Report - www.onrunningitalia.net/

Report Overview

Submitted URL
www.onrunningitalia.net/
IP
196.196.208.190
ASN
#58065 Orion Network Limited
Submitted
2024-04-18 13:30:31
Access
public
Website Title
On Running Italia | On running uomo | Rompi le barriere
Final URL
www.onrunningitalia.net/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
86

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.onrunningitalia.net	unknown	unknown	No data	No data	24 kB	14 MB	196.196.208.190
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-18	5.3 kB	74 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	535 B	8.8 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed
2024-04-18	medium	onrunningitalia.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	www.onrunningitalia.net/	158 B	2023-03-07	2024-04-29
Pretty URL www.onrunningitalia.net/ IP 196.196.208.190 ASN #58065 Orion Network Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:18:35 Last Seen2024-04-29 10:46:34 Times Seen406 Hash f898517faa32a1d50013fd8b9ab2aaa7 eaeadc084111ee29bc6e1c05e35cfb8a237cbf5f 828a54afa9f3f8d83b680f98ab03887c8fb7999d5eece48e4c7cb3a4842a03d9 Loading...

	www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jscript_extend.js	641 B	2023-07-04	2024-04-27
Pretty URL www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jscript_extend.js IP 196.196.208.190 ASN #58065 Orion Network Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-04 01:52:25 Last Seen2024-04-27 01:00:51 Times Seen69 Hash 3bb18f39e30a3049535f9b3fc6fdf9af 8a392a36689b7e763f71899673e2a58855ecb673 d23dc0c134e6b6c3e504f45e55a3bd6931051c3716e13bedb0490e0ba4a94d63 Loading...

	unknown	37 B	2023-05-10	2024-04-27
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-05-10 05:59:15 Last Seen2024-04-27 01:00:50 Times Seen145 Hash 2ae35f23e69e0ebd06359dfbe0c5ce31 956b0ffc3c2eb6d3eeb8186f1d28a53d75d70506 8aade99f8e2e9831797b6836d32508679ccc13b2f63af0ca0015137690516e73 Loading...

	www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jscript_zmain.js	54 kB	2024-04-18	2024-04-18
Pretty URL www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jscript_zmain.js IP 196.196.208.190 ASN #58065 Orion Network Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 15:30:39 Last Seen2024-04-18 15:30:40 Times Seen2 Hash eda7b302224f5e5b860224cc6e189e53 d226a3e8c58bc44b2af548fc2179617104e132c8 92d547218bb99d8e8c5c4ee9c5a18a0dba2ac8c684df085db6ee83531caaec4c Loading...

	www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jquery.min.js	90 kB	2023-03-07	2024-05-01
Pretty URL www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jquery.min.js IP 196.196.208.190 ASN #58065 Orion Network Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-01 15:26:42 Times Seen264303 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jscript_cookies.js	745 B	2023-03-07	2024-04-29
Pretty URL www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jscript_cookies.js IP 196.196.208.190 ASN #58065 Orion Network Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:18:35 Last Seen2024-04-29 10:46:35 Times Seen736 Hash 65807f4bee7bcb4f6af769919ee805d3 c75e394f474f9238cb539f8b7ef9708cc083eff2 6979054ef7300efc7abcaefb0168e095f82adc208a00837ae1a95e0f72e2b598 Loading...

	www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jscript_plugins.js	273 kB	2023-03-08	2024-04-29
Pretty URL www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jscript_plugins.js IP 196.196.208.190 ASN #58065 Orion Network Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:00:23 Last Seen2024-04-29 04:28:40 Times Seen381 Hash 61bced23c3ca3a6b3623097507a8e2e4 fa6e156543aee6ad5fd3f14799140842880142aa 1736d465416b468d9836583f60c9a3165138120678649560a81f6365378a2743 Loading...

HTTP Transactions (55)

URL IP Response Size

www.onrunningitalia.net/

196.196.208.190

8.2 kB

URL
www.onrunningitalia.net/
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2479), with CRLF, LF line terminators
Size
8.2 kB (8152 bytes)
Hash
857cd1226e92b88d152e124cb7ce32be
7ea74b5a01bd4eb252ccfddcb690b3034ae29db4
b2e6644581bf032bc767b981e8b18a1513067abc0cd280363407846f9caf0c6f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: zenid=1h2407ur01j9j6unpchlb3u5uc; path=/; domain=.www.onrunningitalia.net; secure; HttpOnly; SameSite=lax
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 8152
content-type: text/html; charset=utf-8
date: Thu, 18 Apr 2024 13:30:28 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/includes/templates/onrunningitalia/css/style_zp.css

196.196.208.190

200 OK

4.2 kB

URL GET HTTP/2
www.onrunningitalia.net/includes/templates/onrunningitalia/css/style_zp.css
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
ASCII text
Size
4.2 kB (4163 bytes)
Hash
a3054a2a74ad5852f08a671f18548588
65ec94e5feb6abc0a2b038d35fa99ed4bd452f2d
0797a0d6bbe0928d5d0afc87e4b8d2a7ad9092de369ae2b51ab1f67638f89c51

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/onrunningitalia/css/style_zp.css HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 17 Oct 2023 18:53:12 GMT
accept-ranges: bytes
cache-control: max-age=3600
expires: Thu, 18 Apr 2024 14:30:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4163
content-type: text/css
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/includes/templates/onrunningitalia/css/style_zo.css

196.196.208.190

28 kB

URL
www.onrunningitalia.net/includes/templates/onrunningitalia/css/style_zo.css
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
assembler source, ASCII text, with very long lines (533)
Size
28 kB (28025 bytes)
Hash
3f190e5da46e91b4fca585e3a69f999d
f5f08c2ddb3c92b604745a343aff9807643a15bd
eb08e81c2921cfc76593f75dde117649f00da1ac31e4d4c4e6d250f51c6b0f1e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/onrunningitalia/css/style_zo.css HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 17 Oct 2023 18:53:12 GMT
accept-ranges: bytes
cache-control: max-age=3600
expires: Thu, 18 Apr 2024 14:30:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 28025
content-type: text/css
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/includes/templates/onrunningitalia/css/stylesheet.css

196.196.208.190

200 OK

12 kB

URL GET HTTP/2
www.onrunningitalia.net/includes/templates/onrunningitalia/css/stylesheet.css
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (349)
Size
12 kB (11527 bytes)
Hash
a8f055e635b2f4e97068c94fea90e872
d523dabd5c07f52b66dd135f49092416ecc82133
9697d609d7172499c32ce78d057ffa91dc6982af27692c1faf5753efffc17b27

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/onrunningitalia/css/stylesheet.css HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 17 Oct 2023 18:53:10 GMT
accept-ranges: bytes
cache-control: max-age=3600
expires: Thu, 18 Apr 2024 14:30:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11527
content-type: text/css
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/includes/templates/onrunningitalia/css/style_plugins.css

196.196.208.190

38 kB

URL
www.onrunningitalia.net/includes/templates/onrunningitalia/css/style_plugins.css
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
Unicode text, UTF-8 text, with very long lines (64833)
Size
38 kB (37634 bytes)
Hash
7d9aeebd62184af9c11cb5b25c7bf560
3465668fd36820d8038901a2a416e5b7c717dc9f
f3c76228bbc9e8f4910d8149b554fe50038eb1ab8feaf43afe2061ef69949893

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/onrunningitalia/css/style_plugins.css HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 17 Oct 2023 18:53:12 GMT
accept-ranges: bytes
cache-control: max-age=3600
expires: Thu, 18 Apr 2024 14:30:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 37634
content-type: text/css
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/includes/templates/onrunningitalia/images/on-running/subject1.jpg

196.196.208.190

200 OK

37 kB

URL GET HTTP/2
www.onrunningitalia.net/includes/templates/onrunningitalia/images/on-running/subject1.jpg
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x800, components 3
Size
37 kB (37216 bytes)
Hash
a8723ecb1cc2ababe27a378c755c6abf
136e0f82f4ec4e69d8f4f6b1929d6be0e9c091d7
d2f38856d71bf59e3b2e9dda9a64cde87f53a7fb243fe69f59ce957784d590af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/onrunningitalia/images/on-running/subject1.jpg HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 37216
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 18 May 2024 13:30:29 GMT
content-type: image/jpeg
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/loader.gif

196.196.208.190

200 OK

35 kB

URL GET HTTP/2
www.onrunningitalia.net/images/loader.gif
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 128 x 38
Size
35 kB (35011 bytes)
Hash
362e988184d842aea3a0b5d09a64d13e
e4ab705fb063ffd2645ce8a25e59e889e98f211c
82656f23517068a7b3d92badc8c29716e53654cd2574d330b08823ca7f7b8fa4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/loader.gif HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 35011
cache-control: max-age=864000, public, must-revalidate
content-type: image/gif
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/includes/templates/onrunningitalia/images/on-running/subject2.jpg

196.196.208.190

50 kB

URL
www.onrunningitalia.net/includes/templates/onrunningitalia/images/on-running/subject2.jpg
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x800, components 3
Size
50 kB (50282 bytes)
Hash
5510281988c53be40e898cfe273d4c97
83686993f24ab9b5bc9590434fce5f1bce38a48e
284f4eaf716670e956d883db439c5a8155cc5b2f0d6cbbce0b60217554499089

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/onrunningitalia/images/on-running/subject2.jpg HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 50282
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 18 May 2024 13:30:29 GMT
content-type: image/jpeg
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/includes/templates/onrunningitalia/images/on-running/arrow.svg

196.196.208.190

191 B

URL
www.onrunningitalia.net/includes/templates/onrunningitalia/images/on-running/arrow.svg
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
SVG Scalable Vector Graphics image
Size
191 B (191 bytes)
Hash
193d5a23fcf343ca01c2aeb6284f20f9
59b60f6f7f655702ec06dc7cf8e147a70844e9dc
c88c283793ba19cb32cf8ebfbc1d3ab4d03e9669e7b6185e5f800065680aab4e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/onrunningitalia/images/on-running/arrow.svg HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 13:35:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 191
content-type: image/svg+xml
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/includes/templates/onrunningitalia/images/logo.svg

196.196.208.190

728 B

URL
www.onrunningitalia.net/includes/templates/onrunningitalia/images/logo.svg
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
SVG Scalable Vector Graphics image
Size
728 B (728 bytes)
Hash
9f11b0c40efe199746f3fcb4ad70ce0c
4a781015bc28c4fffc41c8e5131f0fbaf5c1c9a7
d0f44d8d43882cae901bf6d9155355ed146b364a45c869660de1c2dad2680b7f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/onrunningitalia/images/logo.svg HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 13:35:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 728
content-type: image/svg+xml
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/includes/templates/onrunningitalia/images/on-running/subject3.jpg

196.196.208.190

200 OK

31 kB

URL GET HTTP/2
www.onrunningitalia.net/includes/templates/onrunningitalia/images/on-running/subject3.jpg
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 600x800, components 3
Size
31 kB (30932 bytes)
Hash
33b5766de56ecf1e09c46e8c03898c21
3797a51b49514e4bcbbb0311293ebcd9a840c7e9
550ea191ba8596ca9965488d6001c79b388d1ed1b794ab640e154f84ae23a713

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/onrunningitalia/images/on-running/subject3.jpg HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 30932
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 18 May 2024 13:30:29 GMT
content-type: image/jpeg
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/payment.png

196.196.208.190

200 OK

6.2 kB

URL GET HTTP/2
www.onrunningitalia.net/images/payment.png
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
PNG image data, 248 x 26, 8-bit/color RGBA, non-interlaced
Size
6.2 kB (6248 bytes)
Hash
1fb5f66cada185d72ccefaeb9e9a2963
584108601272e3ed07abe10b4c3ca2f6b200d552
ef645db0e0a9a267fda954e584782b888929b2827548ecaef07600656022535b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/payment.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 6248
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jscript_cookies.js

196.196.208.190

200 OK

430 B

URL GET HTTP/2
www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jscript_cookies.js
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (745), with no line terminators
Size
430 B (430 bytes)
Hash
65807f4bee7bcb4f6af769919ee805d3
c75e394f474f9238cb539f8b7ef9708cc083eff2
6979054ef7300efc7abcaefb0168e095f82adc208a00837ae1a95e0f72e2b598

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/onrunningitalia/jscript/jscript_cookies.js HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 17 Oct 2023 18:55:22 GMT
accept-ranges: bytes
cache-control: max-age=300
expires: Thu, 18 Apr 2024 13:35:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 430
content-type: application/javascript
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jscript_extend.js

196.196.208.190

311 B

URL
www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jscript_extend.js
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
311 B (311 bytes)
Hash
3bb18f39e30a3049535f9b3fc6fdf9af
8a392a36689b7e763f71899673e2a58855ecb673
d23dc0c134e6b6c3e504f45e55a3bd6931051c3716e13bedb0490e0ba4a94d63

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/onrunningitalia/jscript/jscript_extend.js HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 17 Oct 2023 18:55:22 GMT
accept-ranges: bytes
cache-control: max-age=300
expires: Thu, 18 Apr 2024 13:35:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 311
content-type: application/javascript
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jquery.min.js

196.196.208.190

31 kB

URL
www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jquery.min.js
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30902 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/onrunningitalia/jscript/jquery.min.js HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 17 Oct 2023 18:55:22 GMT
accept-ranges: bytes
cache-control: max-age=300
expires: Thu, 18 Apr 2024 13:35:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 30902
content-type: application/javascript
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jscript_zmain.js

196.196.208.190

8.3 kB

URL
www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jscript_zmain.js
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
JavaScript source, ASCII text, with very long lines (528)
Size
8.3 kB (8283 bytes)
Hash
eda7b302224f5e5b860224cc6e189e53
d226a3e8c58bc44b2af548fc2179617104e132c8
92d547218bb99d8e8c5c4ee9c5a18a0dba2ac8c684df085db6ee83531caaec4c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/onrunningitalia/jscript/jscript_zmain.js HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 17 Oct 2023 18:55:26 GMT
accept-ranges: bytes
cache-control: max-age=300
expires: Thu, 18 Apr 2024 13:35:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 8283
content-type: application/javascript
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N350_bianco_chambray.png

196.196.208.190

316 kB

URL
www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N350_bianco_chambray.png
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
316 kB (315493 bytes)
Hash
26f0c77cce3af5890eaf20c117a1e6d9
28d6e452967357bfa99789e625d7711979333035
2986267b39473e8eadb5fba58f10484e43a9c415e6b37c4098a286eb81a7ade8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N350_bianco_chambray.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 315493
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N358_tutto_bianco.png

196.196.208.190

200 OK

329 kB

URL GET HTTP/2
www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N358_tutto_bianco.png
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
329 kB (328876 bytes)
Hash
9ffe5148142b4456ea6c6475a07d1ba4
6d5a679cf7f81e26e5a7092613edc15a43be062e
584365ccc5c6d117a599a4c358f7479f860a778e6fcfa9ba8cff8d270e7e9da2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N358_tutto_bianco.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 328876
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N356_tutto_nero.png

196.196.208.190

200 OK

336 kB

URL GET HTTP/2
www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N356_tutto_nero.png
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
336 kB (336150 bytes)
Hash
5a2d954781e31410858b77342da832d6
98bb67a9732d01184b81a2564bd5677f7814de35
30fd57702c9a713e85bb2f1217bc703065f34de9ae1a18383ff344130dd4b735

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N356_tutto_nero.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 336150
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N352_ghiaccio_bianco.png

196.196.208.190

405 kB

URL
www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N352_ghiaccio_bianco.png
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
405 kB (405289 bytes)
Hash
a892bd05a074346d6aefed8a7f85a04e
3df31255cc0959b26154676e1fe85b25a43e8821
522f21c42ca638470615e11238be3459d05a242b5c56437e1b9fad2571a0eed0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N352_ghiaccio_bianco.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 405289
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N354_nero_bianco.png

196.196.208.190

200 OK

377 kB

URL GET HTTP/2
www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N354_nero_bianco.png
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
377 kB (376818 bytes)
Hash
8a1c3b6ba0cc8966b8a6efe0bbeb446b
d173b74c80b63074d9c7a8063cad27f6031ae750
340432f21f04b9de489997ffdcc0bc1189ab52cce3392ab8323d4261ab458240

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N354_nero_bianco.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 376818
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N351_magnete_surf.png

196.196.208.190

200 OK

378 kB

URL GET HTTP/2
www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N351_magnete_surf.png
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
378 kB (377919 bytes)
Hash
12773e02944dcfdebdb82a4642da5f54
7f7e564497a092c2c069a8a82b6d09318940aee7
f69da5eb5a491a4e3dee30854eb10d2bd10d31da33b9602085aad7befb045396

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N351_magnete_surf.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 377919
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N353_bianco_perla.png

196.196.208.190

444 kB

URL
www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N353_bianco_perla.png
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
444 kB (443870 bytes)
Hash
6956ef185a8c4e23326cd3ce56be114c
f068b9d61846deb7d1f24bca705d035a374ea2bd
fd17e6d80076abb716fced8d6ee0e173116b72ecebed497d390e9e6c261fee87

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N353_bianco_perla.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 443870
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/donne/scarpe/cloudventure/On_Running_donne_picco_di_cloudventure_TX486N502_bianco_foglia.png

196.196.208.190

200 OK

298 kB

URL GET HTTP/2
www.onrunningitalia.net/images/donne/scarpe/cloudventure/On_Running_donne_picco_di_cloudventure_TX486N502_bianco_foglia.png
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
298 kB (297862 bytes)
Hash
996af5747f4b1db89e1cf01f816815a1
07de41b5e19e7eebf7be4fa90de68d804f6c4ee1
9bf454eb1649c42089e468ba69e96dbe57e29631c8450c2fc77d313a259742ca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/donne/scarpe/cloudventure/On_Running_donne_picco_di_cloudventure_TX486N502_bianco_foglia.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 297862
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/uomini/scarpe/altri/On_Running_uomini_cloudneo_TX486N492_non_tinto.png

196.196.208.190

405 kB

URL
www.onrunningitalia.net/images/uomini/scarpe/altri/On_Running_uomini_cloudneo_TX486N492_non_tinto.png
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
405 kB (404809 bytes)
Hash
c1a29de50a9dd6cdf4828319810550ea
bd86b7d6d68dcca0f6f0ce72f24b680fe73c6457
e7f3580c49f1e462970c0db43728107c77738bef4e0d1d608ff92eceeec5a9a8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/uomini/scarpe/altri/On_Running_uomini_cloudneo_TX486N492_non_tinto.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 404809
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N357_surf_ciottoli.png

196.196.208.190

548 kB

URL
www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N357_surf_ciottoli.png
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
548 kB (548189 bytes)
Hash
1366fb0328d8c38c8e955c06428337d5
115c77061ce16d2b47bc2be2d5e7483e4dad979f
29989744465e498dc4bef3c4d3a64e957b0db78a592d651c46cce34b53cadaa0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N357_surf_ciottoli.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 548189
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N355_alghe_ombra.png

196.196.208.190

539 kB

URL
www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N355_alghe_ombra.png
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
539 kB (538774 bytes)
Hash
152d2b16e7a8c83a5df606abc87b634e
7e2c80e60d74421e4d5ed6290dab05a8f5699a72
5acacfaeacd755c095a5ace75c7b079d53ea89641966273d5cfa2b8ac85ffbe8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_TX486N355_alghe_ombra.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 538774
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/donne/scarpe/cloudventure/On_Running_donne_picco_di_cloudventure_TX486N504_bianco_nero.png

196.196.208.190

200 OK

403 kB

URL GET HTTP/2
www.onrunningitalia.net/images/donne/scarpe/cloudventure/On_Running_donne_picco_di_cloudventure_TX486N504_bianco_nero.png
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
403 kB (403306 bytes)
Hash
a0d10c6aa9b0f802c0ab304d9cdc40fb
99527d8f7bb8ab740da08e48b247b1244d69c958
e602b7115c2f26d1c7c9be3756b886c8fc56515861bf2a9ac39761822c2c4dc3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/donne/scarpe/cloudventure/On_Running_donne_picco_di_cloudventure_TX486N504_bianco_nero.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 403306
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_pronto_TX486N491_sabbia_mandorla.png

196.196.208.190

200 OK

414 kB

URL GET HTTP/2
www.onrunningitalia.net/images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_pronto_TX486N491_sabbia_mandorla.png
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
414 kB (414047 bytes)
Hash
882c12eb643213cc8706fbfadfdae02c
ec5bc436b03c4c84500bb48bb483a7d495a897d0
979cd56ed93c9b53bef4dc488ffe8968caf3f9f6910ccd19c3f82f966f7296a1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/donne/scarpe/nuvola-5/On_Running_donne_nuvola_5_pronto_TX486N491_sabbia_mandorla.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 414047
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/accessori/calzini/On_Runningcalza_media_ultraleggera_TX486N501_nero_bianco.png

196.196.208.190

200 OK

647 kB

URL GET HTTP/2
www.onrunningitalia.net/images/accessori/calzini/On_Runningcalza_media_ultraleggera_TX486N501_nero_bianco.png
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
647 kB (646922 bytes)
Hash
b9cdc32d77db61850b507ae180eabb32
8e1bf12e728dddac8eadaaf5d7af429f5e70a788
26e940114127700df4c2b354c2dc3fcbf17211375dff678095a59970e9bac362

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/accessori/calzini/On_Runningcalza_media_ultraleggera_TX486N501_nero_bianco.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 646922
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/accessori/calzini/On_Runningcalza_da_tennis_TX486N496_bianco_rosso.png

196.196.208.190

675 kB

URL
www.onrunningitalia.net/images/accessori/calzini/On_Runningcalza_da_tennis_TX486N496_bianco_rosso.png
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
675 kB (675369 bytes)
Hash
26810d5ed52ac89a978d7403ebf276b0
91e12883278759378b52582c27de7f6cba1355dc
f17cdd9e393f6d1fd367d5a5571981e9c3b2cd8a420b3649565cc7301f96115c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/accessori/calzini/On_Runningcalza_da_tennis_TX486N496_bianco_rosso.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 675369
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/accessori/calzini/On_Runningcalza_da_tennis_TX486N495_bianco_indaco.png

196.196.208.190

200 OK

705 kB

URL GET HTTP/2
www.onrunningitalia.net/images/accessori/calzini/On_Runningcalza_da_tennis_TX486N495_bianco_indaco.png
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
705 kB (704976 bytes)
Hash
33661baad84fcf34e270553c7b300646
e1b69f6c52097f28a5dcde613c166ea2f046f9a9
c5241ef078bcbf85a757e4983180c840799a04a44620501f12a98627a5c2213d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/accessori/calzini/On_Runningcalza_da_tennis_TX486N495_bianco_indaco.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 704976
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/accessori/calzini/On_Runningcalza_da_tennis_TX486N494_nero_indaco.png

196.196.208.190

743 kB

URL
www.onrunningitalia.net/images/accessori/calzini/On_Runningcalza_da_tennis_TX486N494_nero_indaco.png
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
743 kB (743099 bytes)
Hash
069f45dbc7155790595b992edafbe972
097c0361db11dab01e6ac96b3f6c41d047870c55
a85bd177a9e8e0f2392377cf95c13c56cab87dfc84aa4f2ce3b7180787656400

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/accessori/calzini/On_Runningcalza_da_tennis_TX486N494_nero_indaco.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 743099
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/accessori/calzini/On_Runningcalza_da_tennis_TX486N497_bianco_senape.png

196.196.208.190

690 kB

URL
www.onrunningitalia.net/images/accessori/calzini/On_Runningcalza_da_tennis_TX486N497_bianco_senape.png
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
690 kB (689469 bytes)
Hash
4ee9772cdc089ba40628b7f21e35def7
5f6428477fcab32de0bde527f5a8cbe9a7612db1
d466a9b940d038fd00ebda9301ae3621b49b510531034883066542040739ff92

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/accessori/calzini/On_Runningcalza_da_tennis_TX486N497_bianco_senape.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 689469
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/accessori/calzini/On_Runningcalzino_basso_ultraleggero_TX486N498_bianco_nero.png

196.196.208.190

748 kB

URL
www.onrunningitalia.net/images/accessori/calzini/On_Runningcalzino_basso_ultraleggero_TX486N498_bianco_nero.png
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
748 kB (748357 bytes)
Hash
0f8a7d38c43c80d2afb986fd5ef1afc1
f6dc8c070f57af88e334dd356874cebdae541bf9
9df1067d6f52c4ed0efb7a01440b063fbcd14d85e94bd7f6e9e8ed91d6cadd95

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/accessori/calzini/On_Runningcalzino_basso_ultraleggero_TX486N498_bianco_nero.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 748357
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/includes/templates/onrunningitalia/images/on-running/roger.webp

196.196.208.190

200 OK

314 kB

URL GET HTTP/2
www.onrunningitalia.net/includes/templates/onrunningitalia/images/on-running/roger.webp
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
314 kB (314165 bytes)
Hash
08e608aeb3508d2e195accb8d20ea613
2b6dda0bbe850dffd8d426e21c5beaa28813a812
20a04962c3f16b0ac1847690028c0bc8f613925757406dc6e98928e7684877ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/onrunningitalia/images/on-running/roger.webp HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 13:35:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: image/webp
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/includes/templates/onrunningitalia/images/on-running/5903d7df45e190c241641d2c18d516bd.jpg

196.196.208.190

979 kB

URL
www.onrunningitalia.net/includes/templates/onrunningitalia/images/on-running/5903d7df45e190c241641d2c18d516bd.jpg
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 3840x2160, components 3
Size
979 kB (979075 bytes)
Hash
c79735172e43371f6d6856f9d1e91fd3
50896d154b6630ae5d0e8e2e4f4236074200cbcb
bdf3768bbacccb454777568d241c06d1814dc3f3db8167923d892739faa7024f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/onrunningitalia/images/on-running/5903d7df45e190c241641d2c18d516bd.jpg HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 979075
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 18 May 2024 13:30:29 GMT
content-type: image/jpeg
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/accessori/calzini/On_Runningcalzino_basso_ultraleggero_TX486N499_nero_bianco.png

196.196.208.190

801 kB

URL
www.onrunningitalia.net/images/accessori/calzini/On_Runningcalzino_basso_ultraleggero_TX486N499_nero_bianco.png
IP
196.196.208.190:0
ASN
#58065 Orion Network Limited

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
801 kB (801027 bytes)
Hash
1581231711420d7407a89c5ce6985afe
f3126c10d1aa681ac21eb21cfa1af89b3b3252ad
449f2ea293dfa9917cd711293ae55156bd274a4cdb6d1148cb907e804f30ec19

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/accessori/calzini/On_Runningcalzino_basso_ultraleggero_TX486N499_nero_bianco.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 801027
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/images/accessori/calzini/On_Runningcalza_media_ultraleggera_TX486N500_bianco_nero.png

196.196.208.190

200 OK

924 kB

URL GET HTTP/2
www.onrunningitalia.net/images/accessori/calzini/On_Runningcalza_media_ultraleggera_TX486N500_bianco_nero.png
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
PNG image data, 878 x 878, 8-bit/color RGBA, non-interlaced
Size
924 kB (924250 bytes)
Hash
c32622c3de96f98f6be10d6ed3667559
c5113b2d174234a26cf1ba9e0ad9d759bed92f11
4f96a5acd8b928a6a6665ccf708879fadcc819ed908e9fa2b5c198c3aa0abbd2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/accessori/calzini/On_Runningcalza_media_ultraleggera_TX486N500_bianco_nero.png HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 924250
cache-control: max-age=864000, public, must-revalidate
content-type: image/png
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

8.4 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
8.4 kB (8441 bytes)
Hash
3701bbdc592e333d18d61893a37ed3a7
2c9592e43c16ede684b10c7889e83b9a86cdf7b2
e8779dc3f5599613bf474d2d41bcdcd89f259f686521330a0edc77f10c4bf114

HTTP Headers

GET /css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 13:30:03 GMT
date: Thu, 18 Apr 2024 13:30:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap

142.250.74.106

8.7 kB

URL
fonts.googleapis.com/css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
8.7 kB (8655 bytes)
Hash
0992b8612d44f088aa783ad8ca8f9c07
b46a9c64d2b63bc5fdfcdab7983bdd7ab716fd28
8dd8704453f34db0e0e5ef7871ca86f02470a910a83400f348ece4ec5d2b55f5

HTTP Headers

GET /css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 13:30:03 GMT
date: Thu, 18 Apr 2024 13:30:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Staatliches&display=swap

142.250.74.106

843 B

URL
fonts.googleapis.com/css2?family=Staatliches&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
843 B (843 bytes)
Hash
ec44bd60ad91af5c4bb7780d5d341be0
3b6c6fef1cc82c7442437609449cb6ddaad40a36
eb196fa1de79cdbf6b1fdf5d426db243cb27d6c19039faf7c8cb22eec6c25528

HTTP Headers

GET /css2?family=Staatliches&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 13:30:04 GMT
date: Thu, 18 Apr 2024 13:30:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap

142.250.74.106

8.3 kB

URL
fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
8.3 kB (8261 bytes)
Hash
9615bc5cc85f907d5011415676cb8e5b
6e7606a0f31aed6edc3d746a67c40e98e39f4e15
6438a8491cf10d04598126d0357cc2f73e84e804d66b5c4709b11b3186117ac8

HTTP Headers

GET /css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 13:30:03 GMT
date: Thu, 18 Apr 2024 13:30:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Quicksand:wght@400;500;600;700&display=swap

142.250.74.106

200 OK

8.4 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Quicksand:wght@400;500;600;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
8.4 kB (8391 bytes)
Hash
f1bbfcfc8e1a256b6d8e65c906b8e8a9
b0771f1ee9392844977c3be7c9690bd666174167
f1ea5d7d585215d6d6b2f2cb05863547a7b03f1cf3f67688d3c39db655a4617a

HTTP Headers

GET /css2?family=Quicksand:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 13:30:03 GMT
date: Thu, 18 Apr 2024 13:30:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.onrunningitalia.net/includes/templates/onrunningitalia/images/favicon.ico

196.196.208.190

200 OK

624 B

URL GET HTTP/2
www.onrunningitalia.net/includes/templates/onrunningitalia/images/favicon.ico
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit grayscale, non-interlaced
Size
624 B (624 bytes)
Hash
c7424ae8ebc03dc047130433fcfe83c3
2cb82c27477d8e4fda31859063e0b94852cd93c4
ec7033e8c33b5e4b5d056f45f82e5820797a14b263af9a8b5dcd54a09c2ae94d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/onrunningitalia/images/favicon.ico HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=864000, public, must-revalidate
expires: Fri, 19 Apr 2024 13:30:31 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 624
content-type: image/x-icon
date: Thu, 18 Apr 2024 13:30:31 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/includes/templates/onrunningitalia/fonts/annimex-icons.ttf?teavmy

196.196.208.190

200 OK

141 kB

URL GET HTTP/2
www.onrunningitalia.net/includes/templates/onrunningitalia/fonts/annimex-icons.ttf?teavmy
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, adorn-icons
Size
141 kB (140608 bytes)
Hash
7d3c0284348a1f07b4cd6ff41354551b
6ff4eb286a7b3c980866382a40dd9279c99cb9cd
924025d175bc0292a137b2b46a4ee48e77c8618c3ea19e44214b6abf30f16005

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/onrunningitalia/fonts/annimex-icons.ttf?teavmy HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/includes/templates/onrunningitalia/css/style_plugins.css
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 13:35:30 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: application/x-font-ttf
date: Thu, 18 Apr 2024 13:30:30 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jscript_plugins.js

196.196.208.190

200 OK

273 kB

URL GET HTTP/2
www.onrunningitalia.net/includes/templates/onrunningitalia/jscript/jscript_plugins.js
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type

Size
273 kB (273266 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/onrunningitalia/jscript/jscript_plugins.js HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Tue, 17 Oct 2023 18:55:26 GMT
accept-ranges: bytes
cache-control: max-age=300
expires: Thu, 18 Apr 2024 13:35:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: application/javascript
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.onrunningitalia.net/includes/templates/onrunningitalia/images/on-running/2289ba376df41159a8e04bf890dbdca3.webp

196.196.208.190

200 OK

316 kB

URL GET HTTP/2
www.onrunningitalia.net/includes/templates/onrunningitalia/images/on-running/2289ba376df41159a8e04bf890dbdca3.webp
IP
196.196.208.190:443
ASN
#58065 Orion Network Limited

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerZeroSSL
Subjectonrunningitalia.net
FingerprintCB:79:26:2B:3D:0A:BB:57:D3:65:7C:44:B0:83:1C:F2:71:DF:BB:20
ValidityMon, 18 Mar 2024 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
316 kB (316304 bytes)
Hash
279300d3f0b5da1edde4c3fb89a8e29d
c53c3f0e35d0ff0c6ff26d40bf1ca952cf2174ab
986e1b4b87b1d63aae17070744533079edfe3a7929a3f60b1f1f567a3bd3a586

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/onrunningitalia/images/on-running/2289ba376df41159a8e04bf890dbdca3.webp HTTP/1.1
Host: www.onrunningitalia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Cookie: zenid=1h2407ur01j9j6unpchlb3u5uc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 13:35:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: image/webp
date: Thu, 18 Apr 2024 13:30:29 GMT
server: Apache/2
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

6.3 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (6448), with no line terminators
Size
6.3 kB (6304 bytes)
Hash
5597ed8188a3994391b999f6caf0d0ec
a647507c2dfaa80293672a339035e11335a7509b
40f0d46e2291b1365735633e70f2aac322fb4741fa001a7e8485692d660bb740

HTTP Headers

GET /css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 13:30:03 GMT
date: Thu, 18 Apr 2024 13:30:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Merienda:wght@400;700&display=swap

142.250.74.106

200 OK

2.4 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Merienda:wght@400;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (2424), with no line terminators
Size
2.4 kB (2370 bytes)
Hash
4c11106146294a0f2e0f9a7cd792e1d2
53f4815a87a769d098f64ad9dfafc157f7d572d1
66f67ff9a9b48f878ba4db2df85dcb68e5640e189ecc19cb7a4a8604b7412e94

HTTP Headers

GET /css2?family=Merienda:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 13:30:04 GMT
date: Thu, 18 Apr 2024 13:30:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap

142.250.74.106

200 OK

2.6 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (2605), with no line terminators
Size
2.6 kB (2551 bytes)
Hash
d7e91faccd8b5b75c6794babc60413e9
490a3fe1bc93ea7dd9cff81c80eca5ea6cad68b3
8d4ecadfe561b26cf0addd9f7e39055b19844488449e0091a936a77fdff727d9

HTTP Headers

GET /css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 13:30:03 GMT
date: Thu, 18 Apr 2024 13:30:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap

142.250.74.106

200 OK

11 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text
Size
11 kB (10980 bytes)
Hash
0f3106ce705bbf98161187fc94d15542
99688690db95c115bbc142ac516d7aa8d8bfade8
376aa716f5acbcefc1b0a7684a56f4d642f23bf6534917d787d163c2ad81ebb4

HTTP Headers

GET /css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 13:30:03 GMT
date: Thu, 18 Apr 2024 13:30:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

216.58.207.227

200 OK

8.0 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.onrunningitalia.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 00:30:18 GMT
expires: Wed, 16 Apr 2025 00:30:18 GMT
cache-control: public, max-age=31536000
age: 219587
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Glegoo:wght@400;700&display=swap

142.250.74.106

200 OK

2.3 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Glegoo:wght@400;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (2310), with no line terminators
Size
2.3 kB (2256 bytes)
Hash
5cf712cf2b0969e17db3030c359175fe
a6bd8bc94377508e45d8b0708c67057efd7ec40d
2590d0359a53a2ba40a5f4074121465e36893f365cf2a67f7c803249cbad479e

HTTP Headers

GET /css2?family=Glegoo:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 13:30:03 GMT
date: Thu, 18 Apr 2024 13:30:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

142.250.74.106

200 OK

7.6 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.onrunningitalia.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (7812), with no line terminators
Size
7.6 kB (7623 bytes)
Hash
ea047ba198aaa7637f27cf64c74fa8be
52329f1f70a60957c92db2a590bb97b25796dc19
11a942088d049579ba79db59d72e631d2e26f1fc2b12ee0dba2e2e3ff65d2477

HTTP Headers

GET /css2?family=Roboto+Condensed:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onrunningitalia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 13:30:04 GMT
date: Thu, 18 Apr 2024 13:30:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (55)

URL

IP

ASN

File type

Size

Hash

Detections