Report - itcgalilei.it/AR/22.zip

Report Overview

Submitted URL
itcgalilei.it/AR/22.zip
IP
104.248.126.219
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2022-09-09 09:08:52
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	104.18.32.68
www.offerteperte.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	38 kB	178.255.74.135
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	110 kB	142.250.74.10
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	1.7 kB	216.58.211.10
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	68 kB	142.250.74.163
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	47 kB	34.120.237.76
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
analytics.host4me.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	21 kB	142.93.105.130
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.43.61.95
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	407 B	3.5 kB	104.17.24.14
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
itcgalilei.it	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	342 B	637 B	104.248.126.219
www.itcgalilei.it	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.7 kB	105 kB	104.248.126.219
frmzn.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	543 B	978 B	178.255.74.101
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	6.2 kB	142.250.74.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-09	medium	itcgalilei.it/AR/22.zip	Malware
2022-09-09	medium	www.itcgalilei.it/AR/22.zip	Malware
2022-09-09	medium	www.itcgalilei.it/AR/22.zip	Malware
2022-09-09	medium	www.itcgalilei.it/js/blockscroll.js	Malware
2022-09-09	medium	www.itcgalilei.it/stili/salsiccia/js/smoothScroll.js	Malware
2022-09-09	medium	www.itcgalilei.it/js/cerca.js	Malware
2022-09-09	medium	www.itcgalilei.it/stili/salsiccia/js/nav.js	Malware
2022-09-09	medium	www.itcgalilei.it/stili/salsiccia/img/logo.svg	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files detected

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
1.1 kB (1080 bytes)
Hash
230199f3271ca232ce11c85432b2b031
b3fd7fee9ec72e4662ff194e5d9c28837f903601
0efa9fb3e8891a412f010422cc9d3db5e8127f51add000ba7c81920db2221f7a

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0

JavaScript (18)

	URL	Size	First Seen	Last Seen
	www.itcgalilei.it/js/blockscroll.js	537 B	2023-03-07	2023-03-07
Pretty URL www.itcgalilei.it/js/blockscroll.js IP 104.248.126.219 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:07 Last Seen2023-03-07 14:06:07 Times Seen1 Hash 42524d077921e72a7a814a76d4f5e176 6e4921ba8aa16efc0ae9e0108375b315e94ef94c 05b7d63479c944707100e414b67bd7394f5093b7f7555da2cbe5bdcb0355a58e Loading...

	www.itcgalilei.it/AR/22.zip	536 B	2023-03-07	2023-03-07
Pretty URL www.itcgalilei.it/AR/22.zip IP 104.248.126.219 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:07 Last Seen2023-03-07 14:06:07 Times Seen1 Hash c0fe806823c38e4d0241763b42a31292 869098ef1726e91145b5d03a2ffc38410ab2c2ce 5d38159559683b967a288c0e809c7a8e62f11e2128999cc31fb5a4a6c978b794 Loading...

	cdnjs.cloudflare.com/ajax/libs/pikaday/1.6.1/pikaday.min.js	16 kB	2023-03-07	2023-12-14
Pretty URL cdnjs.cloudflare.com/ajax/libs/pikaday/1.6.1/pikaday.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:07 Last Seen2023-12-14 15:26:12 Times Seen11 Hash 039feef26d52ebc5f1260a47208bfa38 054faeb5ae836bc8f670124bff3b7039232c481e 9f3bc6ce21bde3cc901cf585242ca70f502634f0706166369d56586830a9ab81 Loading...

	www.offerteperte.net/js/richiesta.js	7.1 kB	2023-03-07	2023-12-14
Pretty URL www.offerteperte.net/js/richiesta.js IP 178.255.74.135 ASN #20746 Telecom Italia Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:07 Last Seen2023-12-14 15:26:12 Times Seen9 Hash b070d3a8a38d606d8c4e5c53974e3f1e 9ed08565c8669c539bed39d5847c96a47810ffd6 c2fabaa0177fee68f191d7c5df162be0d3ae59367f70a75de08deaec2f4fc43c Loading...

	www.offerteperte.net/programma/diploma-cms-cta-cyan.htm?tl_track_code=cjdjlsb9zf34o8qm60nC70316217&dl_landing=https%3A%2F%2Fwww.itcgalilei.it%2FAR%2F22.zip&spostato	789 B	2023-03-07	2023-12-14
Pretty URL www.offerteperte.net/programma/diploma-cms-cta-cyan.htm?tl_track_code=cjdjlsb9zf34o8qm60nC70316217&dl_landing=https%3A%2F%2Fwww.itcgalilei.it%2FAR%2F22.zip&spostato IP 178.255.74.135 ASN #20746 Telecom Italia Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:07 Last Seen2023-12-14 15:26:12 Times Seen4 Hash a521115064f10d98260aab75b85cf07b dba246e78dfcfcad92cfa00a30184ad28bf02988 7b2ccdde2b92a5f6725c61a113db9dafc9b8d226be2f878eb2a1d0e9b0d4e9b3 Loading...

	www.itcgalilei.it/AR/22.zip	547 B	2023-03-07	2023-03-07
Pretty URL www.itcgalilei.it/AR/22.zip IP 104.248.126.219 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:07 Last Seen2023-03-07 14:06:07 Times Seen1 Hash 004b0fde22197e692b40c12dc0afe629 0cee78d6bc1e57acb073d4d560a7525d10584367 88c4b0916e8181d4d547f7ff253e415a266620bade99442a3ffc954c395dacd7 Loading...

	www.itcgalilei.it/AR/22.zip	777 B	2023-03-07	2023-03-07
Pretty URL www.itcgalilei.it/AR/22.zip IP 104.248.126.219 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:07 Last Seen2023-03-07 14:06:07 Times Seen1 Hash cc076a5c8fceafbf73bb2914e084aeb8 1c68d4d95923c7dc4bda588a37c74efc062d05a7 a61780e6ffcf4fe4bd963d026df595ee463b9c2c25f89d03e4c76c7e3999af6f Loading...

	www.itcgalilei.it/stili/salsiccia/js/nav.js	1.4 kB	2023-03-07	2023-03-07
Pretty URL www.itcgalilei.it/stili/salsiccia/js/nav.js IP 104.248.126.219 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:07 Last Seen2023-03-07 14:06:07 Times Seen1 Hash 40271e354ebeccbbb278058fb629a7f3 15dff4c06c97173d34777531f45e9b4f91c3fe9e a3f1a9b6156f947f99af669b993c7ae6da889b9b243455ad02cf737e290cc0aa Loading...

	analytics.host4me.top/matomo.js	64 kB	2023-03-07	2024-04-16
Pretty URL analytics.host4me.top/matomo.js IP 142.93.105.130 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:21 Last Seen2024-04-16 17:58:34 Times Seen260 Hash 6c8a6050183822af4752b2889d9afb30 ccb7393a57b419c52caa18e5a482c32f852a8ef3 5951438dd533bfc072aa250205ad3d618ac9add4b8f609a68d4608c7d3282434 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 07:35:47 Times Seen37086272 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	87 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 07:35:43 Times Seen106277 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	cdnjs.cloudflare.com/ajax/libs/smooth-scroll/15.2.1/smooth-scroll.polyfills.min.js	6.4 kB	2023-03-07	2023-12-28
Pretty URL cdnjs.cloudflare.com/ajax/libs/smooth-scroll/15.2.1/smooth-scroll.polyfills.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:07 Last Seen2023-12-28 08:26:37 Times Seen22 Hash 4218e1b719f341a7eba84a957019f9f1 b1a077377868c8f41e68a16a76ad8eed065f2c89 1512662ffdb56b269ac9f0abfade75b58bf197915fb00475e27d1ed8357f7174 Loading...

	www.itcgalilei.it/stili/salsiccia/js/smoothScroll.js	1.2 kB	2023-03-07	2023-12-02
Pretty URL www.itcgalilei.it/stili/salsiccia/js/smoothScroll.js IP 104.248.126.219 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:07 Last Seen2023-12-02 13:29:58 Times Seen5 Hash 001c17588c221b5f8764d6b4253a2715 ef846276edf361c110bb37a70984a92105d442d6 37e4c52218bbbce1dbde833c4eaf0d374aa6017c3ca741a572a768435c7b4592 Loading...

	www.offerteperte.net/programma/diploma-cms-cta-cyan.htm?tl_track_code=cjdjlsb9zf34o8qm60nC70316217&dl_landing=https%3A%2F%2Fwww.itcgalilei.it%2FAR%2F22.zip&spostato	789 B	2023-03-07	2023-12-14
Pretty URL www.offerteperte.net/programma/diploma-cms-cta-cyan.htm?tl_track_code=cjdjlsb9zf34o8qm60nC70316217&dl_landing=https%3A%2F%2Fwww.itcgalilei.it%2FAR%2F22.zip&spostato IP 178.255.74.135 ASN #20746 Telecom Italia Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:07 Last Seen2023-12-14 15:26:12 Times Seen4 Hash 9e5a53acd9f544ae3942535a34cb10fe bbf0528554006ac280a561192f2a09e0bca4b0b4 d675c1ddf50fc2bf44b68bad0b54f0a5e277b52d1c44f48ecbba07bd9590b8b5 Loading...

	www.itcgalilei.it/js/cerca.js	699 B	2023-03-07	2023-12-02
Pretty URL www.itcgalilei.it/js/cerca.js IP 104.248.126.219 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:07 Last Seen2023-12-02 13:29:58 Times Seen5 Hash ecd592bae5b2f5f43fef93f8cc29b4f9 431dba472ad2dcaee57bf7e2e4b328e81b024a00 67eb6c6a9661eb26ea2d36c82e2b8347d06813eb83755a4dde52746b897e8991 Loading...

	www.itcgalilei.it/AR/22.zip	494 B	2023-03-07	2023-03-07
Pretty URL www.itcgalilei.it/AR/22.zip IP 104.248.126.219 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:07 Last Seen2023-03-07 14:06:07 Times Seen1 Hash 271c1a310dd016144cb36461bb7a19f8 c11caa76a4f93f7dd95830f18506416926bc7bc0 84286a683e2966c2295196f0212199a586394308ecf65e8cf3b559a00037cdc9 Loading...

	cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.0/moment.min.js	52 kB	2023-03-07	2024-01-29
Pretty URL cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.0/moment.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:07 Last Seen2024-01-29 23:12:41 Times Seen27 Hash fb1d9a5b3984866233be3647c8a56d7b e4b00769826aa4e4810c57edd39ba38895cb5232 0c42c23a0a15b19aa34fbf250c2ef3717f98169f8f123875936de604ca03070a Loading...

	www.offerteperte.net/programma/diploma-cms-cta-cyan.htm?tl_track_code=cjdjlsb9zf34o8qm60nC70316217&dl_landing=https%3A%2F%2Fwww.itcgalilei.it%2FAR%2F22.zip&spostato	648 B	2023-03-07	2023-03-13
Pretty URL www.offerteperte.net/programma/diploma-cms-cta-cyan.htm?tl_track_code=cjdjlsb9zf34o8qm60nC70316217&dl_landing=https%3A%2F%2Fwww.itcgalilei.it%2FAR%2F22.zip&spostato IP 178.255.74.135 ASN #20746 Telecom Italia Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:07 Last Seen2023-03-13 20:38:54 Times Seen1 Hash 40cf49b614060f40a2e37f72893e2d9c cf5dc61d1e4db98e320ac48b450c6401f6511146 ee4f47e4a4b2198b56613ff45745921ed5e62d0cdda2942cd2fd8be3264561e5 Loading...

HTTP Transactions (56)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13249
Expires: Fri, 09 Sep 2022 12:49:30 GMT
Date: Fri, 09 Sep 2022 09:08:41 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 09:05:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Jk6iBwLMKZ4Cz91hkuOyh7VUUhYbt0YI9AraRjdGW6YXXncjBPIBvQ==
Age: 176

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0Na5Oaf3oVGjbEevpRiaZu7hVpgDQm4UzXOPhHa3EZS-Zisr7lMZ0A==
age: 19327
X-Firefox-Spdy: h2

itcgalilei.it/AR/22.zip

104.248.126.219

301 Moved Permanently

285 B

URL HTTP/1.1
itcgalilei.it/AR/22.zip
IP
104.248.126.219:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
285 B (285 bytes)
Hash
9069aad483f82e8eaef4c0339866c575
b7c5eca48df27d67fe37d1a5e65ec39b70d7a1bc
11809459ae285dd0afc8d37b742c51fcabb24d27dbbfb9d8cd2f43dd6542f25b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /AR/22.zip HTTP/1.1
Host: itcgalilei.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Sep 2022 09:08:48 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
Location: http://www.itcgalilei.it/AR/22.zip
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 285
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:08:41 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.itcgalilei.it/AR/22.zip

104.248.126.219

301 Moved Permanently

285 B

URL HTTP/1.1
www.itcgalilei.it/AR/22.zip
IP
104.248.126.219:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
285 B (285 bytes)
Hash
9b39d1eaff7132a2d78425f7270de5b2
9f66592325e376a234fd04675ebe5b661fd34b07
1415f56b3c593b768675e4f5119af72820ed4feb0f80916b5e7a030d74fbf60d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /AR/22.zip HTTP/1.1
Host: www.itcgalilei.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Sep 2022 09:08:49 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
Location: https://www.itcgalilei.it/AR/22.zip
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 285
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 09 Sep 2022 08:56:07 GMT
Expires: Fri, 09 Sep 2022 09:33:08 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: knf-x_F1i-rkfO93KadOXxPMQ65OOoMMa1vsYaViKBaU28eLxVU8vQ==
Age: 755

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
042105f89c8d64b470d84e052cd412d1
a26c7e2559b3760ea2765b16a3f8d1be27f5dcf4
fadb8cdd22f4d7773d5c20d576f6400ab25e20e1efe3e3fe50d2ae39ca6f2725

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4162
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 09:08:42 GMT
Last-Modified: Fri, 09 Sep 2022 07:59:20 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c0eac8df45899f505ef2a51604ef5963
6d409f71f508ba2ba82eb97268b33536fd0449d7
dc8f3017ab5d6e269fe07265523256d19d6cff252d27c944c96578f55a88b68d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC8F3017AB5D6E269FE07265523256D19D6CFF252D27C944C96578F55A88B68D"
Last-Modified: Wed, 07 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21580
Expires: Fri, 09 Sep 2022 15:08:22 GMT
Date: Fri, 09 Sep 2022 09:08:42 GMT
Connection: keep-alive

push.services.mozilla.com/

52.43.61.95

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.43.61.95:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6iNSRk7qxGBGqtHgw7wR8A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1+YOWEfJkCbIkA1MEt32Z0mNfD0=

www.itcgalilei.it/AR/22.zip

104.248.126.219

404 Not Found

3.5 kB

URL HTTP/1.0
www.itcgalilei.it/AR/22.zip
IP
104.248.126.219:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (530)
Size
3.5 kB (3483 bytes)
Hash
6c8ed89dcbd937e74f16f396f19bcdb9
375c340903055a08dbfa19add3e2f59afc54ad29
7124a2c67f4afde22332288450057b60e7ce476b3be4d986feabcf8159f32ec5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /AR/22.zip HTTP/1.1
Host: www.itcgalilei.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.0 404 Not Found
Date: Fri, 09 Sep 2022 09:08:50 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
X-Powered-By: PHP/5.4.13
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3483
Connection: close
Content-Type: text/html; charset=utf-8

cdnjs.cloudflare.com/ajax/libs/smooth-scroll/15.2.1/smooth-scroll.polyfills.min.js

104.17.24.14

200 OK

2.3 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/smooth-scroll/15.2.1/smooth-scroll.polyfills.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (6328)
Size
2.3 kB (2334 bytes)
Hash
90d1bafee3d16e1b2f6520e50dd91d34
a2ea857663c1c5063a04861d840a9257e71f7707
c4805eac74776060b273e3379799a84002d42cc29dc8957e5c61b78273cee9cc

HTTP Headers

GET /ajax/libs/smooth-scroll/15.2.1/smooth-scroll.polyfills.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itcgalilei.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Sep 2022 09:08:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 2334
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-192d"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 995926
expires: Wed, 30 Aug 2023 09:08:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXuTfa%2FoSVwVv0kk7HYPKPxc8ks%2FSeotMBaU%2F5mHJ4%2FhSBljJvgi4qfJFa0fD7JdLzzgMKGCjNxVGTTD4uX8E8DBox%2FyrZYyQlLmI7BzhRNrLDK460h2d8Qt7d%2FBRQZROkBeikp9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 747ec7e8afceb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0452e8f5d94ecef0089203ab9a7983b1
5829a26d9747d009161b3bdec2490479d1d9f7fe
a818a393c9dd1393e3eb2e1403ec41d55f3296cf853a40c586c07f195e2c7674

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 09:08:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Rubik:wght@400;700&display=swap

216.58.211.10

200 OK

977 B

URL HTTP/2
fonts.googleapis.com/css2?family=Rubik:wght@400;700&display=swap
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type
data
Size
977 B (977 bytes)
Hash
9284047b05b0bd0607c8961ab7e2617e
e90f07587d59e4bfea320f960f2920dead57e772
71903139a5d23c99fda2f7910ce1fe72ac8fb47c080917b00dbef7f3171ab6db

HTTP Headers

GET /css2?family=Rubik:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itcgalilei.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Sep 2022 09:08:43 GMT
date: Fri, 09 Sep 2022 09:08:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.itcgalilei.it/stili/locali/stile-pannello.css

104.248.126.219

200 OK

335 B

URL HTTP/1.1
www.itcgalilei.it/stili/locali/stile-pannello.css
IP
104.248.126.219:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
335 B (335 bytes)
Hash
4901f2628cd9a0e9e982b5b785425222
04b5daaefd22f51d47715ca6c38942a80f140bdb
4207f115696879ff45a7c2a53824a711591e4d622a7b097ef03dc14063072d2e

HTTP Headers

GET /stili/locali/stile-pannello.css HTTP/1.1
Host: www.itcgalilei.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itcgalilei.it/AR/22.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 09:08:50 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
Last-Modified: Fri, 26 Mar 2021 11:44:10 GMT
ETag: "4be18b7-2ee-5be6f0cdcd680"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 335
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: text/css

www.itcgalilei.it/stili/salsiccia/css/themes/yellow.css

104.248.126.219

200 OK

6.1 kB

URL HTTP/1.1
www.itcgalilei.it/stili/salsiccia/css/themes/yellow.css
IP
104.248.126.219:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (37910)
Size
6.1 kB (6149 bytes)
Hash
e9c801416a3aec5d6d6377e279446b01
ecf2c5e400b3a4c0b8398aebb72aaaaa56b7c286
f7093ed74c1a984a203054ad4ad6db872c70dd910a40f96315a740e10e481e66

HTTP Headers

GET /stili/salsiccia/css/themes/yellow.css HTTP/1.1
Host: www.itcgalilei.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itcgalilei.it/AR/22.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 09:08:50 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
Last-Modified: Fri, 01 Jul 2022 08:23:21 GMT
ETag: "4c00336-9417-5e2ba19622490"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6149
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: text/css

www.itcgalilei.it/stili/salsiccia/css/fascione/themes/yellow.css

104.248.126.219

200 OK

176 B

URL HTTP/1.1
www.itcgalilei.it/stili/salsiccia/css/fascione/themes/yellow.css
IP
104.248.126.219:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (377)
Size
176 B (176 bytes)
Hash
a5da4af3c5405fc579b1479658245fd5
bc283225b8df8097599d0dd37c712e7f755bcb07
25ce56f6dffe5525852a99aee064387f452525cf9aaa696817fa17bcf5dca5d5

HTTP Headers

GET /stili/salsiccia/css/fascione/themes/yellow.css HTTP/1.1
Host: www.itcgalilei.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itcgalilei.it/AR/22.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 09:08:50 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
Last-Modified: Fri, 26 Mar 2021 11:44:36 GMT
ETag: "4c0032b-17a-5be6f0e699100"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 176
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: text/css

www.itcgalilei.it/js/blockscroll.js

104.248.126.219

200 OK

218 B

URL HTTP/1.1
www.itcgalilei.it/js/blockscroll.js
IP
104.248.126.219:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
218 B (218 bytes)
Hash
953548c552d34bfadce505cfc43cb96c
cf46a2c7aef768f2697f68b263216528b1d94674
b264f22a76a50dd1559220e359ba00a94416a03b8db75e8a2f26f43ce7b7236a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/blockscroll.js HTTP/1.1
Host: www.itcgalilei.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itcgalilei.it/AR/22.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 09:08:50 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
Last-Modified: Fri, 26 Mar 2021 11:43:41 GMT
ETag: "4be11d4-219-5be6f0b225540"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 218
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: application/javascript

www.itcgalilei.it/stili/salsiccia/css/fascione/creativita/scuole-serali/scuole-serali.css

104.248.126.219

200 OK

1.6 kB

URL HTTP/1.1
www.itcgalilei.it/stili/salsiccia/css/fascione/creativita/scuole-serali/scuole-serali.css
IP
104.248.126.219:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (9430)
Size
1.6 kB (1628 bytes)
Hash
8e5428b0cd6f81f8061eb8cce8453123
98a878eb76db583c76ef65489b66a0f8435b4d0d
c086f422f108c79e4b54f6c2fe9c233db2af09b26cde05d35ea57e88eeccef9a

HTTP Headers

GET /stili/salsiccia/css/fascione/creativita/scuole-serali/scuole-serali.css HTTP/1.1
Host: www.itcgalilei.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itcgalilei.it/AR/22.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 09:08:50 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
Last-Modified: Fri, 26 Mar 2021 11:44:36 GMT
ETag: "4c0031a-24d7-5be6f0e699100"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1628
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: text/css

www.itcgalilei.it/stili/salsiccia/css/fascione/creativita/scuole-serali/modal-form.css

104.248.126.219

200 OK

1.1 kB

URL HTTP/1.1
www.itcgalilei.it/stili/salsiccia/css/fascione/creativita/scuole-serali/modal-form.css
IP
104.248.126.219:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (5251)
Size
1.1 kB (1145 bytes)
Hash
b7ae957d2aa494be5bd5b05d43f0318c
5760da2a61a951f44c624ca83aba0240ada6056d
218a7ce42d187cf190ee95fa0cbea129d167bfd3373a865a0aca5478c35b5e36

HTTP Headers

GET /stili/salsiccia/css/fascione/creativita/scuole-serali/modal-form.css HTTP/1.1
Host: www.itcgalilei.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itcgalilei.it/AR/22.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 09:08:50 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
Last-Modified: Fri, 26 Mar 2021 11:44:36 GMT
ETag: "4c00318-1484-5be6f0e699100"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1145
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 09:08:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 09:08:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2

142.250.74.163

200 OK

34 kB

URL HTTP/2
fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Size
34 kB (33580 bytes)
Hash
848cd2ecd011428969dc6b90431bc482
6b1a7b562a56bd54510e0f6f95e26babca331a1b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9

HTTP Headers

GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.itcgalilei.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 21:08:19 GMT
expires: Tue, 05 Sep 2023 21:08:19 GMT
cache-control: public, max-age=31536000
age: 302424
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 09:08:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.itcgalilei.it/stili/salsiccia/js/smoothScroll.js

104.248.126.219

200 OK

423 B

URL HTTP/1.1
www.itcgalilei.it/stili/salsiccia/js/smoothScroll.js
IP
104.248.126.219:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
423 B (423 bytes)
Hash
6e71db2264858119b2b93683259e5071
0883d0a180e07d9cd7552e7d6159e592512d4019
ac13a5ecff8aa829db7bd8224b00f92e381207849f76a979594521621bb8ff95

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /stili/salsiccia/js/smoothScroll.js HTTP/1.1
Host: www.itcgalilei.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itcgalilei.it/AR/22.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 09:08:50 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
Last-Modified: Fri, 26 Mar 2021 11:44:39 GMT
ETag: "4c003e8-4b5-5be6f0e9757c0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 423
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: application/javascript

www.itcgalilei.it/js/cerca.js

104.248.126.219

200 OK

197 B

URL HTTP/1.1
www.itcgalilei.it/js/cerca.js
IP
104.248.126.219:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
197 B (197 bytes)
Hash
cec3239537aa0deacdcccade5ab102ce
1b620f08132fb5670744ffb8cd1eee2c38ac088d
77f16ec539501647ab542522d14cf598fcce6d9e379fb5a7c2093e8dfb457093

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/cerca.js HTTP/1.1
Host: www.itcgalilei.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itcgalilei.it/AR/22.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 09:08:50 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
Last-Modified: Fri, 26 Mar 2021 11:43:41 GMT
ETag: "4be11d5-2bb-5be6f0b225540"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 197
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: application/javascript

www.itcgalilei.it/stili/salsiccia/js/nav.js

104.248.126.219

200 OK

388 B

URL HTTP/1.1
www.itcgalilei.it/stili/salsiccia/js/nav.js
IP
104.248.126.219:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
388 B (388 bytes)
Hash
c8dc08d6101cc97e390ec1464e393e5b
8663339376e9a7701690c3f748c081d49e1669c4
f19fdeec59475b2848a470c82e3e1264abbe6403079e2d78e09e69a26d4117a8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /stili/salsiccia/js/nav.js HTTP/1.1
Host: www.itcgalilei.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itcgalilei.it/AR/22.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 09:08:50 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
Last-Modified: Fri, 26 Mar 2021 11:44:39 GMT
ETag: "4c003e7-581-5be6f0e9757c0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 388
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: application/javascript

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16010
Expires: Fri, 09 Sep 2022 13:35:33 GMT
Date: Fri, 09 Sep 2022 09:08:43 GMT
Connection: keep-alive

www.itcgalilei.it/stili/salsiccia/img/logo.svg

104.248.126.219

200 OK

6.6 kB

URL HTTP/1.1
www.itcgalilei.it/stili/salsiccia/img/logo.svg
IP
104.248.126.219:0
ASN
#14061 DIGITALOCEAN-ASN

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (6623), with no line terminators
Size
6.6 kB (6623 bytes)
Hash
0eb609536d3df99162125c43dce36ab4
65f86fde29336bb735009eb780f982b60dca11bb
e6114b73c3df4fed3204a3038cdcb198063ca60e5cfbdccac555fd0a2038394e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /stili/salsiccia/img/logo.svg HTTP/1.1
Host: www.itcgalilei.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itcgalilei.it/AR/22.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 09:08:50 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
Last-Modified: Mon, 25 May 2020 15:15:52 GMT
ETag: "4c003e0-19df-5a67a745c9a00"
Accept-Ranges: bytes
Content-Length: 6623
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: image/svg+xml

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16010
Expires: Fri, 09 Sep 2022 13:35:33 GMT
Date: Fri, 09 Sep 2022 09:08:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16010
Expires: Fri, 09 Sep 2022 13:35:33 GMT
Date: Fri, 09 Sep 2022 09:08:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16010
Expires: Fri, 09 Sep 2022 13:35:33 GMT
Date: Fri, 09 Sep 2022 09:08:43 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg

34.120.237.76

200 OK

3.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.1 kB (3125 bytes)
Hash
0078c7a407144a1ede33aef6f734eecf
113393e0dbabb3aff949d19ab6517ba1082b622d
42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:20 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
content-type: image/jpeg
age: 16583
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4532 bytes)
Hash
a5fdeb374d4e3669ce5d9ff2cd22cd19
70ede5692526afd351d134a391383461dafdc64f
10c5d8e41aae1a36525a45375966b5067333f0c7edc176a540fd6527ebe1ad8c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4532
x-amzn-requestid: e5694699-7f38-4542-8808-54bda7ee7d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMmGGUmIAMF2cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198e26-1aa6788e24fcfdf0008bee21;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:39:34 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zdVUahmbPQ7sQMlg14M89JOwjN2PEM03GNLYEwxPjcaioRpyqb8isA==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:26:32 GMT
age: 38531
etag: "70ede5692526afd351d134a391383461dafdc64f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10950 bytes)
Hash
15249f3dafdd1690bc87ebb4fa6d518d
f930fcb22325e28592bc39b0b1974f5197c19afd
a0b9e88c78e85a037363e0b0e4e03478718f8715fe69e72bfd159922eca28301

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10950
x-amzn-requestid: 435fc2f4-fbcb-4eec-81d8-a23154dcec61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YFUwZEfvIAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63186802-2348a4000430702d4e9ea132;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 09:44:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ORlM8dFTc_iThvJghFakY86D3ToJ5TCmP8Ip2PcvXCCkSKKHpWQ0Zw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:04:02 GMT
age: 39881
etag: "f930fcb22325e28592bc39b0b1974f5197c19afd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8354 bytes)
Hash
7afe346e3b24ea4388913b449d1ffc42
f5348ba99fb8966dded580409108316f4e4e1237
1d1cafc3e99c20b23212679838567d4d5fc98c45cf902188e44b25ff2982c8ad

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 55971de2-bf63-4300-9007-1bc234962d0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKRKXFGTIAMFp3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6242-23914ec672a0a898498bbed6;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:44:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: lxqcvxSdM4FBQBZTNnhCrpl02fsnInyii7Yaw7fs4STzEd2fZIuuXA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:36 GMT
etag: "f5348ba99fb8966dded580409108316f4e4e1237"
content-type: image/jpeg
age: 40987
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f31e9e-7d20-466c-a9b3-ce9e9c5475e8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9011 bytes)
Hash
ba8d1b764c2d18807caecb5ee1e046c0
c0e3d10ce67f77a92b54954410e30621af7ee87c
f558c4827c2edf896588b6e3f0b4f295269e95f86143b40729a7a2a5e1adbbb6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f31e9e-7d20-466c-a9b3-ce9e9c5475e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9011
x-amzn-requestid: cf861da4-5f3b-43b8-931a-5285839c6301
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQgHFbOoAMFYVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6133-4cf2e37f5e762a557b081446;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:40:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: wqcl8zkszPZhWjJ7mr_p82IRaNzU2vMV3wtipUYgRaL7Vj3ntmYYqQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:47:07 GMT
age: 40896
etag: "c0e3d10ce67f77a92b54954410e30621af7ee87c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F134e6c5d-5cc9-4c6a-9a5c-5703f2809918.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4776 bytes)
Hash
ee9340025af774eed83fa3ae0ebb4b65
b868b62d5f2bc802c565d35ea59e200aaf6ab986
729127258be88fe97e4c777b08ba709900028c41a052b6868cab515e545e8c56

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F134e6c5d-5cc9-4c6a-9a5c-5703f2809918.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4776
x-amzn-requestid: 49312697-395a-4058-8899-0203e69bf26b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDU5jHA_IAMFhkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63179b70-7b17771e456072e87327ff23;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 19:11:44 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -cYK4EezC3z14SwCy_1oIM5MuqfBtoiQAErl-h4t7sT1vajRvoBX1A==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:06:24 GMT
age: 39739
etag: "b868b62d5f2bc802c565d35ea59e200aaf6ab986"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dccd7dd0a83d9a5a9e1e30fdc43d53f9
f79c8773754939a14690b0cf3cacbff42d3d4850
3649a92d59e7c830fe8206e396794febab801c51e9f6e2ddecc05fced751fce8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3649A92D59E7C830FE8206E396794FEBAB801C51E9F6E2DDECC05FCED751FCE8"
Last-Modified: Thu, 08 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21515
Expires: Fri, 09 Sep 2022 15:07:18 GMT
Date: Fri, 09 Sep 2022 09:08:43 GMT
Connection: keep-alive

analytics.host4me.top/matomo.js

142.93.105.130

200 OK

21 kB

URL HTTP/2
analytics.host4me.top/matomo.js
IP
142.93.105.130:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (1601)
Size
21 kB (20899 bytes)
Hash
f684b3a9b78a713785623dbb7f7119a3
d3db28bffd74219b5b9fa073a067cb34d187f640
35cc9daafcb854764e0558587960061d49d084bc7f6b24738e4b0ab6926ef9c9

HTTP Headers

GET /matomo.js HTTP/1.1
Host: analytics.host4me.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itcgalilei.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:08:43 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 08 Jul 2022 12:04:49 GMT
vary: Accept-Encoding
etag: W/"62c81d61-faed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

frmzn.net/v2/click/cjdjlsb9zf34o8qm60n?dl_landing=https%3A%2F%2Fwww.itcgalilei.it%2FAR%2F22.zip&spostato=

178.255.74.101

200 OK

20 B

URL HTTP/1.1
frmzn.net/v2/click/cjdjlsb9zf34o8qm60n?dl_landing=https%3A%2F%2Fwww.itcgalilei.it%2FAR%2F22.zip&spostato=
IP
178.255.74.101:0
ASN
#20746 Telecom Italia

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /v2/click/cjdjlsb9zf34o8qm60n?dl_landing=https%3A%2F%2Fwww.itcgalilei.it%2FAR%2F22.zip&spostato= HTTP/1.1
Host: frmzn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itcgalilei.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 09:08:49 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
X-Powered-By: PHP/5.4.13
Set-Cookie: tr[cjdjlsb9zf34o8qm60n]=1; expires=Fri, 09-Sep-2022 10:08:49 GMT; path=/; samesite=None; secure
track[5402]=cjdjlsb9zf34o8qm60nC70316217; expires=Sat, 10-Sep-2022 09:08:49 GMT; path=/; samesite=None; secure
track[0]=cjdjlsb9zf34o8qm60nC70316217; expires=Sat, 10-Sep-2022 09:08:49 GMT; path=/; samesite=None; secure
P3P: policyref="https://frmzn.net/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa OUR NOR UNI COM NAV INT";
Refresh: 0; URL=https://www.offerteperte.net/programma/diploma-cms-cta-cyan.htm?tl_track_code=cjdjlsb9zf34o8qm60nC70316217&dl_landing=https%3A%2F%2Fwww.itcgalilei.it%2FAR%2F22.zip&spostato
Content-Encoding: gzip
Vary: Accept-Encoding
X-Robots-Tag: noindex
Content-Length: 20
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

www.itcgalilei.it/favicon.ico

104.248.126.219

404 Not Found

3.5 kB

URL HTTP/1.0
www.itcgalilei.it/favicon.ico
IP
104.248.126.219:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (530)
Size
3.5 kB (3477 bytes)
Hash
b2f1acaeab688bb5084686a31c36359f
07375a1f7de57363eb6e30489ecd0cc37eca9875
03a581d4ae3809a9f81727ee46dab5480861714df23c1ad08445422601e68a33

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.itcgalilei.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itcgalilei.it/AR/22.zip
Cookie: _pk_id.1701.836a=9892c1e1abb5ae75.1662714515.; _pk_ses.1701.836a=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.0 404 Not Found
Date: Fri, 09 Sep 2022 09:08:51 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
X-Powered-By: PHP/5.4.13
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3477
Connection: close
Content-Type: text/html; charset=utf-8

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
31a433c25b18a20a9055fe7410dcbfb5
e1aa0d86317d3caa2c84f08b0e47f7b31c9e5469
97ace07dcd0cb3d15c445172c40f165176ab413f3a85b41b1d9d512b3aa7b61e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 09:08:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 00:06:14 GMT
Expires: Tue, 13 Sep 2022 00:06:13 GMT
Etag: "e1aa0d86317d3caa2c84f08b0e47f7b31c9e5469"
Cache-Control: max-age=312448,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 747ec7f0be92b50c-OSL

www.offerteperte.net/programma/diploma-cms-cta-cyan.htm?tl_track_code=cjdjlsb9zf34o8qm60nC70316217&dl_landing=https%3A%2F%2Fwww.itcgalilei.it%2FAR%2F22.zip&spostato

178.255.74.135

200 OK

27 kB

URL HTTP/1.1
www.offerteperte.net/programma/diploma-cms-cta-cyan.htm?tl_track_code=cjdjlsb9zf34o8qm60nC70316217&dl_landing=https%3A%2F%2Fwww.itcgalilei.it%2FAR%2F22.zip&spostato
IP
178.255.74.135:0
ASN
#20746 Telecom Italia

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
27 kB (26726 bytes)
Hash
45e5593e9d93cc6d4f51bab1b35f711e
92d7a32e5d83a96c9ca1321715c0a9573ed2c49a
93563b648b7d7fd7eca8daadad1e0d76da47e1283dbe022aaeabe27d7adce107

HTTP Headers

GET /programma/diploma-cms-cta-cyan.htm?tl_track_code=cjdjlsb9zf34o8qm60nC70316217&dl_landing=https%3A%2F%2Fwww.itcgalilei.it%2FAR%2F22.zip&spostato HTTP/1.1
Host: www.offerteperte.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 09:08:50 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
X-Powered-By: PHP/5.4.13
Set-Cookie: PHPSESSID=83s541slf7e9nj1dcjgodspcm7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=2
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

www.offerteperte.net/stili/form-no-bootstrap/css/style-iframe.css

178.255.74.135

200 OK

2.5 kB

URL HTTP/1.1
www.offerteperte.net/stili/form-no-bootstrap/css/style-iframe.css
IP
178.255.74.135:0
ASN
#20746 Telecom Italia

File type
ASCII text, with very long lines (2467)
Size
2.5 kB (2468 bytes)
Hash
db8347984e0fd6ce835a7d065f4dd45d
49370b9df0f027c71c9c92207515deb55247be13
6626006dd12d013b8f7d47006e12e73aff43104295042fe694a50f369c174493

HTTP Headers

GET /stili/form-no-bootstrap/css/style-iframe.css HTTP/1.1
Host: www.offerteperte.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.offerteperte.net/programma/diploma-cms-cta-cyan.htm?tl_track_code=cjdjlsb9zf34o8qm60nC70316217&dl_landing=https%3A%2F%2Fwww.itcgalilei.it%2FAR%2F22.zip&spostato
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 09:08:50 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
Last-Modified: Tue, 27 Apr 2021 08:05:45 GMT
ETag: "bd41a55-9a4-5c0efbaaa6840"
Accept-Ranges: bytes
Content-Length: 2468
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 09:08:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

1.1 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
1.1 kB (1080 bytes)
Hash
230199f3271ca232ce11c85432b2b031
b3fd7fee9ec72e4662ff194e5d9c28837f903601
0efa9fb3e8891a412f010422cc9d3db5e8127f51add000ba7c81920db2221f7a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 09:08:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css

142.250.74.10

200 OK

8.4 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2363)
Size
8.4 kB (8422 bytes)
Hash
2a62e39574e3f140d120ca586599550b
d87ef8f44bb7aab2c0558b3d48bf40c279b7ea53
023d5699a1e2cddeeee77f5536805f260577c74acafd9a29510f3ccfdfaf42c7

HTTP Headers

GET /ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.offerteperte.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 8422
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 03:15:36 GMT
expires: Sat, 09 Sep 2023 03:15:36 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 21188
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 09:08:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

142.250.74.10

200 OK

68 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32073)
Size
68 kB (67948 bytes)
Hash
33411bb179575dfc40cc62c61899664f
d03c06d5893d632e1a7f826a6ffd9768ba885e11
274befc7b39609fed270e69335bc92b3d8251545594636eb408d5d93e0ae1a4f

HTTP Headers

GET /ajax/libs/jqueryui/1.12.1/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.offerteperte.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 67948
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 06:31:31 GMT
expires: Thu, 07 Sep 2023 06:31:31 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 182233
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.10

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.offerteperte.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 10:07:37 GMT
expires: Thu, 07 Sep 2023 10:07:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 169267
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 09:08:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.offerteperte.net/js/richiesta.js

178.255.74.135

200 OK

7.1 kB

URL HTTP/1.1
www.offerteperte.net/js/richiesta.js
IP
178.255.74.135:0
ASN
#20746 Telecom Italia

File type
Unicode text, UTF-8 text
Size
7.1 kB (7122 bytes)
Hash
b070d3a8a38d606d8c4e5c53974e3f1e
9ed08565c8669c539bed39d5847c96a47810ffd6
c2fabaa0177fee68f191d7c5df162be0d3ae59367f70a75de08deaec2f4fc43c

HTTP Headers

GET /js/richiesta.js HTTP/1.1
Host: www.offerteperte.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.offerteperte.net/programma/diploma-cms-cta-cyan.htm?tl_track_code=cjdjlsb9zf34o8qm60nC70316217&dl_landing=https%3A%2F%2Fwww.itcgalilei.it%2FAR%2F22.zip&spostato
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 09:08:51 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
Last-Modified: Wed, 12 May 2021 09:02:13 GMT
ETag: "a2a0de9-1bd2-5c21e4439cf40"
Accept-Ranges: bytes
Content-Length: 7122
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: application/javascript

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.offerteperte.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 135276
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.offerteperte.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 135276
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.itcgalilei.it/stili/salsiccia/img/fascione/scuole-serali-4/b4.jpg

104.248.126.219

200 OK

75 kB

URL HTTP/1.1
www.itcgalilei.it/stili/salsiccia/img/fascione/scuole-serali-4/b4.jpg
IP
104.248.126.219:0
ASN
#14061 DIGITALOCEAN-ASN

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 440x168, components 3\012- data
Size
75 kB (75219 bytes)
Hash
c44a4cd4e9ab9820757fce0ef1559110
de9dbd212fe3ca380118831d6dde434251f0f9c5
f8b8f57b36032f5479f6b6aa0cf5f3e035bd18685f6298d3ff8eab4fa7cce487

HTTP Headers

GET /stili/salsiccia/img/fascione/scuole-serali-4/b4.jpg HTTP/1.1
Host: www.itcgalilei.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itcgalilei.it/AR/22.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 09:08:50 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.2u DAV/2 PHP/5.4.13
Last-Modified: Fri, 26 Mar 2021 11:44:39 GMT
ETag: "4c003c9-125d3-5be6f0e9757c0"
Accept-Ranges: bytes
Content-Length: 75219
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: image/jpeg

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML