Report - swappauto.staging.lcsolutions.it/ndcs.pni/login.php?session

Report Overview

Submitted URL
swappauto.staging.lcsolutions.it/ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51...
IP
128.199.38.52
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2022-09-27 02:45:56
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	42 kB	104.17.24.14
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	1.9 kB	104.18.20.226
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.8 kB	142.250.74.3
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	54 kB	142.250.74.163
swappauto.staging.lcsolutions.it	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	1.0 MB	128.199.38.52
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	430 B	4.3 kB	151.101.85.229
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.223.168.227
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	430 B	746 B	142.250.74.10
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	50 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-27	medium	swappauto.staging.lcsolutions.it/login	Phishing
2022-09-27	medium	swappauto.staging.lcsolutions.it/assets/js/custom.js	Malware
2022-09-27	medium	swappauto.staging.lcsolutions.it/assets/js/app.min.js	Malware
2022-09-27	medium	swappauto.staging.lcsolutions.it/assets/js/vendor.min.js	Malware
2022-09-27	medium	swappauto.staging.lcsolutions.it/images/auth-bg.jpg?4e8d1bcb8749fb163af9de0151cc6fed	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/select2/4.0.1/js/select2.min.js	65 kB	2023-03-07	2024-04-13
Pretty URL cdnjs.cloudflare.com/ajax/libs/select2/4.0.1/js/select2.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:50 Last Seen2024-04-13 11:06:50 Times Seen139 Hash 2b1cec0f82cadbfe86c6f83a4ac84d4b e913f50e0dae53886d8c1f01fb57cf87208272bf ff6377c5173c4ee30318481c90cb7cc19987f2f5304871236266df11b0f48696 Loading...

	cdn.jsdelivr.net/npm/gasparesganga-jquery-loading-overlay@2.1.7/dist/loadingoverlay.min.js	12 kB	2023-03-07	2024-04-13
Pretty URL cdn.jsdelivr.net/npm/gasparesganga-jquery-loading-overlay@2.1.7/dist/loadingoverlay.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:50 Last Seen2024-04-13 11:06:50 Times Seen205 Hash 026f2e71bca5cc6a5761dd6b29fb79c9 1eee60fd47ffdaf553e9f7efb70a9da73818064c 8cb16ff6222b21ba8a50b1e9aa9fe399e3c3aa2f7cf6929739c3a1b77ce045cc Loading...

	swappauto.staging.lcsolutions.it/assets/js/app.min.js	9.0 kB	2023-03-07	2024-04-13
Pretty URL swappauto.staging.lcsolutions.it/assets/js/app.min.js IP 128.199.38.52 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:50 Last Seen2024-04-13 11:06:50 Times Seen51 Hash da57dd32113013c6690373f5ad6efc23 a2f2ed500178c6b95f390f92af63d2c53d5a2d5d 77c5ea962fe05d20e92f81c51ffc9e83727968b35807d08d4308915a48dc1a66 Loading...

	unknown	0 B	2023-03-07	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 22:13:49 Times Seen36947657 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	swappauto.staging.lcsolutions.it/assets/js/custom.js	1.7 kB	2023-03-07	2024-04-13
Pretty URL swappauto.staging.lcsolutions.it/assets/js/custom.js IP 128.199.38.52 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:50 Last Seen2024-04-13 11:06:50 Times Seen51 Hash e0c4385bb7a11df134206e8b07137de0 9b4b7deb9c44f5e2569a7dca4626842f15a95824 1ec124e44f6191a2bad073f2981571a781c416850e36b2b68d189fae82a74de8 Loading...

	swappauto.staging.lcsolutions.it/login	1.0 kB	2023-03-07	2023-11-28
Pretty URL swappauto.staging.lcsolutions.it/login IP 128.199.38.52 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:50 Last Seen2023-11-28 08:28:09 Times Seen3 Hash 65cdedb4d49ce4c4c7c68fa68c1b7d09 d7067b4eb9154eb2b42db61fbde5e808bf52d814 2421e66fb02b83231846b1e6ebd7465ae9adf1219248d330c35b8e4fc01c4a4b Loading...

	cdnjs.cloudflare.com/ajax/libs/moment.js/2.8.4/moment.min.js	34 kB	2023-03-07	2024-04-13
Pretty URL cdnjs.cloudflare.com/ajax/libs/moment.js/2.8.4/moment.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:50 Last Seen2024-04-13 11:06:50 Times Seen136 Hash 89f87298ad94aa1e6b92f42eb66da043 d8c0a049a5431416c60f152386dd6f3beaabbba4 b8559046a798fb7e60a22975d8cc0be190c63702654a7074d7e3f0b2ac4bd51a Loading...

HTTP Transactions (46)

URL IP Response Size

swappauto.staging.lcsolutions.it/ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51...

128.199.38.52

301 Moved Permanently

296 B

URL HTTP/1.1
swappauto.staging.lcsolutions.it/ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51...
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
296 B (296 bytes)
Hash
c74a5e0a10bd9f5802fabc2bba9b7915
0929537f37b55f9ef8cc2719de6a931acb2a5b7e
08aba42801b1fbc7d954b2f0a694450ad581bf6b48d3afb6ff80409a7943f3e1

HTTP Headers

GET /ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51... HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 02:45:45 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Location: https://swappauto.staging.lcsolutions.it/ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51...
Content-Length: 296
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4929
Expires: Tue, 27 Sep 2022 04:07:54 GMT
Date: Tue, 27 Sep 2022 02:45:45 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 02:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TILG9jKNCBzY14o6IFDcH5xDXJnDv7gpdX4QN4UuoQkzhbfhffSBGQ==
Age: 1815

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qwOoKSx92uADrJuR1pMpwUSBtvwWDyArBgwILSrYkJIxCSEIRqDnrw==
age: 79830
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 02:45:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
df63afa9e6d5b071ed9ebb83a2d21c7a
a6adca5cf9f0bcc728dc67fc8292dc1f6b83f42d
923f22c17b4e31f5111bc2f2e53e3235a30cec8880addc46f4344a855bb1b05a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "923F22C17B4E31F5111BC2F2E53E3235A30CEC8880ADDC46F4344A855BB1B05A"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Tue, 27 Sep 2022 08:45:35 GMT
Date: Tue, 27 Sep 2022 02:45:46 GMT
Connection: keep-alive

swappauto.staging.lcsolutions.it/ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51...

128.199.38.52

302 Found

430 B

URL HTTP/1.1
swappauto.staging.lcsolutions.it/ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51...
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
430 B (430 bytes)
Hash
8ecf23bf15844662855c55791c0d90f3
c99052f1f2bd2964269b4f3d244d909944212635
0905f5a9af6791b0dcc79f4704119fb12898448664f53367feca92399675e534

HTTP Headers

GET /ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51... HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
Date: Tue, 27 Sep 2022 02:45:46 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
X-Powered-By: PHP/7.4.20
Cache-Control: no-cache, private
Location: https://swappauto.staging.lcsolutions.it/login
Set-Cookie: XSRF-TOKEN=eyJpdiI6InJDUFNSdzdxcWpINmN1RUtRK2JFRFE9PSIsInZhbHVlIjoibHF0c0dRaGh6dm9xR0k0V202U01DSkZGT2M5RnRxTE1SejlWTWt4M2dwQUZvazhGUG9kUDFXTHg4OVVJNUp3SyIsIm1hYyI6ImRlMWMzM2E5MTNjZjViNTRiNmVjOGI4NjZjYjU1MmQ2MDZjYTY1OGIwNDUwNjk0ZGMxMjNlYjA3OWNmMTI1ZDYifQ%3D%3D; expires=Wed, 05-Oct-2022 10:45:46 GMT; Max-Age=720000; path=/; samesite=lax
swappauto_session=eyJpdiI6ImtRUGZKTDkzWTRxL3dCRkVVSUJaY1E9PSIsInZhbHVlIjoicFRER3kyaUlBNGxLMVFiRm9LQWd5SDQ5SExTc3JabVZDa2hhL2FJOU9FZDdQRGtjYjIvdVNlWFIycXZIMlhJeCIsIm1hYyI6IjQ1MDA4MzhkYzljZDM4ZWFkMTJmYTFhYmRmMmQ1MDQ4NDQ5YmI2NGI2MDE2N2Y1YzM5MDQyZjc0Nzc1ZWI2OTMifQ%3D%3D; expires=Wed, 05-Oct-2022 10:45:46 GMT; Max-Age=720000; path=/; httponly; samesite=lax
Content-Length: 430
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

swappauto.staging.lcsolutions.it/login

128.199.38.52

200 OK

9.2 kB

URL HTTP/1.1
swappauto.staging.lcsolutions.it/login
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
9.2 kB (9174 bytes)
Hash
5b5a5002a539eef479478a9cc6e913f8
0ac2c62d8dd966b916005b7895e27a3b7c64395e
8b27338d7c6ab2f11cfb6ed037b9a810a077526c9651f97042087492dd44cb0d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /login HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InJDUFNSdzdxcWpINmN1RUtRK2JFRFE9PSIsInZhbHVlIjoibHF0c0dRaGh6dm9xR0k0V202U01DSkZGT2M5RnRxTE1SejlWTWt4M2dwQUZvazhGUG9kUDFXTHg4OVVJNUp3SyIsIm1hYyI6ImRlMWMzM2E5MTNjZjViNTRiNmVjOGI4NjZjYjU1MmQ2MDZjYTY1OGIwNDUwNjk0ZGMxMjNlYjA3OWNmMTI1ZDYifQ%3D%3D; swappauto_session=eyJpdiI6ImtRUGZKTDkzWTRxL3dCRkVVSUJaY1E9PSIsInZhbHVlIjoicFRER3kyaUlBNGxLMVFiRm9LQWd5SDQ5SExTc3JabVZDa2hhL2FJOU9FZDdQRGtjYjIvdVNlWFIycXZIMlhJeCIsIm1hYyI6IjQ1MDA4MzhkYzljZDM4ZWFkMTJmYTFhYmRmMmQ1MDQ4NDQ5YmI2NGI2MDE2N2Y1YzM5MDQyZjc0Nzc1ZWI2OTMifQ%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 02:45:46 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
X-Powered-By: PHP/7.4.20
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6ImV3aDlLNStYMnY0a3pjZUtFUzQ0RHc9PSIsInZhbHVlIjoic3l0blZ6dGRBajNVVjhLdDFCeTN5bU9NdWhZc0JwKzBBbGpaUzVLOE5VNzNMR0d2dStaVCtxbWFlVnprRzcrSCIsIm1hYyI6IjQ2YmM1NTQwZWE2OTZiOGFkOGYzNDI2YWI5MWVhNDgyMWJlOWIwMzU1OTAwMWFiYTc2MTFjM2UxMjkyODlkOGYifQ%3D%3D; expires=Wed, 05-Oct-2022 10:45:46 GMT; Max-Age=720000; path=/; samesite=lax
swappauto_session=eyJpdiI6IkVRLzZYUXdtVkNoVHIyUll3NEZQWlE9PSIsInZhbHVlIjoiaHJZU0wyc2EvdHRlQlZoM1hjQ3hmWFRqWTF4eEhKL0tyb205VTZzZzJKcWt5OC9ROEJieHBaVjdmdy8vL2VMTCIsIm1hYyI6ImI2MTg5MTE5NDEzYmM5ZGFiY2YyMWUwODVkMTVhMzlmMDdjOWRiODQ1NWUyZTI1NjMyM2EwMzViYzYzYjcwYWYifQ%3D%3D; expires=Wed, 05-Oct-2022 10:45:46 GMT; Max-Age=720000; path=/; httponly; samesite=lax
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 02:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 02:36:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F-i-1MVVD_LcX42z2w4am5B5TGYlD6bLo5kUCzv5mCeEzTs4PACcnQ==
Age: 2100

cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.css

104.17.24.14

200 OK

2.9 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (22251)
Size
2.9 kB (2884 bytes)
Hash
c95836475d24dd21df887fd9775bd278
d2bc2d6ecba53190a2a1e38cdf846894dfd07471
ba23f357f2043203399507f85be70057566103b77f2ab757eff8cb0d86286857

HTTP Headers

GET /ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 02:45:46 GMT
content-type: text/css; charset=utf-8
content-length: 2884
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-580a"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1589666
expires: Sun, 17 Sep 2023 02:45:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRnSlXivgzjs0wLyphX6YqrrSF5JueVkQkwVTpD6PnP3dUc9NYRj8pMNH%2FU30Qqtcnlp2USvyslE0idgpMDC%2FFA1rCB5uvANOTbYHyXoCh%2BBfIgu3XYIbwMHfcM7M5WPwFVHwGXa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7510e7b4990cb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/select2/4.0.1/css/select2.min.css

104.17.24.14

200 OK

1.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/select2/4.0.1/css/select2.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (15089)
Size
1.6 kB (1613 bytes)
Hash
0a6ea1077e31fbe5384e2e000487d9cb
75955b385b3629ceb4515503483c3bd09cbf1bbb
1d4ba8cf978784c2b761105722f2003388b50f671bc9157ed01fa6658b2732ba

HTTP Headers

GET /ajax/libs/select2/4.0.1/css/select2.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 02:45:46 GMT
content-type: text/css; charset=utf-8
content-length: 1613
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fcb-3af2"
last-modified: Mon, 04 May 2020 16:16:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9690754
expires: Sun, 17 Sep 2023 02:45:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqHisCOMKOzxQs362u2IjAH9mzNcYzD78JXKkF94i495xAqEiZLjlcXSv5TlmWThMFksJik3ac%2FStFbfBu8%2Fsx0Afp%2B%2B8KNAwLaqfHnJ%2FV75CfygbD7DX3oEBsoUANHDuvCxN%2BCU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7510e7b4990db511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/moment.js/2.8.4/moment.min.js

104.17.24.14

200 OK

11 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/moment.js/2.8.4/moment.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32049)
Size
11 kB (10559 bytes)
Hash
59c564c62d3b9eabdb8d57df2efd1dab
cbe0dfa31901b825a33afa6a1cc294a098ef5118
70f4a330320cf383edbf4ee9ae5c5f0670ad7fefb34b298e59cd249bc9391224

HTTP Headers

GET /ajax/libs/moment.js/2.8.4/moment.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 02:45:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 10559
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-83f7"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1052703
expires: Sun, 17 Sep 2023 02:45:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1Hk%2FUMk8FzNEb4jmnvO5x%2B5MJhgaNqc2MLKgkj4GDKJqkC0k3ADwO%2F5moIJbJvA0fc1%2Fzline112tE5rL%2FNFz6I8dgapoXsL74n8c7riTgV5TTw2GEPyGlG92hvm7%2ByCgtH%2FG%2Fg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7510e7b49911b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/select2/4.0.1/js/select2.min.js

104.17.24.14

200 OK

15 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/select2/4.0.1/js/select2.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (32082)
Size
15 kB (15274 bytes)
Hash
e1764cd1f9fdb2d05a2bf72394157137
d5f310b35b1793b3961358834f7f90f8bae5d1c1
ba98e7891e8682e0af023536d5864565b59d08710c46033837f35f57a9749c3e

HTTP Headers

GET /ajax/libs/select2/4.0.1/js/select2.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 02:45:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 15274
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fcb-fd75"
last-modified: Mon, 04 May 2020 16:16:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9533767
expires: Sun, 17 Sep 2023 02:45:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BiuSMXtep8YihPX7qEHy9BiOPkD1%2FAUq4DEKq9MnwPLARmhvrPc8okxI9qmRn%2B3Z%2FKlLP0FJNBNcMgSXBom%2BMGWAKxnuyqWkvUN5hdF4KE7kOnsOj0pra5oSKb%2F7crmjb1MUFCU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7510e7b4990fb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.js

104.17.24.14

200 OK

6.4 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (27605)
Size
6.4 kB (6362 bytes)
Hash
605ded73021977319ac6e0ec73d764c9
b3c3248ea835fb413836d6adb30732a762c9e87d
bd656cd4a6496fb09dc41b1773c060564d4c521b458a4c435b7e18ce1ec97503

HTTP Headers

GET /ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 02:45:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 6362
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-6cf8"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9693018
expires: Sun, 17 Sep 2023 02:45:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jyn%2FMJo0nHnaUIKZ%2FJhrZ5pMFxRHTVPvZFUU97rq%2FB7L5vzTJMWw09gIDsN7nZVqXrTESmwtbim16ZZSGaApBLPiQV0oasmri1P87FD%2FZIqfeeo58QL8gxUYzAHqxElZsB8Mspem"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7510e7b4a913b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/gasparesganga-jquery-loading-overlay@2.1.7/dist/loadingoverlay.min.js

151.101.85.229

200 OK

3.6 kB

URL HTTP/2
cdn.jsdelivr.net/npm/gasparesganga-jquery-loading-overlay@2.1.7/dist/loadingoverlay.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (11601), with CRLF line terminators
Size
3.6 kB (3559 bytes)
Hash
8aad0f59b2229529376bb289e7dfdab0
6dea75506601cff6b99b31259b9775c391229eb9
33b68d453241e81706e15fd418af3005a5e3d538ac65db0771fba233d733a8be

HTTP Headers

GET /npm/gasparesganga-jquery-loading-overlay@2.1.7/dist/loadingoverlay.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.1.7
x-jsd-version-type: version
etag: W/"2f04-Hu5g/Uf/2vVT6ffvtwqdpzgYBkw"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 02:45:46 GMT
age: 2347594
x-served-by: cache-fra19122-FRA, cache-bma1680-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3559
X-Firefox-Spdy: h2

swappauto.staging.lcsolutions.it/css/custom.css

128.199.38.52

200 OK

366 B

URL HTTP/1.1
swappauto.staging.lcsolutions.it/css/custom.css
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
366 B (366 bytes)
Hash
d117acedc2fca10742c496681f510311
aa66ba504983bcee0e63286ec703e5d539ab6ef3
c1b4999b8d045fb59b0740046b0f514fd0a04eb797d1029c1d9b725120ae773d

HTTP Headers

GET /css/custom.css HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6ImV3aDlLNStYMnY0a3pjZUtFUzQ0RHc9PSIsInZhbHVlIjoic3l0blZ6dGRBajNVVjhLdDFCeTN5bU9NdWhZc0JwKzBBbGpaUzVLOE5VNzNMR0d2dStaVCtxbWFlVnprRzcrSCIsIm1hYyI6IjQ2YmM1NTQwZWE2OTZiOGFkOGYzNDI2YWI5MWVhNDgyMWJlOWIwMzU1OTAwMWFiYTc2MTFjM2UxMjkyODlkOGYifQ%3D%3D; swappauto_session=eyJpdiI6IkVRLzZYUXdtVkNoVHIyUll3NEZQWlE9PSIsInZhbHVlIjoiaHJZU0wyc2EvdHRlQlZoM1hjQ3hmWFRqWTF4eEhKL0tyb205VTZzZzJKcWt5OC9ROEJieHBaVjdmdy8vL2VMTCIsIm1hYyI6ImI2MTg5MTE5NDEzYmM5ZGFiY2YyMWUwODVkMTVhMzlmMDdjOWRiODQ1NWUyZTI1NjMyM2EwMzViYzYzYjcwYWYifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 02:45:46 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "16e-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 366
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

swappauto.staging.lcsolutions.it/assets/js/custom.js

128.199.38.52

200 OK

1.7 kB

URL HTTP/1.1
swappauto.staging.lcsolutions.it/assets/js/custom.js
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
Unicode text, UTF-8 text
Size
1.7 kB (1679 bytes)
Hash
e0c4385bb7a11df134206e8b07137de0
9b4b7deb9c44f5e2569a7dca4626842f15a95824
1ec124e44f6191a2bad073f2981571a781c416850e36b2b68d189fae82a74de8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/custom.js HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6ImV3aDlLNStYMnY0a3pjZUtFUzQ0RHc9PSIsInZhbHVlIjoic3l0blZ6dGRBajNVVjhLdDFCeTN5bU9NdWhZc0JwKzBBbGpaUzVLOE5VNzNMR0d2dStaVCtxbWFlVnprRzcrSCIsIm1hYyI6IjQ2YmM1NTQwZWE2OTZiOGFkOGYzNDI2YWI5MWVhNDgyMWJlOWIwMzU1OTAwMWFiYTc2MTFjM2UxMjkyODlkOGYifQ%3D%3D; swappauto_session=eyJpdiI6IkVRLzZYUXdtVkNoVHIyUll3NEZQWlE9PSIsInZhbHVlIjoiaHJZU0wyc2EvdHRlQlZoM1hjQ3hmWFRqWTF4eEhKL0tyb205VTZzZzJKcWt5OC9ROEJieHBaVjdmdy8vL2VMTCIsIm1hYyI6ImI2MTg5MTE5NDEzYmM5ZGFiY2YyMWUwODVkMTVhMzlmMDdjOWRiODQ1NWUyZTI1NjMyM2EwMzViYzYzYjcwYWYifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 02:45:46 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "68f-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 1679
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

swappauto.staging.lcsolutions.it/assets/css/icons.min.css

128.199.38.52

200 OK

71 kB

URL HTTP/1.1
swappauto.staging.lcsolutions.it/assets/css/icons.min.css
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
Unicode text, UTF-8 text, with very long lines (391)
Size
71 kB (71066 bytes)
Hash
c6f89cd5fe6024ca889ced1dbde94d6d
ecdb7bf19fa109c4403de11a0b494210f2cc52ac
10a59236d1ed5f775c089be201525aa8ca0db9697fb95e22fb811a1daddb3ab4

HTTP Headers

GET /assets/css/icons.min.css HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6ImV3aDlLNStYMnY0a3pjZUtFUzQ0RHc9PSIsInZhbHVlIjoic3l0blZ6dGRBajNVVjhLdDFCeTN5bU9NdWhZc0JwKzBBbGpaUzVLOE5VNzNMR0d2dStaVCtxbWFlVnprRzcrSCIsIm1hYyI6IjQ2YmM1NTQwZWE2OTZiOGFkOGYzNDI2YWI5MWVhNDgyMWJlOWIwMzU1OTAwMWFiYTc2MTFjM2UxMjkyODlkOGYifQ%3D%3D; swappauto_session=eyJpdiI6IkVRLzZYUXdtVkNoVHIyUll3NEZQWlE9PSIsInZhbHVlIjoiaHJZU0wyc2EvdHRlQlZoM1hjQ3hmWFRqWTF4eEhKL0tyb205VTZzZzJKcWt5OC9ROEJieHBaVjdmdy8vL2VMTCIsIm1hYyI6ImI2MTg5MTE5NDEzYmM5ZGFiY2YyMWUwODVkMTVhMzlmMDdjOWRiODQ1NWUyZTI1NjMyM2EwMzViYzYzYjcwYWYifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 02:45:46 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "1159a-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 71066
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

swappauto.staging.lcsolutions.it/assets/js/app.min.js

128.199.38.52

200 OK

9.0 kB

URL HTTP/1.1
swappauto.staging.lcsolutions.it/assets/js/app.min.js
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
9.0 kB (8980 bytes)
Hash
da57dd32113013c6690373f5ad6efc23
a2f2ed500178c6b95f390f92af63d2c53d5a2d5d
77c5ea962fe05d20e92f81c51ffc9e83727968b35807d08d4308915a48dc1a66

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/app.min.js HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6ImV3aDlLNStYMnY0a3pjZUtFUzQ0RHc9PSIsInZhbHVlIjoic3l0blZ6dGRBajNVVjhLdDFCeTN5bU9NdWhZc0JwKzBBbGpaUzVLOE5VNzNMR0d2dStaVCtxbWFlVnprRzcrSCIsIm1hYyI6IjQ2YmM1NTQwZWE2OTZiOGFkOGYzNDI2YWI5MWVhNDgyMWJlOWIwMzU1OTAwMWFiYTc2MTFjM2UxMjkyODlkOGYifQ%3D%3D; swappauto_session=eyJpdiI6IkVRLzZYUXdtVkNoVHIyUll3NEZQWlE9PSIsInZhbHVlIjoiaHJZU0wyc2EvdHRlQlZoM1hjQ3hmWFRqWTF4eEhKL0tyb205VTZzZzJKcWt5OC9ROEJieHBaVjdmdy8vL2VMTCIsIm1hYyI6ImI2MTg5MTE5NDEzYmM5ZGFiY2YyMWUwODVkMTVhMzlmMDdjOWRiODQ1NWUyZTI1NjMyM2EwMzViYzYzYjcwYWYifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 02:45:46 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "2314-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 8980
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5238
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 02:45:46 GMT
Last-Modified: Tue, 27 Sep 2022 01:18:28 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

swappauto.staging.lcsolutions.it/assets/css/app.min.css

128.199.38.52

200 OK

73 kB

URL HTTP/1.1
swappauto.staging.lcsolutions.it/assets/css/app.min.css
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
73 kB (72658 bytes)
Hash
c724250f9f7717cc088e36cf63acf321
5104064891b890fca7cd34e52755c8a4b7daac2a
425f9b7a4666374341c244c677a3593ca47da84d7d11d868b88b2f783376595b

HTTP Headers

GET /assets/css/app.min.css HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6ImV3aDlLNStYMnY0a3pjZUtFUzQ0RHc9PSIsInZhbHVlIjoic3l0blZ6dGRBajNVVjhLdDFCeTN5bU9NdWhZc0JwKzBBbGpaUzVLOE5VNzNMR0d2dStaVCtxbWFlVnprRzcrSCIsIm1hYyI6IjQ2YmM1NTQwZWE2OTZiOGFkOGYzNDI2YWI5MWVhNDgyMWJlOWIwMzU1OTAwMWFiYTc2MTFjM2UxMjkyODlkOGYifQ%3D%3D; swappauto_session=eyJpdiI6IkVRLzZYUXdtVkNoVHIyUll3NEZQWlE9PSIsInZhbHVlIjoiaHJZU0wyc2EvdHRlQlZoM1hjQ3hmWFRqWTF4eEhKL0tyb205VTZzZzJKcWt5OC9ROEJieHBaVjdmdy8vL2VMTCIsIm1hYyI6ImI2MTg5MTE5NDEzYmM5ZGFiY2YyMWUwODVkMTVhMzlmMDdjOWRiODQ1NWUyZTI1NjMyM2EwMzViYzYzYjcwYWYifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 02:45:46 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "11bd2-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 72658
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
100b8c66c962c44d11b03802c1bd4cb5
8eb84e6582fc2ede85fec38a2852818fc5818c6d
d78f522eadf8031ca234a831cd206dc5ba592b879d5c6623800d0c0c6ba44976

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 02:45:46 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "D486035C316A65068A9B890161915CA405D7CC2B"
Expires: Tue, 27 Sep 2022 13:00:00 GMT
Last-Modified: Tue, 27 Sep 2022 01:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2819
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7510e7b58e1d0b61-OSL

swappauto.staging.lcsolutions.it/assets/images/logo.png

128.199.38.52

200 OK

31 kB

URL HTTP/1.1
swappauto.staging.lcsolutions.it/assets/images/logo.png
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 500 x 494, 8-bit/color RGBA, non-interlaced\012- data
Size
31 kB (31407 bytes)
Hash
ca8b1a3af41121f5f49c3beaeebe5982
d4fe07926e8b7ab76cf4ea02a4b89ced2c569edc
ad28d53b5cc9e0d61743f4d80c6f37753cfeea10220c72ff2c82e27ca3dcd2fd

HTTP Headers

GET /assets/images/logo.png HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6ImV3aDlLNStYMnY0a3pjZUtFUzQ0RHc9PSIsInZhbHVlIjoic3l0blZ6dGRBajNVVjhLdDFCeTN5bU9NdWhZc0JwKzBBbGpaUzVLOE5VNzNMR0d2dStaVCtxbWFlVnprRzcrSCIsIm1hYyI6IjQ2YmM1NTQwZWE2OTZiOGFkOGYzNDI2YWI5MWVhNDgyMWJlOWIwMzU1OTAwMWFiYTc2MTFjM2UxMjkyODlkOGYifQ%3D%3D; swappauto_session=eyJpdiI6IkVRLzZYUXdtVkNoVHIyUll3NEZQWlE9PSIsInZhbHVlIjoiaHJZU0wyc2EvdHRlQlZoM1hjQ3hmWFRqWTF4eEhKL0tyb205VTZzZzJKcWt5OC9ROEJieHBaVjdmdy8vL2VMTCIsIm1hYyI6ImI2MTg5MTE5NDEzYmM5ZGFiY2YyMWUwODVkMTVhMzlmMDdjOWRiODQ1NWUyZTI1NjMyM2EwMzViYzYzYjcwYWYifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 02:45:46 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "7aaf-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 31407
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

swappauto.staging.lcsolutions.it/assets/js/vendor.min.js

128.199.38.52

200 OK

595 kB

URL HTTP/1.1
swappauto.staging.lcsolutions.it/assets/js/vendor.min.js
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
595 kB (594780 bytes)
Hash
86ac6995577bd9f7a3ac4208a29f091a
81c97551e11c15c0e208607d2feda909e82e568f
54b997ff7c38a053429e99c7aa3a6d1a88536298d892e846746049c8a1207bd7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/vendor.min.js HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6ImV3aDlLNStYMnY0a3pjZUtFUzQ0RHc9PSIsInZhbHVlIjoic3l0blZ6dGRBajNVVjhLdDFCeTN5bU9NdWhZc0JwKzBBbGpaUzVLOE5VNzNMR0d2dStaVCtxbWFlVnprRzcrSCIsIm1hYyI6IjQ2YmM1NTQwZWE2OTZiOGFkOGYzNDI2YWI5MWVhNDgyMWJlOWIwMzU1OTAwMWFiYTc2MTFjM2UxMjkyODlkOGYifQ%3D%3D; swappauto_session=eyJpdiI6IkVRLzZYUXdtVkNoVHIyUll3NEZQWlE9PSIsInZhbHVlIjoiaHJZU0wyc2EvdHRlQlZoM1hjQ3hmWFRqWTF4eEhKL0tyb205VTZzZzJKcWt5OC9ROEJieHBaVjdmdy8vL2VMTCIsIm1hYyI6ImI2MTg5MTE5NDEzYmM5ZGFiY2YyMWUwODVkMTVhMzlmMDdjOWRiODQ1NWUyZTI1NjMyM2EwMzViYzYzYjcwYWYifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 02:45:46 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "9135c-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 594780
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 02:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

swappauto.staging.lcsolutions.it/images/auth-bg.jpg?4e8d1bcb8749fb163af9de0151cc6fed

128.199.38.52

200 OK

233 kB

URL HTTP/1.1
swappauto.staging.lcsolutions.it/images/auth-bg.jpg?4e8d1bcb8749fb163af9de0151cc6fed
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.2.10], baseline, precision 8, 2000x3000, components 3\012- data
Size
233 kB (233075 bytes)
Hash
3a07778ed82f7d0fba5493bfc60f5af1
4d4f46423df7be2603288b3d37947e122dbd10a9
4f3a2c5ef66fb5e46bf982e0737ddeb7de330e77790e7ecffe76a3f71f433efa

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /images/auth-bg.jpg?4e8d1bcb8749fb163af9de0151cc6fed HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/assets/css/app.min.css
Cookie: XSRF-TOKEN=eyJpdiI6ImV3aDlLNStYMnY0a3pjZUtFUzQ0RHc9PSIsInZhbHVlIjoic3l0blZ6dGRBajNVVjhLdDFCeTN5bU9NdWhZc0JwKzBBbGpaUzVLOE5VNzNMR0d2dStaVCtxbWFlVnprRzcrSCIsIm1hYyI6IjQ2YmM1NTQwZWE2OTZiOGFkOGYzNDI2YWI5MWVhNDgyMWJlOWIwMzU1OTAwMWFiYTc2MTFjM2UxMjkyODlkOGYifQ%3D%3D; swappauto_session=eyJpdiI6IkVRLzZYUXdtVkNoVHIyUll3NEZQWlE9PSIsInZhbHVlIjoiaHJZU0wyc2EvdHRlQlZoM1hjQ3hmWFRqWTF4eEhKL0tyb205VTZzZzJKcWt5OC9ROEJieHBaVjdmdy8vL2VMTCIsIm1hYyI6ImI2MTg5MTE5NDEzYmM5ZGFiY2YyMWUwODVkMTVhMzlmMDdjOWRiODQ1NWUyZTI1NjMyM2EwMzViYzYzYjcwYWYifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 02:45:46 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "38e73-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 233075
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 02:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

swappauto.staging.lcsolutions.it/assets/css/bootstrap.min.css

128.199.38.52

200 OK

472 B

URL HTTP/1.1
swappauto.staging.lcsolutions.it/assets/css/bootstrap.min.css
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
data
Size
472 B (472 bytes)
Hash
737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a

HTTP Headers

GET /assets/css/bootstrap.min.css HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6ImV3aDlLNStYMnY0a3pjZUtFUzQ0RHc9PSIsInZhbHVlIjoic3l0blZ6dGRBajNVVjhLdDFCeTN5bU9NdWhZc0JwKzBBbGpaUzVLOE5VNzNMR0d2dStaVCtxbWFlVnprRzcrSCIsIm1hYyI6IjQ2YmM1NTQwZWE2OTZiOGFkOGYzNDI2YWI5MWVhNDgyMWJlOWIwMzU1OTAwMWFiYTc2MTFjM2UxMjkyODlkOGYifQ%3D%3D; swappauto_session=eyJpdiI6IkVRLzZYUXdtVkNoVHIyUll3NEZQWlE9PSIsInZhbHVlIjoiaHJZU0wyc2EvdHRlQlZoM1hjQ3hmWFRqWTF4eEhKL0tyb205VTZzZzJKcWt5OC9ROEJieHBaVjdmdy8vL2VMTCIsIm1hYyI6ImI2MTg5MTE5NDEzYmM5ZGFiY2YyMWUwODVkMTVhMzlmMDdjOWRiODQ1NWUyZTI1NjMyM2EwMzViYzYzYjcwYWYifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 02:45:46 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "3096b-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 199019
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 02:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8-BM5tU1E.woff2

142.250.74.163

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8-BM5tU1E.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17364, version 1.0\012- data
Size
17 kB (17364 bytes)
Hash
a8c24ee1c2db8b27eaec48b3d85b6e5a
ef3332a6231b4ad7777a0e6d01251f4bc32044e2
00dd63b0ca2fb12eb12eef7af3f543b085cb1e94d1a861b484865c973b75e93e

HTTP Headers

GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8-BM5tU1E.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://swappauto.staging.lcsolutions.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17364
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:25:11 GMT
expires: Tue, 26 Sep 2023 21:25:11 GMT
cache-control: public, max-age=31536000
age: 19235
last-modified: Mon, 09 May 2022 18:32:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

142.250.74.163

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16980, version 1.0\012- data
Size
17 kB (16980 bytes)
Hash
8a97f720d330e75ccdbda9ae0e9f5e90
8e4fee916581ab48d385187705667cebc7500afe
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

HTTP Headers

GET /s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://swappauto.staging.lcsolutions.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16980
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:08:02 GMT
expires: Tue, 26 Sep 2023 21:08:02 GMT
cache-control: public, max-age=31536000
age: 20264
last-modified: Mon, 09 May 2022 18:33:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2

142.250.74.163

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\012- data
Size
17 kB (17156 bytes)
Hash
7e344afc10a492d516789f072fa6edfd
f38bd0b4e9d0577528f533b8ecd80801a0c6340f
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3

HTTP Headers

GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://swappauto.staging.lcsolutions.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:23:18 GMT
expires: Tue, 26 Sep 2023 21:23:18 GMT
cache-control: public, max-age=31536000
age: 19348
last-modified: Mon, 09 May 2022 18:33:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

swappauto.staging.lcsolutions.it/assets/images/favicon.ico

128.199.38.52

200 OK

9.7 kB

URL HTTP/1.1
swappauto.staging.lcsolutions.it/assets/images/favicon.ico
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel\012- data
Size
9.7 kB (9662 bytes)
Hash
23284715084f7fee0c5ee4625ad332e1
3655d51cb444a5e33e1e8811ba6c516f46c40c8d
6930646976f63a4e5dfa27e4b57647004e0a9366523657f157486c660c24c02c

HTTP Headers

GET /assets/images/favicon.ico HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6ImV3aDlLNStYMnY0a3pjZUtFUzQ0RHc9PSIsInZhbHVlIjoic3l0blZ6dGRBajNVVjhLdDFCeTN5bU9NdWhZc0JwKzBBbGpaUzVLOE5VNzNMR0d2dStaVCtxbWFlVnprRzcrSCIsIm1hYyI6IjQ2YmM1NTQwZWE2OTZiOGFkOGYzNDI2YWI5MWVhNDgyMWJlOWIwMzU1OTAwMWFiYTc2MTFjM2UxMjkyODlkOGYifQ%3D%3D; swappauto_session=eyJpdiI6IkVRLzZYUXdtVkNoVHIyUll3NEZQWlE9PSIsInZhbHVlIjoiaHJZU0wyc2EvdHRlQlZoM1hjQ3hmWFRqWTF4eEhKL0tyb205VTZzZzJKcWt5OC9ROEJieHBaVjdmdy8vL2VMTCIsIm1hYyI6ImI2MTg5MTE5NDEzYmM5ZGFiY2YyMWUwODVkMTVhMzlmMDdjOWRiODQ1NWUyZTI1NjMyM2EwMzViYzYzYjcwYWYifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 02:45:46 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "25be-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 9662
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 02:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

34.223.168.227

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.223.168.227:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nOP0AMEEq8mLwM3jbuek6w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: StKKE1enPgYdWsorKJn9UQJHpw8=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7833
Expires: Tue, 27 Sep 2022 04:56:21 GMT
Date: Tue, 27 Sep 2022 02:45:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7833
Expires: Tue, 27 Sep 2022 04:56:21 GMT
Date: Tue, 27 Sep 2022 02:45:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7833
Expires: Tue, 27 Sep 2022 04:56:21 GMT
Date: Tue, 27 Sep 2022 02:45:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7833
Expires: Tue, 27 Sep 2022 04:56:21 GMT
Date: Tue, 27 Sep 2022 02:45:48 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6829 bytes)
Hash
62ece01d7e0036711832df5a25175b3b
c80d9ce02eeaa7b0166a696e811d2cffde4997d0
8a1968c18b44495571ff382a9cacfb7f98d3e1275d650e84cb310d635eae7e70

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6829
x-amzn-requestid: cc3229a7-7c7e-472b-b7a4-1216594c4068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yshb2FwhoAMF2EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632815e5-0964e463192712fb08a29ee7;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 07:10:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5cPZZOqAPyLdASSDpGDdne0bUt_SswKXMjufitPEjmp6tG5XtYz5Ag==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:05:59 GMT
age: 16789
etag: "c80d9ce02eeaa7b0166a696e811d2cffde4997d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9163 bytes)
Hash
deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 17790
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6390 bytes)
Hash
14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:25:52 GMT
age: 4796
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7701 bytes)
Hash
9ff2dbdbf6d450f0d9774777b3c5aa6e
2f7876bd0e4b52aa04ccf1c2a45359156eaefb97
4c2184b8150834adf1e9ec807f3175b6fcd574920a98c857db2cfb01b78da2fe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7701
x-amzn-requestid: 63bfd7b5-f18e-4396-99a8-fb24dee1ee0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGCmmGswoAMF2zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324af6-04fa1b18525182b7213f844c;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:59:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KT47E-2_0O70MgMbGzSjvVaFrWwQybXKo_dkWMw2vnqBElOZtT_Big==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
age: 5993
etag: "2f7876bd0e4b52aa04ccf1c2a45359156eaefb97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6487 bytes)
Hash
e88b78ede0e4583585d6bb805fb39470
edff303440c5972381295b4b2602bd3f77f6702a
ce55a1ff5c71ec43884b74a08cd32ef75cb0632a91f3fe8b150f5ead499375a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6487
x-amzn-requestid: cd11b94b-24be-4e6d-bce3-a480b2c1cc23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDWDQEYAIAMFetw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633136e1-5fcb76b5408fdfa20ec55dd8;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 05:21:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GcEH02ZlJM-8wUvNf7K7rK7f1cs6_m4i9UYUNxXUGzcDTEz74JH3cA==
via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:59:28 GMT
age: 17180
etag: "edff303440c5972381295b4b2602bd3f77f6702a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7128 bytes)
Hash
4197a8a505b360b0c43142faf8cb7f48
4dbd2da7f7c45a97e3f6f6544ed428e892227cc3
434039a91ec37c8ff827c78f7613aa4f6416ded182b01140048a52654a2de4ce

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7128
x-amzn-requestid: 5806782b-498e-427b-be73-a94695e3cacf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlPfFn4IAMFwMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bfc-07a420d631e463286c1dafa0;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:08 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dVs6mb-XGvvd4DXu8yFwO11iheR3QU3O3jFpxjcHZnWCc6jlXpx0Rg==
via: 1.1 6c90b631453c435bd0022caa657b67e8.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:51:54 GMT
age: 17634
etag: "4dbd2da7f7c45a97e3f6f6544ed428e892227cc3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,900&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Nunito+Sans:300,400,600,700,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 02:45:46 GMT
date: Tue, 27 Sep 2022 02:45:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (46)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1