Report - hkuhman.cf/serviziooclienti

Report Overview

Submitted URL
hkuhman.cf/serviziooclienti
IP
162.240.221.204
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2022-09-23 10:05:28
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	63 kB	34.120.237.76
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	1.9 kB	104.18.32.68
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.69.181.45
ocsp.usertrust.com	899	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	660 B	5.6 kB	172.64.155.188
youweb.bancobpm.it	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	771 B	14 kB	62.97.1.160
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
hkuhman.cf	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	16 kB	1.3 MB	162.240.221.204

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-23	medium	hkuhman.cf/serviziooclienti	Phishing
2022-09-23	medium	hkuhman.cf/serviziooclienti/	Phishing
2022-09-23	medium	hkuhman.cf/serviziooclienti/YouWeb_files/jquery-migrate-1.4.1.min.js.download	Phishing
2022-09-23	medium	hkuhman.cf/serviziooclienti/YouWeb_files/jquery.ui.touch-punch.min.js.download	Phishing
2022-09-23	medium	hkuhman.cf/serviziooclienti/YouWeb_files/bootstrap.min.js.download	Phishing
2022-09-23	medium	hkuhman.cf/serviziooclienti/YouWeb_files/jquery-1.11.3.min.js.download	Phishing
2022-09-23	medium	hkuhman.cf/serviziooclienti/YouWeb_files/jquery-ui.min.js.download	Phishing
2022-09-23	medium	hkuhman.cf/serviziooclienti/YouWeb_files/img/bg_public.jpg?a=1	Phishing
2022-09-23	medium	hkuhman.cf/serviziooclienti/YouWeb_files/font/montserrat-light-webfont.woff2	Phishing
2022-09-23	medium	hkuhman.cf/serviziooclienti/YouWeb_files/font/montserrat-medium-webfont.woff2	Phishing
2022-09-23	medium	hkuhman.cf/serviziooclienti/YouWeb_files/font/montserrat-semibold-webfont.woff2	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	hkuhman.cf/serviziooclienti/YouWeb_files/jquery-migrate-1.4.1.min.js.download	10 kB	2023-03-07	2024-04-26
Pretty URL hkuhman.cf/serviziooclienti/YouWeb_files/jquery-migrate-1.4.1.min.js.download IP 162.240.221.204 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-26 06:13:56 Times Seen37230 Hash 7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Loading...

	hkuhman.cf/serviziooclienti/YouWeb_files/bootstrap.min.js.download	36 kB	2023-03-07	2024-04-26
Pretty URL hkuhman.cf/serviziooclienti/YouWeb_files/bootstrap.min.js.download IP 162.240.221.204 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 02:00:00 Times Seen7795 Hash 8c237312864d2e4c4f03544cd4f9b195 253711c6d825de55a8360552573be950da180614 d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8 Loading...

	hkuhman.cf/serviziooclienti/YouWeb_files/jquery-1.11.3.min.js.download	96 kB	2023-03-07	2024-04-26
Pretty URL hkuhman.cf/serviziooclienti/YouWeb_files/jquery-1.11.3.min.js.download IP 162.240.221.204 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:25 Last Seen2024-04-26 04:11:36 Times Seen10415 Hash 895323ed2f7258af4fae2c738c8aea49 276c87ff3e1e3155679c318938e74e5c1b76d809 ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 Loading...

	hkuhman.cf/serviziooclienti/YouWeb_files/jquery-ui.min.js.download	238 kB	2023-03-07	2024-02-21
Pretty URL hkuhman.cf/serviziooclienti/YouWeb_files/jquery-ui.min.js.download IP 162.240.221.204 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:47 Last Seen2024-02-21 04:19:52 Times Seen177 Hash 626b7b0ed4fd9c1944a7bc76417f3215 b9831f123674502401a189241098ac205f03469a 4f75b532725adcef5efb538117483dd56fea307b313c9426841152735c76e755 Loading...

	hkuhman.cf/serviziooclienti/YouWeb_files/jquery.ui.touch-punch.min.js.download	1.3 kB	2023-03-07	2024-04-26
Pretty URL hkuhman.cf/serviziooclienti/YouWeb_files/jquery.ui.touch-punch.min.js.download IP 162.240.221.204 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-04-26 00:25:19 Times Seen3438 Hash 700b877cd3ade98ce6cd4be349d81a5c c1c36e6927436231eb20474356b29667c4c648aa 000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd Loading...

	hkuhman.cf/serviziooclienti/	62 B	2023-03-07	2023-08-25
Pretty URL hkuhman.cf/serviziooclienti/ IP 162.240.221.204 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:47 Last Seen2023-08-25 11:29:13 Times Seen3 Hash f477227213c93967d989c77ff03823c6 db1d0a983fff7b819b3f1bc8b723816aebf829e9 07863d8b5d98d6783c75e8515647b7a8035556c8930abe197f6da117c18fc887 Loading...

	hkuhman.cf/serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F	83 B	2023-03-07	2023-03-07
Pretty URL hkuhman.cf/serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F IP 162.240.221.204 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:08:13 Last Seen2023-03-07 23:46:47 Times Seen1 Hash 8adab044c19d3c593b18e69fa73a4789 28eb875b3da90b2524775a3cf4eb14c38f50ef63 3ace7e4da138dfb1c31658085b9f8d765aa0167102285388eda5e750c3060532 Loading...

HTTP Transactions (62)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 09:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CTK5J0tBcR99y4K3e4zNqwJXnKs7-otVlSBPGwkHx2jLnFtvJsYuOg==
Age: 3070

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18543
Expires: Fri, 23 Sep 2022 15:14:20 GMT
Date: Fri, 23 Sep 2022 10:05:17 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _1jzxtFaY7FMB1jUV6lapDTMos6vqvJxZXFsgaDdFUZCemT60UpQLg==
age: 19803
X-Firefox-Spdy: h2

hkuhman.cf/serviziooclienti

162.240.221.204

301 Moved Permanently

243 B

URL HTTP/1.1
hkuhman.cf/serviziooclienti
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
243 B (243 bytes)
Hash
7a7229f9a687e6c40cbb6e7f4c6d442d
b1e8f517918ee114f06589ebc8231831f88f7910
b3d6e4edb232731cb58321fe100f40c74456022901b0dc180af27ed842471fed

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /serviziooclienti HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 23 Sep 2022 10:05:16 GMT
Server: Apache
Location: http://hkuhman.cf/serviziooclienti/
Content-Length: 243
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:05:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

hkuhman.cf/serviziooclienti/

162.240.221.204

200 OK

17 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1235), with CRLF line terminators
Size
17 kB (16816 bytes)
Hash
6d45334e1d495250a6827926011b3527
bfdddb1e726d19cab08d5f4a006f6c4c9c3a14c5
a1d2846669a9d7790ee95bce583fab63f10249a1a68f1da54f7940e61d269d64

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /serviziooclienti/ HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:17 GMT
Server: Apache
Set-Cookie: COOKIE_KEY=166392751793; expires=Mon, 20-Sep-2032 10:05:17 GMT; Max-Age=315360000
COOKIE_KEY=166392751799; expires=Mon, 20-Sep-2032 10:05:17 GMT; Max-Age=315360000
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 10:03:22 GMT
Expires: Fri, 23 Sep 2022 10:23:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vCrPv4maZAsu6HTtOHtZtLWNPXVncuJDv-7R4oMVZyes35xx9Ui8Vg==
Age: 115

hkuhman.cf/serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F

162.240.221.204

200 OK

117 B

URL HTTP/1.1
hkuhman.cf/serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
117 B (117 bytes)
Hash
838e617fb078aac0059987b0b27b05c5
5b7780005f344cda74c876fb39f92ec322829106
b2a8ee3813d76bcd868fcbbc5a6b85c0bf49c623cf64b99923c71293ddcaa8dd

HTTP Headers

GET /serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/
Cookie: COOKIE_KEY=166392751799
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:17 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2848
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 10:05:17 GMT
Last-Modified: Fri, 23 Sep 2022 09:17:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-struttura.css

162.240.221.204

200 OK

24 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-struttura.css
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text
Size
24 kB (24536 bytes)
Hash
145dc24cd1e056e227e98bc5cfa7e393
82069aa03cdc2ca201eaf68211659779da57a8bb
a5a96fe34232e9a423688994c3d8899d2f5ae361eb1104a4d135e3ca7d27833f

HTTP Headers

GET /serviziooclienti/YouWeb_files/youWeb-struttura.css HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:17 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:10:40 GMT
Accept-Ranges: bytes
Content-Length: 24536
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-sm-desktop.css

162.240.221.204

200 OK

9.3 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-sm-desktop.css
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1455), with CRLF line terminators
Size
9.3 kB (9305 bytes)
Hash
763fb08657167e8836f9e4b4fd36e15e
f7bc3a669702c4a53b05457aef62f1653f33863d
8b6e93132724e12ec714f88a7d850451df7d555830ff4fbc2d632d0e7bc81fb4

HTTP Headers

GET /serviziooclienti/YouWeb_files/youWeb-sm-desktop.css HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:17 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:10:32 GMT
Accept-Ranges: bytes
Content-Length: 9305
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

hkuhman.cf/serviziooclienti/YouWeb_files/jquery-migrate-1.4.1.min.js.download

162.240.221.204

200 OK

10 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/jquery-migrate-1.4.1.min.js.download
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (9959)
Size
10 kB (10056 bytes)
Hash
7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /serviziooclienti/YouWeb_files/jquery-migrate-1.4.1.min.js.download HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:17 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 06 Mar 2021 00:02:56 GMT
Accept-Ranges: bytes
Content-Length: 10056
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript

hkuhman.cf/serviziooclienti/YouWeb_files/jquery.ui.touch-punch.min.js.download

162.240.221.204

200 OK

1.3 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/jquery.ui.touch-punch.min.js.download
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (1090)
Size
1.3 kB (1291 bytes)
Hash
700b877cd3ade98ce6cd4be349d81a5c
c1c36e6927436231eb20474356b29667c4c648aa
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /serviziooclienti/YouWeb_files/jquery.ui.touch-punch.min.js.download HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:17 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:02:56 GMT
Accept-Ranges: bytes
Content-Length: 1291
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

hkuhman.cf/serviziooclienti/YouWeb_files/all.css

162.240.221.204

200 OK

62 B

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/all.css
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
62 B (62 bytes)
Hash
383cb0b210620aca1052d289625fde91
ea6d8680768cd2f8b8df9884a9081f14d1fbbb33
b63a5b26a268f8e753d0ba75bb087d79698d7177f8ccc0ba2ac914a329bfe625

HTTP Headers

GET /serviziooclienti/YouWeb_files/all.css HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:17 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:05:40 GMT
Accept-Ranges: bytes
Content-Length: 62
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

hkuhman.cf/serviziooclienti/YouWeb_files/bootstrap.min.js.download

162.240.221.204

200 OK

36 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/bootstrap.min.js.download
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (32025)
Size
36 kB (35951 bytes)
Hash
8c237312864d2e4c4f03544cd4f9b195
253711c6d825de55a8360552573be950da180614
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /serviziooclienti/YouWeb_files/bootstrap.min.js.download HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:17 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 06 Mar 2021 00:02:56 GMT
Accept-Ranges: bytes
Content-Length: 35951
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript

hkuhman.cf/serviziooclienti/YouWeb_files/bootstrap.height.plugin.css

162.240.221.204

200 OK

2.9 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/bootstrap.height.plugin.css
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
2.9 kB (2937 bytes)
Hash
13844bef4cfa152aae70a6e6a10c5bcd
d8bd79976f5841713e44a26e140ee1ec6dcbebf3
d74045740566a00d1da11ecc5153fc214e4452ad090fb3091e315c6759cb86b5

HTTP Headers

GET /serviziooclienti/YouWeb_files/bootstrap.height.plugin.css HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:17 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:02:56 GMT
Accept-Ranges: bytes
Content-Length: 2937
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

push.services.mozilla.com/

54.69.181.45

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.69.181.45:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Vp+YHat3bzTGEJV+OyeOCA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Gugs4RmrXI82VJ5NsjNebnIo4EA=

hkuhman.cf/serviziooclienti/YouWeb_files/ie10-viewport.css

162.240.221.204

200 OK

518 B

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/ie10-viewport.css
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
518 B (518 bytes)
Hash
73e0056578ff3a5cf2e0359f62ae23f3
cf5d9b09f4be98611a460804aaa3a7abd9eaf6f2
40d3bc447175dafb479f5f2204ed79b27e852a949320f55522287d8428849415

HTTP Headers

GET /serviziooclienti/YouWeb_files/ie10-viewport.css HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:17 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:02:56 GMT
Accept-Ranges: bytes
Content-Length: 518
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

hkuhman.cf/serviziooclienti/YouWeb_files/jquery-1.11.3.min.js.download

162.240.221.204

200 OK

96 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/jquery-1.11.3.min.js.download
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (32038)
Size
96 kB (95957 bytes)
Hash
895323ed2f7258af4fae2c738c8aea49
276c87ff3e1e3155679c318938e74e5c1b76d809
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /serviziooclienti/YouWeb_files/jquery-1.11.3.min.js.download HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:17 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 06 Mar 2021 00:02:56 GMT
Accept-Ranges: bytes
Content-Length: 95957
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript

hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-xs-mobile-struttura.css

162.240.221.204

200 OK

20 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-xs-mobile-struttura.css
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
20 kB (19725 bytes)
Hash
749b1a78599686d5548944db5cb20e90
429c83c692b3c147819b3d1fa4ae2547ee4ee7f5
73283ea98fa2cf11c77903f207385aea60302277c3de61444e27d80ea634f696

HTTP Headers

GET /serviziooclienti/YouWeb_files/youWeb-xs-mobile-struttura.css HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-struttura.css
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:17 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:10:54 GMT
Accept-Ranges: bytes
Content-Length: 19725
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-icone.css

162.240.221.204

200 OK

16 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-icone.css
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
16 kB (16292 bytes)
Hash
f05754dee5838083a3374019ea576118
4fe9b658199917038afac55cc33f1a489668f784
8b042878b9323acf8c7b92953e2e2c293b1be3479a430cf7e3ef3a7c188c9160

HTTP Headers

GET /serviziooclienti/YouWeb_files/youWeb-icone.css HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-struttura.css
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:17 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:10:00 GMT
Accept-Ranges: bytes
Content-Length: 16292
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-sm-desktop-struttura.css

162.240.221.204

200 OK

20 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-sm-desktop-struttura.css
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
20 kB (20200 bytes)
Hash
6ab34ad7a6a0e7a42edf20d83b796188
41f72157e48ec89782ed2087bbc99423db3301b5
8f234e83d14ea5ba763159a72eac361f5ccc61f404bf49d10b5c5c2e113651cb

HTTP Headers

GET /serviziooclienti/YouWeb_files/youWeb-sm-desktop-struttura.css HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-struttura.css
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:18 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:10:24 GMT
Accept-Ranges: bytes
Content-Length: 20200
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

hkuhman.cf/serviziooclienti/YouWeb_files/bootstrap.css

162.240.221.204

200 OK

68 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/bootstrap.css
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (540), with CRLF line terminators
Size
68 kB (67909 bytes)
Hash
00154195553284cfb57b38adbc313ee1
2be1eac9b0149f8a35c11b30c3fffd2d2a4b1c5a
ce4827e596ff84952373cad1fbfae8ec6b43e81dc29e165afdbbef3fd9de0d96

HTTP Headers

GET /serviziooclienti/YouWeb_files/bootstrap.css HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/YouWeb_files/all.css
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:18 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:06:00 GMT
Accept-Ranges: bytes
Content-Length: 67909
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

hkuhman.cf/serviziooclienti/YouWeb_files/print.css

162.240.221.204

200 OK

14 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/print.css
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (540)
Size
14 kB (14340 bytes)
Hash
d613ebb58f2c9f81ade83f21fd4ba4b8
6615ecc094a9ce36102659537b43d4139a63a0e7
5e3057f7e3cd590f4407505bf95c0055f5cb32953b776711086bd846e5de4a07

HTTP Headers

GET /serviziooclienti/YouWeb_files/print.css HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/YouWeb_files/all.css
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:18 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:02:56 GMT
Accept-Ranges: bytes
Content-Length: 14340
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

hkuhman.cf/serviziooclienti/YouWeb_files/jquery-ui.min.js.download

162.240.221.204

200 OK

238 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/jquery-ui.min.js.download
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (32775)
Size
238 kB (238314 bytes)
Hash
626b7b0ed4fd9c1944a7bc76417f3215
b9831f123674502401a189241098ac205f03469a
4f75b532725adcef5efb538117483dd56fea307b313c9426841152735c76e755

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /serviziooclienti/YouWeb_files/jquery-ui.min.js.download HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:17 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 06 Mar 2021 00:02:56 GMT
Accept-Ranges: bytes
Content-Length: 238314
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript

hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-main.css

162.240.221.204

200 OK

326 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-main.css
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text
Size
326 kB (325630 bytes)
Hash
fd76d080fe3f668c0007e0ac03983286
057f3074be015afd526dc8f103f87280951cb189
e8901fde1422eda631b8ecaa4f5b481fc9295e2a2e39305d6f41da50f7d69a30

HTTP Headers

GET /serviziooclienti/YouWeb_files/youWeb-main.css HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:17 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:10:14 GMT
Accept-Ranges: bytes
Content-Length: 325630
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

hkuhman.cf/serviziooclienti/YouWeb_files/ico_appNew.png

162.240.221.204

200 OK

9.9 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/ico_appNew.png
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 162 x 162, 8-bit/color RGBA, non-interlaced\012- data
Size
9.9 kB (9934 bytes)
Hash
44a51b4afb9e2184544ad2aed1de48bd
500e90fc4accba1da500620704f27b026a5188d2
afa8871f38407eba82d7af2153460991a50b6a5c5465ccced03f7ffd8b3c5a0e

HTTP Headers

GET /serviziooclienti/YouWeb_files/ico_appNew.png HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:18 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:02:56 GMT
Accept-Ranges: bytes
Content-Length: 9934
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

hkuhman.cf/serviziooclienti/YouWeb_files/ico_covid19.png

162.240.221.204

200 OK

7.1 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/ico_covid19.png
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 162 x 162, 8-bit/color RGBA, non-interlaced\012- data
Size
7.1 kB (7057 bytes)
Hash
8afacbf8c623891f0b6823e3f2580b49
3837dae5fd01dff16eb513ef1bff23418d1d0e44
a91e39a437fef19db73bfca15e4642aa504fd692dbc63f90b769d335762ae82f

HTTP Headers

GET /serviziooclienti/YouWeb_files/ico_covid19.png HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:18 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:02:56 GMT
Accept-Ranges: bytes
Content-Length: 7057
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

hkuhman.cf/serviziooclienti/YouWeb_files/ico_android.png

162.240.221.204

200 OK

1.3 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/ico_android.png
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 24 x 27, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1272 bytes)
Hash
a721f068df57923a7b5a3458d59aa792
690bf3b4c674b4fd4d58e4282a164b7500aab9ed
13e087f2c275c8392174523707cb16e38c6e4d7c3b1990317be161e59bd09359

HTTP Headers

GET /serviziooclienti/YouWeb_files/ico_android.png HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:18 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:02:56 GMT
Accept-Ranges: bytes
Content-Length: 1272
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

hkuhman.cf/serviziooclienti/YouWeb_files/ico_apple.png

162.240.221.204

200 OK

1.4 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/ico_apple.png
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1362 bytes)
Hash
9b2b8921e663d27a1d74fef44d258850
dd5f361aa21af4cab3fc946047f253a2958194fe
f048f986415c8132286e80e921d377694a6896971174635bbfb6ffc65a140ef8

HTTP Headers

GET /serviziooclienti/YouWeb_files/ico_apple.png HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:18 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:02:56 GMT
Accept-Ranges: bytes
Content-Length: 1362
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-xxs-mobile.css

162.240.221.204

200 OK

757 B

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-xxs-mobile.css
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
757 B (757 bytes)
Hash
be016df386041c7f8d82f6406b38fc42
87ef30937a98ada92cb5400459f87d70fa91ee1d
3bb54cd702fc7c6f265126bfda02357aaf0f6ef0f4b9143517e270c27c9eb999

HTTP Headers

GET /serviziooclienti/YouWeb_files/youWeb-xxs-mobile.css HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-main.css
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:18 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:07:12 GMT
Accept-Ranges: bytes
Content-Length: 757
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-xs-mobile.css

162.240.221.204

200 OK

80 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-xs-mobile.css
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text
Size
80 kB (80336 bytes)
Hash
d6b086b932f9389b1c58365abe5de8b4
7d63d45e45fe7bceeab7df572b9e3c73a3b173f4
4ae9cdebc2205a860c888733fbef6b5bcc4faee2285df77d59f9cf41f45b3f0f

HTTP Headers

GET /serviziooclienti/YouWeb_files/youWeb-xs-mobile.css HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-main.css
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:18 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:11:02 GMT
Accept-Ranges: bytes
Content-Length: 80336
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css

hkuhman.cf/serviziooclienti/YouWeb_files/img/bg_public.jpg?a=1

162.240.221.204

200 OK

226 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/img/bg_public.jpg?a=1
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1080, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], progressive, precision 8, 1920x1080, components 3\012- data
Size
226 kB (225680 bytes)
Hash
5fb8ac90d9b4c780855de93a5eab4508
d93fe69f273435be76871b34f74bd89f6047f331
b5cd6bacc70b8d89c604d517fdefc92765be32a4a394adceb083497fb65812b7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /serviziooclienti/YouWeb_files/img/bg_public.jpg?a=1 HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-main.css
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:19 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:11:38 GMT
Accept-Ranges: bytes
Content-Length: 225680
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

hkuhman.cf/serviziooclienti/YouWeb_files/img/logo_bancobpm@2x.png

162.240.221.204

200 OK

11 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/img/logo_bancobpm@2x.png
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 226 x 58, 8-bit/color RGBA, interlaced\012- data
Size
11 kB (10570 bytes)
Hash
0be45396a6210ddaf1cd909d34e70433
2d8536de7d426fd969aa1023dbdf6b5361963366
cc8f234f2ae5221f5e33df49bef454ae03fbb80c9db4aaf8e53bd85fad4c575e

HTTP Headers

GET /serviziooclienti/YouWeb_files/img/logo_bancobpm@2x.png HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-sm-desktop-struttura.css
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:19 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:12:04 GMT
Accept-Ranges: bytes
Content-Length: 10570
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

hkuhman.cf/serviziooclienti/YouWeb_files/font/montserrat-light-webfont.woff2

162.240.221.204

200 OK

18 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/font/montserrat-light-webfont.woff2
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 18008, version 6.65\012- data
Size
18 kB (18008 bytes)
Hash
939505071c09c875140d751058736480
14de3c5867f86ca3b3947be519924444d8854548
2e04fd03380f37826cd7910fd6572db153539af8df6af646a953d84879ecc3f0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /serviziooclienti/YouWeb_files/font/montserrat-light-webfont.woff2 HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-main.css
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:19 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:12:48 GMT
Accept-Ranges: bytes
Content-Length: 18008
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: font/woff2

hkuhman.cf/serviziooclienti/YouWeb_files/img/help@2x.png

162.240.221.204

200 OK

1.3 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/img/help@2x.png
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1320 bytes)
Hash
0ecf3efa996ec271845055fcdbe1659c
662e3af4241ab99853ace510684d00215a8ee5ca
5cb7b602b1c5b5389733b81d6fb771cc0bc8da318f0f1cf6d689781c394f05a2

HTTP Headers

GET /serviziooclienti/YouWeb_files/img/help@2x.png HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-main.css
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:19 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:12:18 GMT
Accept-Ranges: bytes
Content-Length: 1320
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

hkuhman.cf/HT/fe/img/ico_freccia.png

162.240.221.204

404 Not Found

315 B

URL HTTP/1.1
hkuhman.cf/HT/fe/img/ico_freccia.png
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

GET /HT/fe/img/ico_freccia.png HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/

HTTP/1.1 404 Not Found
Date: Fri, 23 Sep 2022 10:05:19 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8878
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 10:05:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8878
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 10:05:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8878
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 10:05:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8878
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 10:05:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8878
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 10:05:19 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac33f06-9198-44a5-b43b-9cbcc092cf52.jpeg

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac33f06-9198-44a5-b43b-9cbcc092cf52.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9481 bytes)
Hash
1eab8da8cc1495a0221efadddd1a0bcc
4156c37b612d5fb99c6b061187a3cb0b314ae4a8
2fc5dbd9216f775cd305de80d17db2e6c74abcb1e30bfa7065c4d763a7345026

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac33f06-9198-44a5-b43b-9cbcc092cf52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9481
x-amzn-requestid: d527d22a-6822-4b90-b9cb-034f58f73c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0IGl7oAMFSKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4e7-13a676d9596cbd20663d2d8f;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V8vtLV7n0bPpR5xQtqcH6WK7uBV4ObaMdy_9qN_TtISqAozEwPe0hA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:12:22 GMT
age: 42777
etag: "4156c37b612d5fb99c6b061187a3cb0b314ae4a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10127 bytes)
Hash
b877ead4a15221fdd278ef27f281a7ec
48c10714503e8dfdd3e3c3d39b919ef2792f0d15
f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KKYAef15NoI3It5UfVcqhPx50Fr6IK7O2VFasuAILVN9PP8CH1_7Ng==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:58:25 GMT
age: 43614
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10279 bytes)
Hash
8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 2ff2c324-51c5-484d-b049-3eacbdc1024a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yyj8THHdoAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a804e-0f4da4ba2a84679b3fd297fc;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 03:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6uqNnpll2kgC_0_t5e9yp0AgFAvprQq_GF_jgwj2sX2TE9S1l023Aw==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 03:58:47 GMT
age: 21992
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8029 bytes)
Hash
02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5ur411n5hU7eWb68iExZCUrhpCybRyTBHCi72ra8dS2kd3UhW8sb1A==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:59:00 GMT
age: 43579
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea09a2e-db97-4846-b5c4-9bc0e69977bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13000 bytes)
Hash
634db5bfe2b27e608c3f3518b0c44ebb
06f5f63e681d711bd68626805c5dd2b902ebf9cf
935d3442ed37fe78df5fe40fac87ca00466a3e19ef3c72a80dae17ffbcacd45d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea09a2e-db97-4846-b5c4-9bc0e69977bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13000
x-amzn-requestid: 7b2f1a90-cedc-403b-bdb0-f763b5bef824
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2VOWGHXIAMFzXw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c025b-74a08e472ef8b1227c0447e3;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 06:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l_CJpV9GPUzzbt8msOu-qQdwK9-vP5S-nHsgRPpwbue0Mf6FiBrEQA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 19:36:01 GMT
etag: "06f5f63e681d711bd68626805c5dd2b902ebf9cf"
content-type: image/jpeg
age: 52158
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

hkuhman.cf/serviziooclienti/YouWeb_files/font/montserrat-medium-webfont.woff2

162.240.221.204

200 OK

19 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/font/montserrat-medium-webfont.woff2
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 18724, version 6.65\012- data
Size
19 kB (18724 bytes)
Hash
2fbe062b94bcb38d1481f3463ed28a9f
1aae192940695c95ef5a32f04898c22b690ae860
25c121f7614482fbd31ae2a13e5b70e1f627ee69219bee2804f5c17a418468c3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /serviziooclienti/YouWeb_files/font/montserrat-medium-webfont.woff2 HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-main.css
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:19 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:12:50 GMT
Accept-Ranges: bytes
Content-Length: 18724
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff2

hkuhman.cf/serviziooclienti/YouWeb_files/img/logo_youweb.png

162.240.221.204

200 OK

21 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/img/logo_youweb.png
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 71 x 44, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (20570 bytes)
Hash
b36e9d9565b5da6edf02cb0e7e23ba34
213d0d70a48f3a9f0b0396fe47d34d8d985bb5ed
d644f56d0839826ee78df2b9c14378a9c15079a09e5d8096277c2e697360d988

HTTP Headers

GET /serviziooclienti/YouWeb_files/img/logo_youweb.png HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-sm-desktop-struttura.css
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:19 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:12:06 GMT
Accept-Ranges: bytes
Content-Length: 20570
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

hkuhman.cf/serviziooclienti/YouWeb_files/font/montserrat-semibold-webfont.woff2

162.240.221.204

200 OK

19 kB

URL HTTP/1.1
hkuhman.cf/serviziooclienti/YouWeb_files/font/montserrat-semibold-webfont.woff2
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 18568, version 6.65\012- data
Size
19 kB (18568 bytes)
Hash
6510d608e17108c4f1ed668206e9a9cf
2b4907b8d7c39869175689d456797f1afd3a5407
10939eb8b3023ed0487b925e7318ba570b75046d4e0586d3da9d9238ee19c1d2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /serviziooclienti/YouWeb_files/font/montserrat-semibold-webfont.woff2 HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/YouWeb_files/youWeb-main.css
Cookie: COOKIE_KEY=166392751799

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:19 GMT
Server: Apache
Last-Modified: Sat, 06 Mar 2021 00:12:52 GMT
Accept-Ranges: bytes
Content-Length: 18568
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5340 bytes)
Hash
3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: B-2H9aRpPMwmEe7JKYvMVUH46_1e2wB-AEQsVtAzzeoD7zXX1SJlzA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 09:30:27 GMT
age: 2092
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.usertrust.com/

172.64.155.188

200 OK

2.2 kB

URL HTTP/1.1
ocsp.usertrust.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.2 kB (2236 bytes)
Hash
2c4f80099702bca09e880eb8b215916a
3f02d51cb154d7c8e5b8bdd064d8a0e14214be46
45dc6d75badbef75d483e2d6048c6f5aa165b05f1b0c519725a38b9f58a9b3ea

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:19 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 10:12:16 GMT
Expires: Wed, 28 Sep 2022 10:12:15 GMT
Etag: "3f02d51cb154d7c8e5b8bdd064d8a0e14214be46"
Cache-Control: max-age=603858,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1540
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f27616ac800b41-OSL

ocsp.usertrust.com/

172.64.155.188

200 OK

2.2 kB

URL HTTP/1.1
ocsp.usertrust.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.2 kB (2236 bytes)
Hash
2c4f80099702bca09e880eb8b215916a
3f02d51cb154d7c8e5b8bdd064d8a0e14214be46
45dc6d75badbef75d483e2d6048c6f5aa165b05f1b0c519725a38b9f58a9b3ea

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:19 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 10:12:16 GMT
Expires: Wed, 28 Sep 2022 10:12:15 GMT
Etag: "3f02d51cb154d7c8e5b8bdd064d8a0e14214be46"
Cache-Control: max-age=603858,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1540
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f27616ac74b505-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
a4d1dd69ad27bffd3637e850bc5ab5f8
96078c40e0b89642cff8c514cabe315de9e5a70c
e172d3b909b8831de36254fefa78472c4d2bfb31c3e0fdb2e998ffea63df4d4e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 00:29:13 GMT
Expires: Fri, 30 Sep 2022 00:29:12 GMT
Etag: "96078c40e0b89642cff8c514cabe315de9e5a70c"
Cache-Control: max-age=569632,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f27616cdb2b52d-OSL

youweb.bancobpm.it/HT/IMAGES/favicon.ico

62.97.1.160

200 OK

716 B

URL HTTP/1.1
youweb.bancobpm.it/HT/IMAGES/favicon.ico
IP
62.97.1.160:0
ASN
#15529 Banco BPM S.P.A

File type
MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel\012- data
Size
716 B (716 bytes)
Hash
3276ed0db63674bb0c12fd43cacacd87
be9d38012b18f907ffd75f38b79b90cf58d7294d
d07e390044a01004e7cd91e26d89d14d88444075a7189a0a6a8f98e76c42c328

HTTP Headers

GET /HT/IMAGES/favicon.ico HTTP/1.1
Host: youweb.bancobpm.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkuhman.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:19 GMT
Server: Apache
Last-Modified: Thu, 27 Jul 2017 06:56:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
Content-Length: 716
Content-Type: image/vnd.microsoft.icon
Keep-Alive: timeout=120, max=5000
Connection: Keep-Alive

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
a4d1dd69ad27bffd3637e850bc5ab5f8
96078c40e0b89642cff8c514cabe315de9e5a70c
e172d3b909b8831de36254fefa78472c4d2bfb31c3e0fdb2e998ffea63df4d4e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 00:29:13 GMT
Expires: Fri, 30 Sep 2022 00:29:12 GMT
Etag: "96078c40e0b89642cff8c514cabe315de9e5a70c"
Cache-Control: max-age=569631,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f27616bdadb527-OSL

youweb.bancobpm.it/HT/IMAGES/favicon/touch-icon-192.png

62.97.1.160

200 OK

13 kB

URL HTTP/1.1
youweb.bancobpm.it/HT/IMAGES/favicon/touch-icon-192.png
IP
62.97.1.160:0
ASN
#15529 Banco BPM S.P.A

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12550 bytes)
Hash
ac219fe7755601aa5cc454af0def15f2
d0c61ab255db5aff049aaea1f72e26b2ffd5836f
b6460eea40335689ce193045388cc6adbca1ba5c42af16ddcd8b2bd98ee0f33d

HTTP Headers

GET /HT/IMAGES/favicon/touch-icon-192.png HTTP/1.1
Host: youweb.bancobpm.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkuhman.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:20 GMT
Server: Apache
Last-Modified: Thu, 27 Jul 2017 06:56:20 GMT
Accept-Ranges: bytes
Content-Length: 12550
Cache-Control: max-age=86400
Expires: Sat, 24 Sep 2022 10:05:20 GMT
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
Content-Type: image/png
Keep-Alive: timeout=120, max=5000
Connection: Keep-Alive

hkuhman.cf/serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F

162.240.221.204

200 OK

117 B

URL HTTP/1.1
hkuhman.cf/serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
117 B (117 bytes)
Hash
838e617fb078aac0059987b0b27b05c5
5b7780005f344cda74c876fb39f92ec322829106
b2a8ee3813d76bcd868fcbbc5a6b85c0bf49c623cf64b99923c71293ddcaa8dd

HTTP Headers

GET /serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F
Cookie: COOKIE_KEY=166392751799
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:20 GMT
Server: Apache
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

hkuhman.cf/serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F

162.240.221.204

200 OK

117 B

URL HTTP/1.1
hkuhman.cf/serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
117 B (117 bytes)
Hash
838e617fb078aac0059987b0b27b05c5
5b7780005f344cda74c876fb39f92ec322829106
b2a8ee3813d76bcd868fcbbc5a6b85c0bf49c623cf64b99923c71293ddcaa8dd

HTTP Headers

GET /serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F
Cookie: COOKIE_KEY=166392751799
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:21 GMT
Server: Apache
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

hkuhman.cf/serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F

162.240.221.204

200 OK

117 B

URL HTTP/1.1
hkuhman.cf/serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
117 B (117 bytes)
Hash
838e617fb078aac0059987b0b27b05c5
5b7780005f344cda74c876fb39f92ec322829106
b2a8ee3813d76bcd868fcbbc5a6b85c0bf49c623cf64b99923c71293ddcaa8dd

HTTP Headers

GET /serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F
Cookie: COOKIE_KEY=166392751799
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:22 GMT
Server: Apache
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

hkuhman.cf/serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F

162.240.221.204

200 OK

117 B

URL HTTP/1.1
hkuhman.cf/serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
117 B (117 bytes)
Hash
838e617fb078aac0059987b0b27b05c5
5b7780005f344cda74c876fb39f92ec322829106
b2a8ee3813d76bcd868fcbbc5a6b85c0bf49c623cf64b99923c71293ddcaa8dd

HTTP Headers

GET /serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F
Cookie: COOKIE_KEY=166392751799
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:23 GMT
Server: Apache
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

hkuhman.cf/serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F

162.240.221.204

200 OK

117 B

URL HTTP/1.1
hkuhman.cf/serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F
IP
162.240.221.204:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
117 B (117 bytes)
Hash
838e617fb078aac0059987b0b27b05c5
5b7780005f344cda74c876fb39f92ec322829106
b2a8ee3813d76bcd868fcbbc5a6b85c0bf49c623cf64b99923c71293ddcaa8dd

HTTP Headers

GET /serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F HTTP/1.1
Host: hkuhman.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hkuhman.cf/serviziooclienti/pannello2/live.php?id=163465320463&pagina=http%3A%2F%2F127.0.0.1%2Fpagine%2Fbpm%2Fbpm%2F
Cookie: COOKIE_KEY=166392751799
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:05:24 GMT
Server: Apache
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (62)

URL HTTP/1.1

IP

ASN

File type

Size