Report - ciampinobus.com/

Report Overview

Submitted URL
ciampinobus.com/
IP
185.136.89.218
ASN
#12338 Euskaltel S.A.
Submitted
2023-03-17 04:17:25
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
36

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-26T05:35:01Z	768 B	114 kB	142.250.74.168
www.ciampinobus.com	unknown	2022-06-27T02:28:50Z	2023-03-17T05:17:16Z	2.8 kB	2.5 kB	185.136.89.218
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-26T06:13:06Z	372 B	21 kB	142.250.74.110
ciampinobus.com	unknown	2020-07-13T17:42:01Z	2023-03-18T05:17:28Z	34 kB	1.8 MB	185.136.89.218
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-25T18:14:26Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413 B	5.9 kB	34.160.144.191
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-26T05:09:44Z	382 B	4.1 kB	104.17.24.14
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-26T05:10:41Z	3.1 kB	6.3 kB	142.250.74.131
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333 B	391 B	34.117.237.239
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-25T18:16:23Z	423 B	3.3 kB	151.101.129.229
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606 B	127 B	35.162.79.115
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-26T06:22:54Z	1.2 kB	3.8 kB	142.250.74.106
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T18:12:03Z	2.4 kB	6.2 kB	23.36.76.226
wsp28.hotjar.com	unknown	2023-03-04T00:58:11Z	2023-03-25T20:30:43Z	561 B	250 B	34.247.149.123
static.hotjar.com	641	2014-11-01T06:14:27Z	2023-03-26T05:09:01Z	377 B	624 B	54.230.111.113
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-25T22:19:37Z	509 B	129 kB	216.58.207.227
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	3.2 kB	52 kB	34.120.237.76
script.hotjar.com	887	2020-11-05T17:23:46Z	2023-03-26T05:09:02Z	384 B	69 kB	54.230.111.73
ocsp.e2m02.amazontrust.com	unknown	2022-12-07T11:11:00Z	2023-03-25T05:09:24Z	700 B	1.6 kB	54.230.80.227
in.hotjar.com	1746	2018-10-22T19:15:59Z	2023-03-25T05:09:24Z	484 B	438 B	52.50.121.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-17	medium	ciampinobus.com/	Phishing
2023-03-17	medium	www.ciampinobus.com/img/es.svg	Phishing
2023-03-17	medium	www.ciampinobus.com/img/gb.svg	Phishing
2023-03-17	medium	www.ciampinobus.com/img/fr.svg	Phishing
2023-03-17	medium	www.ciampinobus.com/img/it.svg	Phishing
2023-03-17	medium	www.ciampinobus.com/img/pt.svg	Phishing
2023-03-17	medium	www.ciampinobus.com/img/pl.svg	Phishing
2023-03-17	medium	ciampinobus.com/js/vendors~components-Util-Flag~components-Widgets-LanguagePicker.7256e3ed81b9261a3dc2.js	Phishing
2023-03-17	medium	ciampinobus.com/js/app.js	Phishing
2023-03-17	medium	ciampinobus.com/js/components-JourneySelector.ef258e0744cfa3a99f29.js	Phishing
2023-03-17	medium	ciampinobus.com/img/gb.svg	Phishing
2023-03-17	medium	ciampinobus.com/img/it.svg	Phishing
2023-03-17	medium	ciampinobus.com/img/fr.svg	Phishing
2023-03-17	medium	ciampinobus.com/img/pt.svg	Phishing
2023-03-17	medium	ciampinobus.com/img/pl.svg	Phishing
2023-03-17	medium	ciampinobus.com/	Phishing
2023-03-17	medium	ciampinobus.com/img/es.svg	Phishing
2023-03-17	medium	ciampinobus.com/js/components-DIalogs-CovidDialog.dc8dc208881ad27eeae6.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.js	15 kB	2023-03-07	2024-04-02
Pretty URL cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:05 Last Seen2024-04-02 10:02:58 Times Seen492 Hash c27796136c1e46aa9b34e4176ed84faa 7f239033b0794ff1f13bbe80a91f4a5d89e200cb dfdf43351c9f229588cb5655d0a984208b88439b011dd2eef4c06d547acdb6df Loading...

	ciampinobus.com/	209 B	2023-03-07	2024-01-07
Pretty URL ciampinobus.com/ IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:13 Last Seen2024-01-07 01:37:53 Times Seen10 Hash e0913882578c06552a476e6f3fc40f09 688ab7f7790cbfe4e53961873c1884af33217961 1a7ff9d877694dd45a8bdf5080c7b3eb70ed61d37c696254a8e4663b67a2840a Loading...

	ciampinobus.com/js/components-JourneySelector.ef258e0744cfa3a99f29.js	15 kB	2023-03-07	2024-01-07
Pretty URL ciampinobus.com/js/components-JourneySelector.ef258e0744cfa3a99f29.js IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:13 Last Seen2024-01-07 01:37:53 Times Seen12 Hash 93f39f8f6db9fbb4271be0121bbdec2d d12e72fc9e380466a819c8efddbae97731454a11 d24b80c472cb52f897e86dc4d7729cc4e3a44f8e7dd7c62b362cc483485c4844 Loading...

	ciampinobus.com/js/components-Pages-Home.e31345b47e9a1919098d.js	18 kB	2023-03-07	2024-01-07
Pretty URL ciampinobus.com/js/components-Pages-Home.e31345b47e9a1919098d.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:13 Last Seen2024-01-07 01:37:54 Times Seen11 Hash 97238c4a3486d27c40fa99dcadcf3eb4 daf8bc930b479d9461cd44f32179285d073ba2c9 20de5b3b649cc4433c1c79f1b575158f83dfdd13d461000b93a07f52053ada34 Loading...

	ciampinobus.com/js/components-DIalogs-CovidDialog.dc8dc208881ad27eeae6.js	2.0 kB	2023-03-07	2024-01-07
Pretty URL ciampinobus.com/js/components-DIalogs-CovidDialog.dc8dc208881ad27eeae6.js IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:13 Last Seen2024-01-07 01:37:53 Times Seen11 Hash 59bef4fdab1f9659c023d2c0cea72bc0 a5d9fc0c7df86d74b62314b0bd0fd7130da28491 497c2d4bdc2e56106d000fdc95e3526d3f04cf2ba1742981e48816732578b3b7 Loading...

	cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?tracking=1&thirdparty=1&always=1	7.3 kB	2023-03-12	2023-07-14
Pretty URL cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?tracking=1&thirdparty=1&always=1 IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:37:18 Last Seen2023-07-14 15:10:45 Times Seen39 Hash 00dbe14b4e87593bc19e55843412ce0d 98ad5e5a485396eea615318dbb266bd51e7b7a0a bdbda0240aaadca3afbd4612f55738c91a04818c648e3417cad80c7163973a7c Loading...

	ciampinobus.com/	426 B	2023-03-07	2024-01-07
Pretty URL ciampinobus.com/ IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:13 Last Seen2024-01-07 01:37:54 Times Seen8 Hash c35600d1bb67a28018b98fc960431268 5081b48f93fec20b5c737b203f2c37877e389a92 73a29de7a57b085cd3bf5e45a87372cc3b39e6a02e6b72ddf011e84bd24c24ec Loading...

	ciampinobus.com/	175 kB	2023-03-07	2024-01-07
Pretty URL ciampinobus.com/ IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:13 Last Seen2024-01-07 01:37:54 Times Seen8 Hash acd11602969f29c0b4eee935af3634b0 0f3abb67f886a13eeda8ccb7cefc3ae0d6389145 c4379edfdcffb755a8f3e91ba2fceabaecf43857e5379e87e54ba7ee0fc3f534 Loading...

	ciampinobus.com/js/app.js	681 kB	2023-03-07	2024-01-07
Pretty URL ciampinobus.com/js/app.js IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:13 Last Seen2024-01-07 01:37:54 Times Seen10 Hash 89a42de6584144c733153fe9c00de950 46cfe8ddedca493d335ad74966c315f00b3409bb ff9de50a6742da4f0df4f05343860f247f3ba07f0f534490d18fdfc7b274ce5a Loading...

	ciampinobus.com/	23 B	2023-03-07	2024-02-05
Pretty URL ciampinobus.com/ IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:04 Last Seen2024-02-05 02:51:25 Times Seen70 Hash adf403a4228a8407a94b6ac8c0b57b04 feabe0997a64d7e4938da4a07fbb2bfe82f5ca91 34d24afc8783f61e232e360be2ecda77142049d7f41ecd46ee6701fc261c3606 Loading...

	static.hotjar.com/c/hotjar-1963488.js?sv=6	8.6 kB	2023-03-26	2023-03-26
Pretty URL static.hotjar.com/c/hotjar-1963488.js?sv=6 IP 54.230.111.113 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:56:45 Last Seen2023-03-26 07:56:45 Times Seen1 Hash bfae0e8a2898e51d946f1fa0078c3ce8 b98aed43549d7ce184c67c24dc1cf7534581abf4 0f7a549d8ee10832ff3c815d6265b1204b47207d1291ade0350f5c3b9ff43b96 Loading...

	www.googletagmanager.com/gtag/js?id=UA-101106124-2	115 kB	2023-03-26	2023-03-26
Pretty URL www.googletagmanager.com/gtag/js?id=UA-101106124-2 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:56:45 Last Seen2023-03-26 07:56:45 Times Seen1 Hash 3cd6856e716874c33c975edc32bcd443 d8f599ef1fa89acd525e173c493f754834eb8fab 9509d3850f9f3b568ef8db3dab5de5bcd347ff1d8f4905500fcf39e2c7f3e226 Loading...

	www.googletagmanager.com/gtag/js?id=AW-879903643	189 kB	2023-03-26	2023-03-26
Pretty URL www.googletagmanager.com/gtag/js?id=AW-879903643 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:56:45 Last Seen2023-03-26 07:56:45 Times Seen1 Hash a639387055d46a15f7d836ecaf35fe79 ab0de38cae36a075f90791f5c381f1fb0a4cc5b6 99f6b4754196613e18c41f553d897d4785c1276033b404f1911697c5b2ee738e Loading...

	ciampinobus.com/	23 B	2023-03-07	2024-04-19
Pretty URL ciampinobus.com/ IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:37:53 Last Seen2024-04-19 15:17:36 Times Seen194 Hash ff3dd897e61e0f42ae57c565f7d86034 be0d83af8b36cda1c21be1b94b39c75cb14cb428 3e0830fd22515bfd90b1394553b6fb0368f9b541b5b917a4c4deb4f0a91a872d Loading...

	ciampinobus.com/js/vendors~components-Util-Flag~components-Widgets-LanguagePicker.7256e3ed81b9261a3dc2.js	93 kB	2023-03-07	2024-01-07
Pretty URL ciampinobus.com/js/vendors~components-Util-Flag~components-Widgets-LanguagePicker.7256e3ed81b9261a3dc2.js IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:13 Last Seen2024-01-07 01:37:54 Times Seen14 Hash a3c7e8df906c80eee71745a6c1e98674 f19d3e15cefaacffa1d63ba42a92ed04af156aeb e5e4cd7f1b153096df334fe683258f37456a4e476aabdbfca1e645a6ac0da7a2 Loading...

	ciampinobus.com/js/components-Widgets-LanguagePicker.04197bea712bafb59a56.js	3.2 kB	2023-03-07	2024-01-07
Pretty URL ciampinobus.com/js/components-Widgets-LanguagePicker.04197bea712bafb59a56.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:13 Last Seen2024-01-07 01:37:54 Times Seen13 Hash 6c4957b688b40dcd8584b6628f52824f 6ae925dcef002b17ed0426d6344973fa0194ba72 0812b7050480d151c7449d30dfdfafb21e26f170131e9a7d7972c6a437877b6e Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

HTTP Transactions (81)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1424d2734290cfd767b86da0ee0da3bc
875b1243bca41177411ac6af710d2bb96f45a0ac
70b5bb76774526a0cf131445ae2f8639085c3449812497df457f4bc78089917b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70B5BB76774526A0CF131445AE2F8639085C3449812497DF457F4BC78089917B"
Last-Modified: Wed, 15 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12571
Expires: Fri, 17 Mar 2023 07:46:45 GMT
Date: Fri, 17 Mar 2023 04:17:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
25389646a2daae58c728e01095973033
651619a503a0f21dd5a8135cce5240f51bae1ab5
8ecd890bd13e92a07acabbd187e71d59adc1f896b249ac1165444ea1f9e21bef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8ECD890BD13E92A07ACABBD187E71D59ADC1F896B249AC1165444EA1F9E21BEF"
Last-Modified: Tue, 14 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14136
Expires: Fri, 17 Mar 2023 08:12:50 GMT
Date: Fri, 17 Mar 2023 04:17:14 GMT
Connection: keep-alive

ciampinobus.com/

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/1.1
ciampinobus.com/
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 17 Mar 2023 04:17:13 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://ciampinobus.com/

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 17 Mar 2023 03:26:41 GMT
content-type: application/json
age: 3033
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
003080c91d03081096b019a53f63a8e9
b3d742e037ae313261033338d05d8155f1bf7e6b
d64a58d2f2bca32cb33f6fb8581978238ffa9919a3b2ffb4ce056a57fb7c9917

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D64A58D2F2BCA32CB33F6FB8581978238FFA9919A3B2FFB4CE056A57FB7C9917"
Last-Modified: Wed, 15 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15480
Expires: Fri, 17 Mar 2023 08:35:14 GMT
Date: Fri, 17 Mar 2023 04:17:14 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: GviUrAiPcMU6ZNhGmsGyW6fVtdU+JHePM5b1IcFFzNI80jY1oP0EVfyO2B8QllMol7ZoDar3Gad0/madtSaz/Q==
x-amz-request-id: 1GCF4EYXJYVAMGQP
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 17 Mar 2023 03:23:28 GMT
age: 3226
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:14 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f720950c9e66b312476e3b9fabb8184e
ce81934a9fde52a22cdeaccebe50f1ae745d021b
3fbb39fb91cab4c2a3b29994db4dcb48f286d1773a4de1e9eaee10dc24d5f3a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FBB39FB91CAB4C2A3B29994DB4DCB48F286D1773A4DE1E9EAEE10DC24D5F3A9"
Last-Modified: Wed, 15 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 17 Mar 2023 10:17:14 GMT
Date: Fri, 17 Mar 2023 04:17:14 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 17 Mar 2023 04:14:32 GMT
age: 162
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4353e40dea39897876467013220ab1ad
ecdbe764620d0d760f9333ff2c30d0f7d9b5d9a8
f23a16dcfff2a742fcbd5fff52cb6edcb9485eea5e732574f3124371b21abfb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F23A16DCFFF2A742FCBD5FFF52CB6EDCB9485EEA5E732574F3124371B21ABFB3"
Last-Modified: Tue, 14 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2830
Expires: Fri, 17 Mar 2023 05:04:25 GMT
Date: Fri, 17 Mar 2023 04:17:15 GMT
Connection: keep-alive

cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.js

104.17.24.14

200 OK

3.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
3.0 kB (2998 bytes)
Hash
e30f0c9c62a48fa192266bf8c5cb1eae
2bec3bc63d8c333bab464d1c110a24cebb58f9d4
218e8dbd3a5d9ba3eacdc9678e633601a97d6222bc494f3d8da6603eec3e9be2

HTTP Headers

GET /ajax/libs/wow/1.1.2/wow.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 17 Mar 2023 04:17:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 2998
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04033-3b8a"
last-modified: Mon, 04 May 2020 16:17:55 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 24470281
expires: Wed, 06 Mar 2024 04:17:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJ9WUzpTq%2FT6U309MX4XCEvga0%2FaYowcHPDoEQ6IBF1CNMpov76%2BKFjrI0N6AkE%2F5RYx%2Fx8MPOTe%2FafWipQgzEe0ZZUz1RJtsO4B8RLGAkpzES5rBx3pNxPi5H%2Fv1aqO0jhxrZWO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7a926cd68b5e1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6b8674f96ca43579ce968f4769e900fb
51d298ab96af7338da6e3f897e6d8e3379dd650c
46f546e150bf5a1a2b1fa1f5e63aa258f416518b71b9f2721ddf7513027650a7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Mar 2023 04:17:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6b8674f96ca43579ce968f4769e900fb
51d298ab96af7338da6e3f897e6d8e3379dd650c
46f546e150bf5a1a2b1fa1f5e63aa258f416518b71b9f2721ddf7513027650a7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Mar 2023 04:17:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6b8674f96ca43579ce968f4769e900fb
51d298ab96af7338da6e3f897e6d8e3379dd650c
46f546e150bf5a1a2b1fa1f5e63aa258f416518b71b9f2721ddf7513027650a7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Mar 2023 04:17:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ad9728e9366f067a73c2c8684981004b
e63ac04e96abd08afe02e4c81ccccf845e9a7963
1a5bf6c7e03e0d3dda9d76d17859f6c8dfccb1dccf4d69028b3b4f525d457947

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Mar 2023 04:17:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ad9728e9366f067a73c2c8684981004b
e63ac04e96abd08afe02e4c81ccccf845e9a7963
1a5bf6c7e03e0d3dda9d76d17859f6c8dfccb1dccf4d69028b3b4f525d457947

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Mar 2023 04:17:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?tracking=1&thirdparty=1&always=1

151.101.129.229

200 OK

2.5 kB

URL HTTP/2
cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?tracking=1&thirdparty=1&always=1
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (7278), with no line terminators
Size
2.5 kB (2498 bytes)
Hash
8797fec88a0cdf11e611fe3a522bdda4
fdc5f5ed5035ce0db2438c1feaec40af673bd3b0
b3af1bc6b9971044612705cc7e2640cca368ac95609089941e61ec1d03a2854e

HTTP Headers

GET /npm/cookie-bar/cookiebar-latest.min.js?tracking=1&thirdparty=1&always=1 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.10.2
x-jsd-version-type: version
etag: W/"1c6e-mK1eWkhTlu6mFTGNuyZr1R57ego"
content-encoding: br
accept-ranges: bytes
date: Fri, 17 Mar 2023 04:17:15 GMT
age: 11848
x-served-by: cache-fra-eddf8230126-FRA, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2498
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.162.79.115

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.79.115:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 02UkOmFQytVrcZ9dkajmFg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 44XzDyqVeHSMrgCB2iQAAlX/2zg=

fonts.googleapis.com/css?family=Poppins&display=swap

142.250.74.106

200 OK

1.9 kB

URL HTTP/2
fonts.googleapis.com/css?family=Poppins&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.9 kB (1866 bytes)
Hash
84112b2a9d896036feb9b9c17aa4183b
feeea611bae43117d0a413403a9554444fd7406e
3d9f9ee20628cc9e28c741b5e27e47ab7c018395b069caf23a109a6beaef8683

HTTP Headers

GET /css?family=Poppins&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 17 Mar 2023 04:17:15 GMT
date: Fri, 17 Mar 2023 04:17:15 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-101106124-2

142.250.74.168

200 OK

45 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-101106124-2
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2206)
Size
45 kB (44624 bytes)
Hash
efc2ff934d990ad4f9232b3de863e768
78acc69a0c719ada6d5ba7fe0dcabc0d631e4b42
82efcfd01eb7560752e3f1f1f3c430d8e145a0c8542d4448b44fe5793d7c4512

HTTP Headers

GET /gtag/js?id=UA-101106124-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 17 Mar 2023 04:17:15 GMT
expires: Fri, 17 Mar 2023 04:17:15 GMT
cache-control: private, max-age=900
last-modified: Fri, 17 Mar 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44624
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=AW-879903643

142.250.74.168

200 OK

68 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-879903643
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (5663)
Size
68 kB (68197 bytes)
Hash
2f75b00937fce0cbde07c0dc427535d3
25cabd7a2c5f1550f51d76faf816c83956e34758
ffb18da253edf379846b1d13c99bbd0cf52aecd705c6b14d9008d986ebda88ad

HTTP Headers

GET /gtag/js?id=AW-879903643 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 17 Mar 2023 04:17:15 GMT
expires: Fri, 17 Mar 2023 04:17:15 GMT
cache-control: private, max-age=900
last-modified: Fri, 17 Mar 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68197
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6b8674f96ca43579ce968f4769e900fb
51d298ab96af7338da6e3f897e6d8e3379dd650c
46f546e150bf5a1a2b1fa1f5e63aa258f416518b71b9f2721ddf7513027650a7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Mar 2023 04:17:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ad9728e9366f067a73c2c8684981004b
e63ac04e96abd08afe02e4c81ccccf845e9a7963
1a5bf6c7e03e0d3dda9d76d17859f6c8dfccb1dccf4d69028b3b4f525d457947

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Mar 2023 04:17:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
845dc57b777433830ae9d64a4602a480
167889d8b7479e54619c1b14957f87537d8873a4
d301be6b0fa0700457258218bd1f39f2613c2a20ba428d16a7079f7a87c86447

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Mar 2023 04:17:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ciampinobus.com/css/menu.css

185.136.89.218

200 OK

9.6 kB

URL HTTP/2
ciampinobus.com/css/menu.css
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
ASCII text, with very long lines (612)
Size
9.6 kB (9635 bytes)
Hash
27bc7d5408b5f9adeee420bb15cee66d
93a93e38262330bfba4922bdb2901268332800ac
e31cc74f10bb13cf4acc021dc2505227377cb596548f81f0803dcd0d664646d7

HTTP Headers

GET /css/menu.css HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/css/base.css
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:15 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: W/"62ea6580-222d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

ciampinobus.com/img/logo_sticky_2x.png

185.136.89.218

200 OK

88 kB

URL HTTP/2
ciampinobus.com/img/logo_sticky_2x.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 2008 x 567, 8-bit/color RGBA, non-interlaced\012- data
Size
88 kB (87553 bytes)
Hash
7d4215b7e69622f0df2a4bf7b335d078
34ba9c55108c9aaa6bd9cd90c42ab00979a4d1a5
66547b7f2b54f28dc54d6b917ebec99b8c4f9041547ad1b1f61afff6ea2452cc

HTTP Headers

GET /img/logo_sticky_2x.png HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:15 GMT
content-type: image/png
content-length: 87553
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: "62ea6580-15601"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ciampinobus.com/img/pattern.png

185.136.89.218

200 OK

12 kB

URL HTTP/2
ciampinobus.com/img/pattern.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 504 x 504, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12299 bytes)
Hash
f54ed8c132d452fb89669f60ed4af74c
ffa027713ea0e097e9fbf3375ad6cfa2d2f8166a
468242be56e47c2301117a65432b8e4df8f1e8fcda1db3fb9b98ad3ff56c479b

HTTP Headers

GET /img/pattern.png HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:15 GMT
content-type: image/png
content-length: 12299
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: "62ea6580-300b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
845dc57b777433830ae9d64a4602a480
167889d8b7479e54619c1b14957f87537d8873a4
d301be6b0fa0700457258218bd1f39f2613c2a20ba428d16a7079f7a87c86447

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Mar 2023 04:17:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ciampinobus.com/img/logo.png

185.136.89.218

200 OK

88 kB

URL HTTP/2
ciampinobus.com/img/logo.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 2008 x 567, 8-bit/color RGBA, non-interlaced\012- data
Size
88 kB (87553 bytes)
Hash
7d4215b7e69622f0df2a4bf7b335d078
34ba9c55108c9aaa6bd9cd90c42ab00979a4d1a5
66547b7f2b54f28dc54d6b917ebec99b8c4f9041547ad1b1f61afff6ea2452cc

HTTP Headers

GET /img/logo.png HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:15 GMT
content-type: image/png
content-length: 87553
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: "62ea6580-15601"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

216.58.207.227

200 OK

128 kB

URL HTTP/2
fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ciampinobus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 04:40:13 GMT
expires: Fri, 15 Mar 2024 04:40:13 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
content-type: font/woff2
age: 85023
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ciampinobus.com/img/visa.png

185.136.89.218

200 OK

4.4 kB

URL HTTP/2
ciampinobus.com/img/visa.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 226 x 71, 8-bit/color RGBA, non-interlaced\012- data
Size
4.4 kB (4399 bytes)
Hash
4dc043ece80aef7b007da59aac56460d
0f736cef4bc4e6d3b29a184cee9a8d6f27d4c895
a728125dc850891e7fbb75cbac19d6764eebe7743e78ff9a02b69ca9576a1796

HTTP Headers

GET /img/visa.png HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:15 GMT
content-type: image/png
content-length: 4399
last-modified: Wed, 03 Aug 2022 12:09:37 GMT
etag: "62ea6581-112f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ciampinobus.com/img/mastercard.png

185.136.89.218

200 OK

2.2 kB

URL HTTP/2
ciampinobus.com/img/mastercard.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 50 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2245 bytes)
Hash
fe1fd1c1dabd1b05830de73bf316f276
e5a2bf8fcb22043a1bf0132e052ef1c0bdc3d97d
800b95f62090540c2a6535d39812d626dd520dca38db411db1873beaac97bc28

HTTP Headers

GET /img/mastercard.png HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:15 GMT
content-type: image/png
content-length: 2245
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: "62ea6580-8c5"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ciampinobus.com/img/logo_sticky.png

185.136.89.218

200 OK

88 kB

URL HTTP/2
ciampinobus.com/img/logo_sticky.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 2008 x 567, 8-bit/color RGBA, non-interlaced\012- data
Size
88 kB (87553 bytes)
Hash
7d4215b7e69622f0df2a4bf7b335d078
34ba9c55108c9aaa6bd9cd90c42ab00979a4d1a5
66547b7f2b54f28dc54d6b917ebec99b8c4f9041547ad1b1f61afff6ea2452cc

HTTP Headers

GET /img/logo_sticky.png HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:15 GMT
content-type: image/png
content-length: 87553
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: "62ea6580-15601"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ciampinobus.com/img/moldova.jpg

185.136.89.218

200 OK

14 kB

URL HTTP/2
ciampinobus.com/img/moldova.jpg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 340x389, components 3\012- data
Size
14 kB (13978 bytes)
Hash
7fb0c831db68ae3918e6c7d49ebfe43e
cae18e521af50ebfdec17ac04e33ea3b6e606e68
ddc98bd400bb00fce61348f5dc522e5f3b20c0e1610400d345fe1ac345e6922b

HTTP Headers

GET /img/moldova.jpg HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: image/jpeg
content-length: 13978
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: "62ea6580-369a"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ciampinobus.com/img/blue-air.jpg

185.136.89.218

200 OK

11 kB

URL HTTP/2
ciampinobus.com/img/blue-air.jpg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 340x389, components 3\012- data
Size
11 kB (10669 bytes)
Hash
0e56f0d4b72db0184956c1ccb4b8021f
3d33ccaa38b0b060fa42061de3a5b24237988cf0
4a21461655895ee5d7acaad11ac9c18102984314cd3849cda36c64d5be0548f3

HTTP Headers

GET /img/blue-air.jpg HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: image/jpeg
content-length: 10669
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: "62ea6580-29ad"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ciampinobus.com/img/ryanair.jpg

185.136.89.218

200 OK

14 kB

URL HTTP/2
ciampinobus.com/img/ryanair.jpg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 340x389, components 3\012- data
Size
14 kB (14385 bytes)
Hash
a6822e276e86fab61c3fee23c0cf7b48
594a1621bb23f51569ab3e25d16b210a15396044
c9ee6982de7160e1b1cec7b43e0dd5b4d161609838d35abe0a3674c02435f2fe

HTTP Headers

GET /img/ryanair.jpg HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: image/jpeg
content-length: 14385
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: "62ea6580-3831"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ciampinobus.com/img/volotea.jpg

185.136.89.218

200 OK

10 kB

URL HTTP/2
ciampinobus.com/img/volotea.jpg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 340x389, components 3\012- data
Size
10 kB (10483 bytes)
Hash
c212d15bf772c4c25d413dee90a3093e
55daf7e92e79c34e15734b64dbf0e852995b7ee3
ff9f2038e9f1161d4119907c7e6b94fdbbe9b17d5017defd23fd11c083a84d31

HTTP Headers

GET /img/volotea.jpg HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: image/jpeg
content-length: 10483
last-modified: Wed, 03 Aug 2022 12:09:37 GMT
etag: "62ea6581-28f3"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ciampinobus.com/img/wizz.jpg

185.136.89.218

200 OK

17 kB

URL HTTP/2
ciampinobus.com/img/wizz.jpg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 340x389, components 3\012- data
Size
17 kB (16700 bytes)
Hash
647470c8c3a7bd1821c5b5b7a63de688
3a1ff2d2ca31ca83f355d050c4c30f1eea98dcfa
2904400676c65f7da9894e0b9155ac0b4c94d387fcb5e603e8a26bb72d1846ee

HTTP Headers

GET /img/wizz.jpg HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: image/jpeg
content-length: 16700
last-modified: Wed, 03 Aug 2022 12:09:37 GMT
etag: "62ea6581-413c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11229
Expires: Fri, 17 Mar 2023 07:24:25 GMT
Date: Fri, 17 Mar 2023 04:17:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11229
Expires: Fri, 17 Mar 2023 07:24:25 GMT
Date: Fri, 17 Mar 2023 04:17:16 GMT
Connection: keep-alive

ciampinobus.com/css/custom.css

185.136.89.218

200 OK

92 kB

URL HTTP/2
ciampinobus.com/css/custom.css
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
Unicode text, UTF-8 text
Size
92 kB (92264 bytes)
Hash
34b0d50bb11488053956c38a759e34a3
256b3e14a5fbf7aabc8da62b709a11cb853d0651
fabcb1ccab5b3156883de03d577f743080d1294a0690f83254bb172dc144fefc

HTTP Headers

GET /css/custom.css HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/css/base.css
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:15 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: W/"62ea6580-131f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68813662-5a13-47ad-a024-a6b6d499e8a7.jpeg

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68813662-5a13-47ad-a024-a6b6d499e8a7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3500 bytes)
Hash
1515d9d9fd8576d3a90eaa4c89ceffc2
a182169282b5ee90145364440609d1bf74c6fcb9
3fdf6fefb49aec034300a97b9b07dfb412f9d946d77ab3b7d72f537a00580b53

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68813662-5a13-47ad-a024-a6b6d499e8a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3500
x-amzn-requestid: d7b22162-f57a-41ce-9f30-ea0f77cd0daf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bp_uuEkUoAMFrGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640d7991-579d21c9407bfda30e687536;Sampled=0
x-amzn-remapped-date: Sun, 12 Mar 2023 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: W0TPYCmTQ5saEnnh_KYBwtAiab88JAnAFerfevXIvWxGiaYF_oGIGg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Mar 2023 18:25:22 GMT
age: 35514
etag: "a182169282b5ee90145364440609d1bf74c6fcb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35bbebd-fe94-4a9a-89ef-f9766e41b86e.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11594 bytes)
Hash
4062ca109e37235c9996cd13acaca8ab
d4fcc855ddd9f7a949b66ba5bceba73f7b0c91bd
800e19d4c2fbb828aedb80542563c95b8f1d6022ff604576ed4943f1fc6d607b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35bbebd-fe94-4a9a-89ef-f9766e41b86e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11594
x-amzn-requestid: b0875d40-ec76-4541-9e9c-0a86c89bdf22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B14BfHOkoAMFXIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64123a09-43982eb560373c1449a90e35;Sampled=0
x-amzn-remapped-date: Wed, 15 Mar 2023 21:35:05 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: RnPM_j6OB3YRMpbaG14o5uurKLKWWnY04FcFimt9bPQxGiB0FZFocQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 82893cc36087a50f9a150a621d10e740.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Mar 2023 21:49:24 GMT
age: 23272
etag: "d4fcc855ddd9f7a949b66ba5bceba73f7b0c91bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F283cce37-c692-4203-ad27-597093d4e1d7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5906 bytes)
Hash
ab1194f894e79ce8de9c4a02925415e8
b06c689355301378aedbe12d01782debc8e2559e
1113a17eb74f317f3879f781f7b2fcb86f7e7da9ff6e18b44288f379cd5a21c2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F283cce37-c692-4203-ad27-597093d4e1d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5906
x-amzn-requestid: 81b47546-f999-40fc-887b-1f8e3d9e49b0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bz5_JGH2oAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64117060-303925a47d9431f63bf5afaa;Sampled=0
x-amzn-remapped-date: Wed, 15 Mar 2023 07:14:40 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: yhJQJKgvv9AxHjr1CFyDo6t5owgihxDs9W-HLMSV2bOb32s8KFFkAw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 01:19:03 GMT
age: 10693
etag: "b06c689355301378aedbe12d01782debc8e2559e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe0dfcd0-a709-4ef0-aefb-63095f0db32f.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9390 bytes)
Hash
a9e67d3be146dd66ca50e32044c48bf9
8ff206902ecdd965b23b8b6c62f49c2d7cdce479
a2f4fcce54e63768ae6e61936957d7da8e71e85c72f32eb5fd2fe905c0eadc1a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe0dfcd0-a709-4ef0-aefb-63095f0db32f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9390
x-amzn-requestid: d0fafa96-55da-43c8-980a-ef28c58f68f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B5LISFVMoAMFXVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64138bce-3a25feea7def6eeb559ec71c;Sampled=0
x-amzn-remapped-date: Thu, 16 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: pCEuf9REXLGGHIIZZxxgzOTCPqdgO0rQawd_C7EFJ9b3JJPJT5DlVQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Mar 2023 22:02:26 GMT
age: 22490
etag: "8ff206902ecdd965b23b8b6c62f49c2d7cdce479"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8487 bytes)
Hash
be71491cee9b47dc3ffb23b4fdff25b3
79c7d22c8df6d305f46c5779ccb9f25169d4d111
e785896e5840fb901ddd0118bef3ccad6b59a96d8eef0e8ccd9c95a3c261ba45

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8487
x-amzn-requestid: f904b483-c6ae-4318-9932-4e48d8188585
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvTpAEUAIAMFUig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f996c-5905cad6148df52e4f10ecf5;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:45:16 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: iFDVPB-wzZyIG9xYU-f3rnebwRbaWDo90aD520OcgsptZR0vmkc2ew==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Mar 2023 23:00:04 GMT
age: 19032
etag: "79c7d22c8df6d305f46c5779ccb9f25169d4d111"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bfbc0b0-3e7e-47a7-b22b-6d6a6259887a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7269 bytes)
Hash
76ed7e7c3fa044700e7ef8125c0f6d76
f4bd84a84c4b791abfdf7901e354d03fc6187c70
0598004fffbe1553cb2f5d9e48dbaf9a29a55c9c17d8581449ed02e115a10921

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bfbc0b0-3e7e-47a7-b22b-6d6a6259887a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7269
x-amzn-requestid: b7b455b3-621c-4d9b-87bb-4819af675b23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B5K3XHCZIAMFjpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64138b62-5ed1eeae1a9b27e07281fab8;Sampled=0
x-amzn-remapped-date: Thu, 16 Mar 2023 21:34:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 50uLNIH5oiI-qphMV6_LbVui_WhkxbiLFx1-Qyt4EL0vq1dmlmo4gw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Mar 2023 21:53:30 GMT
age: 23026
etag: "f4bd84a84c4b791abfdf7901e354d03fc6187c70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.ciampinobus.com/img/es.svg

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/2
www.ciampinobus.com/img/es.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/es.svg HTTP/1.1
Host: www.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: text/html
content-length: 162
location: https://ciampinobus.com/img/es.svg
X-Firefox-Spdy: h2

www.ciampinobus.com/img/gb.svg

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/2
www.ciampinobus.com/img/gb.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/gb.svg HTTP/1.1
Host: www.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: text/html
content-length: 162
location: https://ciampinobus.com/img/gb.svg
X-Firefox-Spdy: h2

www.ciampinobus.com/img/fr.svg

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/2
www.ciampinobus.com/img/fr.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/fr.svg HTTP/1.1
Host: www.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: text/html
content-length: 162
location: https://ciampinobus.com/img/fr.svg
X-Firefox-Spdy: h2

www.ciampinobus.com/img/it.svg

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/2
www.ciampinobus.com/img/it.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/it.svg HTTP/1.1
Host: www.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: text/html
content-length: 162
location: https://ciampinobus.com/img/it.svg
X-Firefox-Spdy: h2

www.ciampinobus.com/img/pt.svg

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/2
www.ciampinobus.com/img/pt.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/pt.svg HTTP/1.1
Host: www.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: text/html
content-length: 162
location: https://ciampinobus.com/img/pt.svg
X-Firefox-Spdy: h2

www.ciampinobus.com/img/pl.svg

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/2
www.ciampinobus.com/img/pl.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/pl.svg HTTP/1.1
Host: www.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: text/html
content-length: 162
location: https://ciampinobus.com/img/pl.svg
X-Firefox-Spdy: h2

www.ciampinobus.com/img/ro.png

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/2
www.ciampinobus.com/img/ro.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /img/ro.png HTTP/1.1
Host: www.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: text/html
content-length: 162
location: https://ciampinobus.com/img/ro.png
X-Firefox-Spdy: h2

ciampinobus.com/js/vendors~components-Util-Flag~components-Widgets-LanguagePicker.7256e3ed81b9261a3dc2.js

185.136.89.218

200 OK

198 kB

URL HTTP/2
ciampinobus.com/js/vendors~components-Util-Flag~components-Widgets-LanguagePicker.7256e3ed81b9261a3dc2.js
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
198 kB (198452 bytes)
Hash
95135adc6ae53d7f0fe74cff23948061
455153f00944eb8f1f5ad6d06038139aaf528302
064a014fd64ca8ceef36299e5b0d73fc9540037dcbb6675bd444bea7fe666f5f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/vendors~components-Util-Flag~components-Widgets-LanguagePicker.7256e3ed81b9261a3dc2.js HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:15 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 12:09:37 GMT
etag: W/"62ea6581-16a0b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

ciampinobus.com/css/app.css

185.136.89.218

200 OK

41 kB

URL HTTP/2
ciampinobus.com/css/app.css
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
41 kB (40642 bytes)
Hash
c24778abd67f76bdc919093ee99b2115
33d0450c52d1cb9b9028f671d47e3611b5b2ac8f
9aa8327b6deb656602b94a59a29cb214c51639c5ba29eae0898fb41517fe69c7

HTTP Headers

GET /css/app.css HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:14 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: W/"62ea6580-3f8ae"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

ciampinobus.com/js/app.js

185.136.89.218

200 OK

181 kB

URL HTTP/2
ciampinobus.com/js/app.js
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
181 kB (180625 bytes)
Hash
efee17630ebab8b3a6e27e137a1d0810
79bc787dc829d91e9b5f110303d38c006d4e3ae0
78f4fd445a6379879ca08554c5aeea2fda6c2dd84293e5a526f097ab5daacc6f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/app.js HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:15 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 12:09:37 GMT
etag: W/"62ea6581-a6400"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

ciampinobus.com/js/components-JourneySelector.ef258e0744cfa3a99f29.js

185.136.89.218

200 OK

68 kB

URL HTTP/2
ciampinobus.com/js/components-JourneySelector.ef258e0744cfa3a99f29.js
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
Unicode text, UTF-8 text, with very long lines (15107)
Size
68 kB (68538 bytes)
Hash
f530472d09ac7bef0f813cba85656e7b
47f44376bdb14b6157a63d5d06e24f55da9f0e04
175b02664aaf9585b9488ef8678ac2309b7f09982589e38d8c8d42ac3e169afb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/components-JourneySelector.ef258e0744cfa3a99f29.js HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:15 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 12:09:37 GMT
etag: W/"62ea6581-3b51"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

ciampinobus.com/img/gb.svg

185.136.89.218

200 OK

834 B

URL HTTP/2
ciampinobus.com/img/gb.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
834 B (834 bytes)
Hash
b518e6a9d34783d12f1d71b014e7abb6
05e325c26f7527f3eeb957ee5f426318f44b5e67
ce93c8a6b974d63998e263f6d25f898fc20580a28464457f2f4463b687e4fe8d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/gb.svg HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciampinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: image/svg+xml
content-length: 834
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: "342-5e5551b529942"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

ciampinobus.com/img/it.svg

185.136.89.218

200 OK

295 B

URL HTTP/2
ciampinobus.com/img/it.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
295 B (295 bytes)
Hash
529a7e6acbba61dafee3d7dfa6be0612
8f11f413db0778773570dded673c79c9225c31da
d2c168050fc509adac1163b097b0ed409217560735b27802ae9259587c146562

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/it.svg HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciampinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: image/svg+xml
content-length: 295
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: "127-5e5551b52a8e2"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

ciampinobus.com/img/fr.svg

185.136.89.218

200 OK

295 B

URL HTTP/2
ciampinobus.com/img/fr.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
295 B (295 bytes)
Hash
9a5dcb2a490e33157ea7335c0a0e5aaa
dd1e77f728abca0e5dffd1dd225e700d205b45f7
30ed2f68dc9a17927643640f48f3d2a858bd041770547035349c6e79713cd84e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/fr.svg HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciampinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: image/svg+xml
content-length: 295
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: "127-5e5551b529942"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

ciampinobus.com/img/pt.svg

185.136.89.218

200 OK

8.4 kB

URL HTTP/2
ciampinobus.com/img/pt.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (606)
Size
8.4 kB (8393 bytes)
Hash
07f887f292303c33cff1f7edfff3bb70
7a75945aa92f7a3dd5aeb0cc01f3f8798d44e2d5
9aab20caed714ee47fc408f017037aea94a649b3ba4d87e2da37870ee31e4f92

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/pt.svg HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciampinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: image/svg+xml
content-length: 8393
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: "62ea6580-20c9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ciampinobus.com/img/pl.svg

185.136.89.218

200 OK

225 B

URL HTTP/2
ciampinobus.com/img/pl.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
225 B (225 bytes)
Hash
aa9329e76696c5835da30ce63de55721
80c26923e9b5914e3dd39719660c381ed89ef840
df8ec3d0ac33382e0b276fd1bfafb80b8914b4670f8e5676d9419f8bb5d89419

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/pl.svg HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciampinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: image/svg+xml
content-length: 225
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: "e1-5e5551b537bd2"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

ciampinobus.com/img/ro.png

185.136.89.218

200 OK

138 B

URL HTTP/2
ciampinobus.com/img/ro.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 38 x 25, 8-bit/color RGB, non-interlaced\012- data
Size
138 B (138 bytes)
Hash
c43c3f93a9615869f6cc956dfe817779
cc5d45912b0935587b77e3360c89d1b0c910df2f
765ea57ad7fcf6aabd8da4b1b09a57b3f7faf818e4e8d92c0572703d1d78fb6b

HTTP Headers

GET /img/ro.png HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciampinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: image/png
content-length: 138
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: "8a-5e5551b5383a2"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

ciampinobus.com/

185.136.89.218

200 OK

725 kB

URL HTTP/2
ciampinobus.com/
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41468)
Size
725 kB (724699 bytes)
Hash
9893ba80d5fcb98a0d19c160b00d8db2
599abe46d37326044fa3fabba1e27db3409f2dd8
7b642d03c7f62d077dd1331a1c0a47fff81e23b42c365a749ad3ca0c148038ad

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:14 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; expires=Fri, 17-Mar-2023 06:17:14 GMT; Max-Age=7200; path=/
ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D; expires=Fri, 17-Mar-2023 06:17:14 GMT; Max-Age=7200; path=/; httponly
x-powered-by: PHP/7.3.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

ciampinobus.com/img/es.svg

185.136.89.218

200 OK

93 kB

URL HTTP/2
ciampinobus.com/img/es.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2367)
Size
93 kB (92574 bytes)
Hash
f5311bf6aafc2459d2696b15aa933570
942a5a37d3455e70ca9b6b3710d3a32b6b137822
50e59681c6b6412498bd9cbfc473abedc713db75c54c538b839db3c394d64499

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/es.svg HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciampinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: image/svg+xml
content-length: 92574
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: "62ea6580-1699e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 17 Mar 2023 03:53:25 GMT
expires: Fri, 17 Mar 2023 05:53:25 GMT
cache-control: public, max-age=7200
age: 1432
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

script.hotjar.com/modules.b58f4dbb50ff88fc1f15.js

54.230.111.73

200 OK

68 kB

URL HTTP/2
script.hotjar.com/modules.b58f4dbb50ff88fc1f15.js
IP
54.230.111.73:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (50842)
Size
68 kB (68544 bytes)
Hash
091dc0b7a90675e0aa9a621de17b6353
18c4d82c97f4e5b0c0bc425ee2ea120f4d2b75d6
9274faf6bbcc68764c057276c897ee24d9d690eba165156b458433c90de26a54

HTTP Headers

GET /modules.b58f4dbb50ff88fc1f15.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 68544
date: Wed, 15 Mar 2023 16:17:07 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "091dc0b7a90675e0aa9a621de17b6353"
last-modified: Wed, 15 Mar 2023 16:16:09 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 51VTVp_oYg_2sVx8X_2SNi9Ilz9cR6xyj6ucan7HsK-cMbIYeKx_qQ==
age: 129610
X-Firefox-Spdy: h2

ciampinobus.com/img/favicon.ico

185.136.89.218

200 OK

32 kB

URL HTTP/2
ciampinobus.com/img/favicon.ico
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
32 kB (32038 bytes)
Hash
470ac769e31783d7e6ff8733d8d5a47d
6c3b510c99afa50b59e1edd0be4b67d13ecf12bd
a72779d89f095b976d583c78372684b1831f7a61378e54dfbd01b6da74b3021e

HTTP Headers

GET /img/favicon.ico HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: image/vnd.microsoft.icon
content-length: 32038
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: "62ea6580-7d26"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ciampinobus.com/img/apple-touch-icon-144x144-precomposed.png

185.136.89.218

404 Not Found

472 B

URL HTTP/2
ciampinobus.com/img/apple-touch-icon-144x144-precomposed.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
472 B (472 bytes)
Hash
d158a18b1afff63c2060e2838cfdd73c
f9fbee2c31a127c7b908cf3937c7229e6b98050f
de2812c83325cf95ad83d9d28899c90635b597450a2ccb77215962d247aec373

HTTP Headers

GET /img/apple-touch-icon-144x144-precomposed.png HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.33
cache-control: no-cache, private
content-encoding: br
X-Firefox-Spdy: h2

ocsp.e2m02.amazontrust.com/

54.230.80.227

200 OK

278 B

URL HTTP/1.1
ocsp.e2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
278 B (278 bytes)
Hash
c4a300b80f5d0cb07bb5d89f582e6afa
ba457a1faf9785d7cd53446953139c425e11d69a
2e05e37d579dbb7b1fb2f816d4ee018095be379cc1537c94ca15fb9b9ad56482

HTTP Headers

POST / HTTP/1.1
Host: ocsp.e2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 278
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122053
Date: Fri, 17 Mar 2023 04:17:17 GMT
Etag: "64130c05-116"
Expires: Sat, 18 Mar 2023 14:11:30 GMT
Last-Modified: Thu, 16 Mar 2023 12:31:01 GMT
Server: ECAcc (nya/1C5E)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -xQcrGJk4XAIfeSnCErCIntETM1hjZJLrvE8VGsvt3_BNnicWRn5pw==
Age: 6029

ocsp.e2m02.amazontrust.com/

54.230.80.227

200 OK

280 B

URL HTTP/1.1
ocsp.e2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
280 B (280 bytes)
Hash
c9d562e523b8c5447f572122b975930d
205df9b6b49347aa89cb7605475d287ba92cdba7
18127f7f6186a2d23c8023b6c26f574d70b48ecf3198d479b943d9da555ea548

HTTP Headers

POST / HTTP/1.1
Host: ocsp.e2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=148169
Date: Fri, 17 Mar 2023 04:17:17 GMT
Etag: "641379c1-118"
Expires: Sat, 18 Mar 2023 21:26:46 GMT
Last-Modified: Thu, 16 Mar 2023 20:19:13 GMT
Server: ECAcc (nya/1C5C)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: M0BNAgQ9NAzIYNaadKppqLDRjiwMTiKB0v02vPDmKJTxD_xUZh8jiA==
Age: 4053

wsp28.hotjar.com/api/v2/client/ws

34.247.149.123

101 Switching Protocols

0 B

URL HTTP/1.1
wsp28.hotjar.com/api/v2/client/ws
IP
34.247.149.123:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/v2/client/ws HTTP/1.1
Host: wsp28.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://ciampinobus.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: STbAQHdVLcZfnwLsIl+eXw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Fri, 17 Mar 2023 04:17:17 GMT
Content-Type: application/octet-stream
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TipUfweKXBOV4YU3rtG8uGx48TU=
Sec-WebSocket-Extensions: permessage-deflate

in.hotjar.com/api/v2/client/sites/1963488/visit-data?sv=6

52.50.121.74

200 OK

151 B

URL HTTP/2
in.hotjar.com/api/v2/client/sites/1963488/visit-data?sv=6
IP
52.50.121.74:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
151 B (151 bytes)
Hash
d7cc43fcd57c0d837167219fc9bde7ee
8a3afcf29363ded58064579f3cec75755c3a288d
ae6d6d8b6de041ad76511d9b76fe17b93930276372b2e4c62ba5325b94964ff7

HTTP Headers

POST /api/v2/client/sites/1963488/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 112
Origin: https://ciampinobus.com
Connection: keep-alive
Referer: https://ciampinobus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 17 Mar 2023 04:17:17 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2

ciampinobus.com/js/components-DIalogs-CovidDialog.dc8dc208881ad27eeae6.js

185.136.89.218

200 OK

0 B

URL HTTP/2
ciampinobus.com/js/components-DIalogs-CovidDialog.dc8dc208881ad27eeae6.js
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/components-DIalogs-CovidDialog.dc8dc208881ad27eeae6.js HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:16 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 12:09:37 GMT
etag: W/"62ea6581-7a7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

ciampinobus.com/css/style.css

185.136.89.218

200 OK

0 B

URL HTTP/2
ciampinobus.com/css/style.css
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/style.css HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/css/base.css
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:15 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: W/"62ea6580-11ec6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

ciampinobus.com/css/base.css

185.136.89.218

200 OK

0 B

URL HTTP/2
ciampinobus.com/css/base.css
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/base.css HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:14 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: W/"6d-5e5551b50ad12"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

ciampinobus.com/css/animate.min.css

185.136.89.218

200 OK

0 B

URL HTTP/2
ciampinobus.com/css/animate.min.css
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/animate.min.css HTTP/1.1
Host: ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/css/base.css
Cookie: XSRF-TOKEN=eyJpdiI6IjBGU2FWczJYM1l5REpmUmwxcmdVdHc9PSIsInZhbHVlIjoiSHZTdU9HM1p3RnliNUtFc1hoQ2hJbjhscStjaHNSRytGMUZTU21wTE0zbTJVWWZXL0dOeFBkc2VvQndjQ0tkR3JQS2ZMKzRQK0RSbkJZNkdvMmhHSkM0WFFOc1F5WFowaFNvNVV5aGZSMnpZREZlUDlpUnc0b1lDZmZYUWdiSDUiLCJtYWMiOiJjOGNjYzFmMzI3NjJjMzViMjQ3MGE4YmJkN2QzY2ExYThkYmE5NDVkYjFlNDRiZjVhZGJiNmFiMzMxZWRmZDJmIn0%3D; ciampinobus_session=eyJpdiI6IkVWUHB5NjRxaEY2Z1BKSWNlVXZ6N2c9PSIsInZhbHVlIjoiU2FJNmorZ3YvVUhqRmZ3alN1aDBMWTlEL3dUZ1R3SjF1dWRSM052Yk9FenFrQzZNeithTEZYczJVSnhIYnZFdFJpT1RGRHlvUDlMZG1pVTFwdm05cjBWZGZRQysvc3hqN3NqRE1tTFZzTUQ5bEZCenN2WU1oRWNXd1A1YituUzIiLCJtYWMiOiJlOTJkODk2OGU5MGFmZDAwZjJmMzdhNTJhNDE1ZDRkMDY0NWUxZjZmMDExMzQyNjBmZjkzOTVlN2Q1MGIzMTExIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 04:17:15 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 12:09:36 GMT
etag: W/"62ea6580-d0bc"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-1963488.js?sv=6

54.230.111.113

200 OK

0 B

URL HTTP/2
static.hotjar.com/c/hotjar-1963488.js?sv=6
IP
54.230.111.113:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/hotjar-1963488.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 17 Mar 2023 04:17:17 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/bfae0e8a2898e51d946f1fa0078c3ce8
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Hi_OiMM7hOS_dVRYFPiuxvveoZucZ7R710nPLNe-ElDd7zkhM5V63w==
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 17 Mar 2023 04:17:15 GMT
date: Fri, 17 Mar 2023 04:17:15 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Gochi+Hand|Lato:300,400|Montserrat:400,400i,700,700i

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Gochi+Hand|Lato:300,400|Montserrat:400,400i,700,700i
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Gochi+Hand|Lato:300,400|Montserrat:400,400i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciampinobus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 17 Mar 2023 04:17:15 GMT
date: Fri, 17 Mar 2023 04:17:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML