checkIsMobileWM function| createModalContainer function| openModalWM function| positionModalContainer function| transformStringToHtmlElement function| createDivElement function| getWindowWidth function| getWindowHeight function| getPropertiesForAnimation function| show function| hide function| getCookieWM function| setCookieWM function| setExpirationWM number| id object| nationResult object| rules string| conditionType object| whatArray

3 Cookies

Domain/Path Name / Value
.palazzodivarignana.com/ Name: ht-referer
Value:
www.palazzodivarignana.com/ Name: ASP.NET_SessionId
Value: dch5yxybtch3zqntl3yyajoe
.www.palazzodivarignana.com/ Name: ARRAffinity
Value: 01a5b65c0621a1d976c226f4e7162d9c376fb29020e806cad87f6a4ad7a873ac

6 Console Messages

Source Level URL
Text
console-api log URL: https://widget.travelappeal.com/loader.js(Line 1)
Message:
Param show-website-link not found using data
console-api log URL: https://widget.travelappeal.com/loader.js(Line 1)
Message:
Param at not found using data
console-api log URL: https://widget.travelappeal.com/loader.js(Line 1)
Message:
Param my not found using data
console-api log URL: https://widget.travelappeal.com/loader.js(Line 1)
Message:
Param add-negative-cluster not found using data
console-api log URL: https://widget.travelappeal.com/loader.js(Line 1)
Message:
Param position not found using data
console-api log URL: https://widget.travelappeal.com/loader.js(Line 1)
Message:
Param lang not found using data

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
hoteldoor.blob.core.windows.net
s3-eu-west-1.amazonaws.com
secure.hoteldoor.it
widget.travelappeal.com
wsipcountry.azurewebsites.net
www.gstatic.com
www.palazzodivarignana.com
13.32.223.16
13.32.223.164
2a00:1450:4001:815::2003
2a00:1450:4001:819::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:824::200a
52.218.21.50
52.239.137.68
94.245.104.73
0a074bb71839592f86e8d88aecb5e9c0f83d33b33d5bf6468b8fa881acd1a553
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
11cd23393ed7cfcb58423194e69189dffa58575c565a2f19a357729e9ef229de
1714650ec5ddae2d2de1943209c43e6bec8946af24b87de8ce13158d5f7bd9e8
17cc97f7997da62f67b4c77d85c6fac9a9933048dfc905f46ce2b09bfe243291
1bfd2b8ee2bad7c2bea71fcdc30cac76e08d1074ab5856d9ba04d667057fa1f5
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2db5c671240e252b93f3d7a7ffc17278fb5b615541e3e3be5b232eef59757cd6
4d72fce6de25ddf303366a118d8dadef432d03b9f5c38a3205bc0e6fb2799fe8
4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
7216135914de7b342c1909132a9e39c3602f15c6a9951c72f99bbd15adf4a24b
784825bd2684934082b53cc648e73a22aef1d95db8452eef3b8cea1f475e4d73
825ca9d76026ee20f721a39197b084ce90ef8baa93e80e0d61aca8229b170cd4
93496f6dfb4273e5a5ffe6d25ca6855e98b0d7ea6a729c4225ade32f0329291e
97d042c903be948f2ec43d145c5b1e189d093d428f9c8e3a60d95328301073fa
9c73d404452768387a4dd07650728779a34453160c2e67ce3611f4cb48434e73
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a34b38515bf44d4bc80c18f63e05e4de2c3df0460a83d245bdc5333d57e1718f
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a7270152c4aeda08b74c5adccd10e8dd2769d47fd98a924ba3c4b0e48b7e7a60
a8acb724d73ae588279ecca1b04ddf7c1fd4693242785e47405807ed50c9bf64
b721bfad392fb0b8572c3dee65106aa0b27f07239b1236941960820fc8455362
ba71fb211b912261ce3c9d9a2ceb7101b4a4e38b2f7b68dce760b9ebdc1a7e33
bda728b46630f588415128a397d8861a9eade4df0c426ab27205058c2dc19cc5
c07193bc23c8c932dc948dc4e8ec8469f672bd73130f6da73f8f1e5766ed61b3
caf871f4f5a312efd6d375cdec35a0dc23aef3c286eea3c25dad7e87992fc14c
d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2
e97cb32ad72c29d49773e502a40fb87760a4684e8c2ef9cf2ee48111147d77f2
eeeb6d562c0bd129370960eabf8001dc1d073b3edcdfe689cab5831ab4efde58
f38a50917845d15f7fa6a1e27ec3eb5019a9bccdac0ecbc1556fbb0b68bcf14a