Report - fiumicinobus.com/

Report Overview

Submitted URL
fiumicinobus.com/
IP
185.136.89.218
ASN
#12338 Euskaltel S.A.
Submitted
2022-12-01 07:36:38
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
38

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
fiumicinobus.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	42 kB	864 kB	185.136.89.218
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.6 kB	142.250.74.131
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	424 B	3.1 kB	151.101.129.229
vars.hotjar.com	1014	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	506 B	1.7 kB	143.204.55.118
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	793 B	9.0 kB	104.17.25.14
stats.busbeauvaisparis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	721 kB	185.136.89.218
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	40 kB	34.120.237.76
www.fiumicinobus.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	1.4 kB	185.136.89.218
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	2.0 kB	151.101.66.133
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	993 B	138 kB	216.58.207.227
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	21 kB	142.250.74.110
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	770 B	115 kB	142.250.74.40
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.162.52.254
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	836 B	5.1 kB	142.250.74.74
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	72 kB	143.204.55.54

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-01	medium	fiumicinobus.com/	Phishing
2022-12-01	medium	fiumicinobus.com/js/components-Pages-Home.7b625053cd640e81b29b.js	Phishing
2022-12-01	medium	fiumicinobus.com/js/components-DIalogs-CovidDialog.629c559d43171b3cec90.js	Phishing
2022-12-01	medium	fiumicinobus.com/js/components-Divs-Card.427a4fc01b3c083137ca.js	Phishing
2022-12-01	medium	fiumicinobus.com/js/vendors~components-Util-Flag~components-Widgets-LanguagePicker.68a8f69e7b8ca791048c.js	Phishing
2022-12-01	medium	www.fiumicinobus.com/img/es.svg	Phishing
2022-12-01	medium	www.fiumicinobus.com/img/gb.svg	Phishing
2022-12-01	medium	fiumicinobus.com/	Phishing
2022-12-01	medium	www.fiumicinobus.com/img/it.svg	Phishing
2022-12-01	medium	fiumicinobus.com/images/vendor/flag-icon-css/flags/4x3/es.svg?50623e6a761b392b5381ce35e8a77f99	Phishing
2022-12-01	medium	fiumicinobus.com/img/gb.svg	Phishing
2022-12-01	medium	fiumicinobus.com/img/it.svg	Phishing
2022-12-01	medium	fiumicinobus.com/img/fr.svg	Phishing
2022-12-01	medium	fiumicinobus.com/img/pl.svg	Phishing
2022-12-01	medium	fiumicinobus.com/img/pt.svg	Phishing
2022-12-01	medium	fiumicinobus.com/img/es.svg	Phishing
2022-12-01	medium	fiumicinobus.com/js/app.js	Phishing
2022-12-01	medium	fiumicinobus.com/js/components-Widgets-LanguagePicker.fa805e5dc1695e4eafc9.js	Phishing
2022-12-01	medium	fiumicinobus.com/js/components-BusJourneySelector.9cf88cfa67f6b3f4e416.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	fiumicinobus.com/js/vendors~components-Util-Flag~components-Widgets-LanguagePicker.68a8f69e7b8ca791048c.js	93 kB	2023-03-07	2023-12-07
Pretty URL fiumicinobus.com/js/vendors~components-Util-Flag~components-Widgets-LanguagePicker.68a8f69e7b8ca791048c.js IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:50 Last Seen2023-12-07 02:05:49 Times Seen5 Hash c7ab1e6c9ec683deb3840ef2f28f8914 74d672c4e7be8781052326b6a9ad1b40a4ec83b2 101e1d598bbf91a40d50cf3383b711ecda626f99b29fdf1daa6ec059f3007faf Loading...

	fiumicinobus.com/js/components-Divs-Card.427a4fc01b3c083137ca.js	1.9 kB	2023-03-07	2023-12-07
Pretty URL fiumicinobus.com/js/components-Divs-Card.427a4fc01b3c083137ca.js IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:50 Last Seen2023-12-07 02:05:48 Times Seen3 Hash ea43c773ee7922fd3da57e690a4998e3 91319db81ca37aca63ec18e67fcc011ad05fb910 2c785c879f58f73e33f6074e0347498bceda7b37a8c4a403fee16581d80a8861 Loading...

	cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?tracking=1&thirdparty=1&always=1	7.3 kB	2023-03-08	2023-03-12
Pretty URL cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?tracking=1&thirdparty=1&always=1 IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:52 Last Seen2023-03-12 09:43:53 Times Seen1 Hash f1ec2db37e85d68b0dcb5d99548839da b123b4578bacf4869ee10c2b77629628a6b67fc9 4f20141879a5447bbfb6d7ec992df28f25a6c097a916ae323f743dd2ec13be1a Loading...

	www.googletagmanager.com/gtag/js?id=UA-101106124-2	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-101106124-2 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:25:41 Last Seen2023-03-11 23:25:41 Times Seen1 Hash 82260df8f54078d1e25bac74d70d3337 620d6edef03dcd955d2288fb2a9adb6c75238fe0 223369e81f0c0872f5ba153d025ee6063a6bd5f6387e7322af0e15127e571edd Loading...

	fiumicinobus.com/	508 B	2023-03-07	2024-02-05
Pretty URL fiumicinobus.com/ IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:05 Last Seen2024-02-05 02:51:25 Times Seen64 Hash f58f8ead870e1a303d3a3ae2c2adb570 601822321d2fbd90cb5ec226314b304f4a7c277c 2c7107cf42744be76aa5600891f379acf807c904699475f5f22009153df70d83 Loading...

	fiumicinobus.com/js/app.js	681 kB	2023-03-07	2023-12-07
Pretty URL fiumicinobus.com/js/app.js IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:50 Last Seen2023-12-07 02:05:48 Times Seen4 Hash 0421c0e8b9ff4ec4157fb1472f3acbc9 a0393310c413262f15e20b09916174c5b2245a88 4f34c29683effc96425620dbdf086567bba112d8caf06c6f69f5b379bcf6efd7 Loading...

	fiumicinobus.com/js/components-Pages-Home.7b625053cd640e81b29b.js	23 kB	2023-03-07	2023-12-07
Pretty URL fiumicinobus.com/js/components-Pages-Home.7b625053cd640e81b29b.js IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:50 Last Seen2023-12-07 02:05:48 Times Seen4 Hash 40fc1f362dbf62b11077d7b6d3950d5c 06620f03e8914d77a57f639ca34a501313a8dd58 7e4fd290b72302e21eea1024b99b79115d8a222defa6696a63c34554d9476d0d Loading...

	fiumicinobus.com/js/components-DIalogs-CovidDialog.629c559d43171b3cec90.js	2.0 kB	2023-03-07	2023-12-07
Pretty URL fiumicinobus.com/js/components-DIalogs-CovidDialog.629c559d43171b3cec90.js IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:50 Last Seen2023-12-07 02:05:48 Times Seen3 Hash 1af310a6a0f1c3ab3eb6f4bb1778a6f3 72b321768bff3d8120aa88657486074e16695102 605a8c874f09460718e30c7c0efbf1bfd2352fd232087a8908104ab0965d0957 Loading...

	static.hotjar.com/c/hotjar-1721441.js?sv=6	6.7 kB	2023-03-11	2023-03-11
Pretty URL static.hotjar.com/c/hotjar-1721441.js?sv=6 IP 143.204.55.54 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:25:41 Last Seen2023-03-11 23:25:41 Times Seen1 Hash b7428e08a51bb9ef0723a5ceda634049 85e2bdb983ef99fb1b4c9993369be31888f62a25 f69b7ba1c55d509e3fabaabec125bff9da6bfbfe0a7ae4d7e2bdbddd71db359f Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 05:50:27 Times Seen1534 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.js	15 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:05 Last Seen2024-04-26 06:58:40 Times Seen494 Hash c27796136c1e46aa9b34e4176ed84faa 7f239033b0794ff1f13bbe80a91f4a5d89e200cb dfdf43351c9f229588cb5655d0a984208b88439b011dd2eef4c06d547acdb6df Loading...

	www.googletagmanager.com/gtag/js?id=AW-879903643	193 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=AW-879903643 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:25:41 Last Seen2023-03-11 23:25:41 Times Seen1 Hash d6f7ac981d79c33f59b5e7fa8982ea91 447285e0ff976d88c152717f950a4886617963f0 fbdb5e86137af328890ecb3c04ee8e234c3f7b327497f0f88baa3567c1c37a32 Loading...

	fiumicinobus.com/	170 kB	2023-03-07	2023-12-07
Pretty URL fiumicinobus.com/ IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:50 Last Seen2023-12-07 02:05:48 Times Seen3 Hash 8d1f8cc9e17ed51a0a3bb3e8b1af77a9 2a73ef3fa84c83746ab22b7f6e68b3cd4eabe084 428723395262591cc6b65bc9ff1e27e93c42c05042eb9ca357a76a0d789e135c Loading...

	fiumicinobus.com/	23 B	2023-03-07	2024-04-23
Pretty URL fiumicinobus.com/ IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:37:53 Last Seen2024-04-23 11:48:04 Times Seen196 Hash ff3dd897e61e0f42ae57c565f7d86034 be0d83af8b36cda1c21be1b94b39c75cb14cb428 3e0830fd22515bfd90b1394553b6fb0368f9b541b5b917a4c4deb4f0a91a872d Loading...

	vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html	2.3 kB	2023-03-08	2023-03-26
Pretty URL vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html IP 143.204.55.118 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:11 Last Seen2023-03-26 01:38:12 Times Seen2 Hash 2ab04d2242413cc15369fa816e1a02f8 8ff148dd539f0fff0892dcc2075839c315cb8642 fe51660a3d21efbefab64694f51d02f2bcee4e82c324895e93c78ba6179508a3 Loading...

	fiumicinobus.com/	23 B	2023-03-07	2024-02-05
Pretty URL fiumicinobus.com/ IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:04 Last Seen2024-02-05 02:51:25 Times Seen70 Hash adf403a4228a8407a94b6ac8c0b57b04 feabe0997a64d7e4938da4a07fbb2bfe82f5ca91 34d24afc8783f61e232e360be2ecda77142049d7f41ecd46ee6701fc261c3606 Loading...

	fiumicinobus.com/js/components-BusJourneySelector.9cf88cfa67f6b3f4e416.js	16 kB	2023-03-07	2023-12-07
Pretty URL fiumicinobus.com/js/components-BusJourneySelector.9cf88cfa67f6b3f4e416.js IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:50 Last Seen2023-12-07 02:05:48 Times Seen3 Hash 8aaed400d613b3ec9d97d203b54b8a41 1886dae59cc55e646322f5b363934384e60f293a 01638c0c04aff15e0e070f76c3f00c890fec08f05b587e0421b8b51ced0a5c8f Loading...

	fiumicinobus.com/	209 B	2023-03-07	2024-01-07
Pretty URL fiumicinobus.com/ IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:13 Last Seen2024-01-07 01:37:53 Times Seen10 Hash e0913882578c06552a476e6f3fc40f09 688ab7f7790cbfe4e53961873c1884af33217961 1a7ff9d877694dd45a8bdf5080c7b3eb70ed61d37c696254a8e4663b67a2840a Loading...

	fiumicinobus.com/	524 B	2023-03-07	2023-12-07
Pretty URL fiumicinobus.com/ IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:50 Last Seen2023-12-07 02:05:48 Times Seen3 Hash 13f3b1fbc8acc88e85a235fc3b9514db 419060a65583a11c2b027761f321c6df554b12bd a621811b24cf51daae5b65c4fbc31250a004bfed3a9f95fa344c34db7b72a44e Loading...

	stats.busbeauvaisparis.com/matomo/matomo.js	66 kB	2023-03-08	2024-04-25
Pretty URL stats.busbeauvaisparis.com/matomo/matomo.js IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:51:14 Last Seen2024-04-25 15:56:25 Times Seen8073 Hash a3a7245d6daf7d31d2069c0ba05879dd ec1bf464889e71aec1ced6d8361a26c76e4a1460 d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693 Loading...

	fiumicinobus.com/js/components-Widgets-LanguagePicker.fa805e5dc1695e4eafc9.js	3.2 kB	2023-03-07	2023-12-07
Pretty URL fiumicinobus.com/js/components-Widgets-LanguagePicker.fa805e5dc1695e4eafc9.js IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:50 Last Seen2023-12-07 02:05:48 Times Seen4 Hash d1f7f784da0eb2755271934cb0c26bb6 c0ac937bc67438c22995394de43a56c0938fbaad e7a184f4c8f12049cefe02ac46b231dbd11c3144bbcd6407a5ab2fa999578dbe Loading...

HTTP Transactions (85)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4064
Expires: Thu, 01 Dec 2022 08:44:11 GMT
Date: Thu, 01 Dec 2022 07:36:27 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5727
Cache-Control: max-age=102619
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 07:36:27 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 12:06:46 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 07:18:07 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1100
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2544
Expires: Thu, 01 Dec 2022 08:18:51 GMT
Date: Thu, 01 Dec 2022 07:36:27 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Un1fW43r/M204P7aXn6pc5iKPohAehMWypp0hrHdSvUTS9fKJCvNO6DDXDh8Rzvb8APPiZ39ThI=
x-amz-request-id: XBCDG8VXQ9XF9BCS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 06:45:33 GMT
age: 3054
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

fiumicinobus.com/

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/1.1
fiumicinobus.com/
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 01 Dec 2022 07:36:27 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://fiumicinobus.com/

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 07:08:56 GMT
cache-control: public,max-age=3600
age: 1652
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
429cbff6ae686ed0f4ccd77108a95108
452df7996ec1a71c15b38b97651d3918182931aa
43d0320194f733b6db16e80a9f8c685cfd6f4966cb95be69d8dd2ec145b93125

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43D0320194F733B6DB16E80A9F8C685CFD6F4966CB95BE69D8DD2EC145B93125"
Last-Modified: Thu, 01 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 01 Dec 2022 13:36:28 GMT
Date: Thu, 01 Dec 2022 07:36:28 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5717
Cache-Control: max-age=97540
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 07:36:28 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:42:08 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.css

104.17.25.14

200 OK

3.8 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
3.8 kB (3792 bytes)
Hash
c7022a9318bb098c948cb1dd13c23207
ddaa1d7a00991fb28fbef5b7abc5071a3aec6360
432ee441344f4679abbe5741b0ba0d662089f1ad539347506e6d8af5b32f9b49

HTTP Headers

GET /ajax/libs/animate.css/3.7.2/animate.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 07:36:28 GMT
content-type: text/css; charset=utf-8
content-length: 3792
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d2a-13053"
last-modified: Mon, 04 May 2020 16:04:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4883191
expires: Tue, 21 Nov 2023 07:36:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfh1Yk%2FBLYXFbjMH9IpgcxwAM%2Fde68O1COitz9gafF0QKsvk4U4xAoiM6HJY3rZfblYA8NpRJuvgHLZHZFJIXMzXyuHrZf4BzNPTGHW2jY1zkj3%2BGg9eTOq4mzEeu9WZDPwXo8Zz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 772a26e9fe8c0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.js

104.17.25.14

200 OK

3.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
3.0 kB (2998 bytes)
Hash
e30f0c9c62a48fa192266bf8c5cb1eae
2bec3bc63d8c333bab464d1c110a24cebb58f9d4
218e8dbd3a5d9ba3eacdc9678e633601a97d6222bc494f3d8da6603eec3e9be2

HTTP Headers

GET /ajax/libs/wow/1.1.2/wow.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 07:36:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 2998
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04033-3b8a"
last-modified: Mon, 04 May 2020 16:17:55 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15323834
expires: Tue, 21 Nov 2023 07:36:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XsDf49F8dVeZuVx8tC%2BxZXhX%2F1cTsmEMpoVP%2FJWlxrHdQnYyACU3tzCs4t6fdyv9Zm%2BMBmgmXBIcHKYQ5Fs8NKjmwg9RW2n46BDVtfsHlju1h7iCpvL2VurTzD1Yvf6QxyJeUYJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 772a26ea0e9f0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 07:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 07:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 07:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 07:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 07:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?tracking=1&thirdparty=1&always=1

151.101.129.229

200 OK

2.3 kB

URL HTTP/2
cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?tracking=1&thirdparty=1&always=1
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (7273), with no line terminators
Size
2.3 kB (2344 bytes)
Hash
ee29d69be664aabdf4477445160714df
b8d812e44035ddebf86f1404288f833b5c2575b7
ee337ac04ce1ccc14cbb5c78dfc18d850a687c8439efe05b5e3d323ff4a3ee93

HTTP Headers

GET /npm/cookie-bar/cookiebar-latest.min.js?tracking=1&thirdparty=1&always=1 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.10.1
x-jsd-version-type: version
etag: W/"1c69-sSO0V4us9Iae4Qwrd2KWKKa2f8k"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 01 Dec 2022 07:36:28 GMT
age: 7729
x-served-by: cache-fra-eddf8230077-FRA, cache-bma1652-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2344
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-101106124-2

142.250.74.40

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-101106124-2
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43581 bytes)
Hash
0c6006f581a9349d761e5ccde4feb1cb
38f4d7f6916ec5eaaf81a9fa07fd8d341bdd6a40
11067eeec00d2179a9cc6e9a79cd834f1645243acfbac57002041b2b6dc07dd2

HTTP Headers

GET /gtag/js?id=UA-101106124-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 07:36:28 GMT
expires: Thu, 01 Dec 2022 07:36:28 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43581
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=AW-879903643

142.250.74.40

200 OK

70 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-879903643
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (5103)
Size
70 kB (69802 bytes)
Hash
b84346efc3512e1bc30fa03d19613f1c
b69f5af7fc9f6a7f7abab328807651ab67db088d
129d511ca99c1e41e697a9607b59c542c088f5905307323a36501b80926a76f2

HTTP Headers

GET /gtag/js?id=AW-879903643 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 07:36:28 GMT
expires: Thu, 01 Dec 2022 07:36:28 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69802
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

151.101.66.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
151.101.66.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1462 bytes)
Hash
e77752634496a268274bb1ec9e8949e1
8d641dd773080f7a0fab44ef82dc1e990472d312
23898b46800729e86236f73eb0ede6c76a7485aaf4d4372e362dec7dbf709182

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "DF1BA7089F6F434E61CECF0FE00F9FAF48A30C43"
Expires: Thu, 01 Dec 2022 19:00:00 UTC
Last-Modified: Thu, 01 Dec 2022 07:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Thu, 01 Dec 2022 07:36:28 GMT
Via: 1.1 varnish
Age: 363
X-Served-By: cache-bma1665-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1669880189.601826,VS0,VE1

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 07:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 07:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

35.162.52.254

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.52.254:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6SjBz7lU0zEBi9Sjda9dhA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lhxSjfRHhiYuQhcnw7UBLEh5V3c=

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 07:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fiumicinobus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 43658
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fiumicinobus.com/css/style.css

185.136.89.218

200 OK

13 kB

URL HTTP/2
fiumicinobus.com/css/style.css
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
Unicode text, UTF-8 text, with very long lines (436)
Size
13 kB (13193 bytes)
Hash
b2418aef3749ded5e89101c1b1ae9bfb
390993766dab5d65b7e1c00207040a95c86ce083
0bb7ebd498878b40dca43bd1ebe757687577499762fddd554f71ba89bfe54ec5

HTTP Headers

GET /css/style.css HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/css/base.css
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:28 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-11ec6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/img/pattern.png

185.136.89.218

200 OK

12 kB

URL HTTP/2
fiumicinobus.com/img/pattern.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 504 x 504, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12299 bytes)
Hash
f54ed8c132d452fb89669f60ed4af74c
ffa027713ea0e097e9fbf3375ad6cfa2d2f8166a
468242be56e47c2301117a65432b8e4df8f1e8fcda1db3fb9b98ad3ff56c479b

HTTP Headers

GET /img/pattern.png HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:28 GMT
content-type: image/png
content-length: 12299
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-300b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/img/logo_sticky_2x.png

185.136.89.218

200 OK

66 kB

URL HTTP/2
fiumicinobus.com/img/logo_sticky_2x.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 2008 x 567, 8-bit/color RGBA, non-interlaced\012- data
Size
66 kB (66448 bytes)
Hash
5fd10725d1d896cfaf8784640c18ed93
e4a2d52104fb5de2cf871858bca95fdc80cf3292
3dd131c71c0010f72515176ae2d3fbad265d0f7a55e3906395d781fbb51327fe

HTTP Headers

GET /img/logo_sticky_2x.png HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:28 GMT
content-type: image/png
content-length: 66448
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-10390"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/img/logo.png

185.136.89.218

200 OK

66 kB

URL HTTP/2
fiumicinobus.com/img/logo.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 2008 x 567, 8-bit/color RGBA, non-interlaced\012- data
Size
66 kB (66448 bytes)
Hash
5fd10725d1d896cfaf8784640c18ed93
e4a2d52104fb5de2cf871858bca95fdc80cf3292
3dd131c71c0010f72515176ae2d3fbad265d0f7a55e3906395d781fbb51327fe

HTTP Headers

GET /img/logo.png HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:28 GMT
content-type: image/png
content-length: 66448
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-10390"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68f78d69e2c58fa27f640c4d5f3c6274
6a96a764bacfd99ad5271d35151d106fa043109d
0259c6dfbe5240e59ae558bdd764fd00f96f4936898fb5bc00cb90f1de0debbb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0259C6DFBE5240E59AE558BDD764FD00F96F4936898FB5BC00CB90F1DE0DEBBB"
Last-Modified: Mon, 28 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21273
Expires: Thu, 01 Dec 2022 13:31:02 GMT
Date: Thu, 01 Dec 2022 07:36:29 GMT
Connection: keep-alive

fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

216.58.207.227

200 OK

128 kB

URL HTTP/2
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fiumicinobus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 20:33:17 GMT
expires: Fri, 24 Nov 2023 20:33:17 GMT
cache-control: public, max-age=31536000
age: 558192
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fiumicinobus.com/img/visa.png

185.136.89.218

200 OK

4.4 kB

URL HTTP/2
fiumicinobus.com/img/visa.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 226 x 71, 8-bit/color RGBA, non-interlaced\012- data
Size
4.4 kB (4399 bytes)
Hash
4dc043ece80aef7b007da59aac56460d
0f736cef4bc4e6d3b29a184cee9a8d6f27d4c895
a728125dc850891e7fbb75cbac19d6764eebe7743e78ff9a02b69ca9576a1796

HTTP Headers

GET /img/visa.png HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:28 GMT
content-type: image/png
content-length: 4399
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-112f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Poppins&display=swap

142.250.74.74

200 OK

2.6 kB

URL HTTP/2
fonts.googleapis.com/css?family=Poppins&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
2.6 kB (2649 bytes)
Hash
96071b91a44d8efd947655e15633f1d0
9fb65a31fcd6419a54062d3cb34f7a9cfbdf3e5f
2561ec9c8a76c0c353a0d98429c27ddfd901add9c6d1a0d54aa96cb7d9ae71c9

HTTP Headers

GET /css?family=Poppins&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 07:36:28 GMT
date: Thu, 01 Dec 2022 07:36:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fiumicinobus.com/js/components-Pages-Home.7b625053cd640e81b29b.js

185.136.89.218

200 OK

27 kB

URL HTTP/2
fiumicinobus.com/js/components-Pages-Home.7b625053cd640e81b29b.js
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
Unicode text, UTF-8 text, with very long lines (22812)
Size
27 kB (27241 bytes)
Hash
7e0ff81c7978008ecbea6dda73bd139b
eae6478322aa7d0a69c131dd9541d22c271b8a00
0842a7573c7a492190847bb0043197e372799f9a47140955d151e097c55b4288

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/components-Pages-Home.7b625053cd640e81b29b.js HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:28 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-5973"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/img/logo_sticky.png

185.136.89.218

200 OK

66 kB

URL HTTP/2
fiumicinobus.com/img/logo_sticky.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 2008 x 567, 8-bit/color RGBA, non-interlaced\012- data
Size
66 kB (66448 bytes)
Hash
5fd10725d1d896cfaf8784640c18ed93
e4a2d52104fb5de2cf871858bca95fdc80cf3292
3dd131c71c0010f72515176ae2d3fbad265d0f7a55e3906395d781fbb51327fe

HTTP Headers

GET /img/logo_sticky.png HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:28 GMT
content-type: image/png
content-length: 66448
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-10390"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/img/moldova.jpg

185.136.89.218

200 OK

14 kB

URL HTTP/2
fiumicinobus.com/img/moldova.jpg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 340x389, components 3\012- data
Size
14 kB (13978 bytes)
Hash
7fb0c831db68ae3918e6c7d49ebfe43e
cae18e521af50ebfdec17ac04e33ea3b6e606e68
ddc98bd400bb00fce61348f5dc522e5f3b20c0e1610400d345fe1ac345e6922b

HTTP Headers

GET /img/moldova.jpg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: image/jpeg
content-length: 13978
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-369a"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/img/volotea.jpg

185.136.89.218

200 OK

10 kB

URL HTTP/2
fiumicinobus.com/img/volotea.jpg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 340x389, components 3\012- data
Size
10 kB (10483 bytes)
Hash
c212d15bf772c4c25d413dee90a3093e
55daf7e92e79c34e15734b64dbf0e852995b7ee3
ff9f2038e9f1161d4119907c7e6b94fdbbe9b17d5017defd23fd11c083a84d31

HTTP Headers

GET /img/volotea.jpg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: image/jpeg
content-length: 10483
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-28f3"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/img/wizz.jpg

185.136.89.218

200 OK

17 kB

URL HTTP/2
fiumicinobus.com/img/wizz.jpg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 340x389, components 3\012- data
Size
17 kB (16700 bytes)
Hash
647470c8c3a7bd1821c5b5b7a63de688
3a1ff2d2ca31ca83f355d050c4c30f1eea98dcfa
2904400676c65f7da9894e0b9155ac0b4c94d387fcb5e603e8a26bb72d1846ee

HTTP Headers

GET /img/wizz.jpg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: image/jpeg
content-length: 16700
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-413c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/img/ryanair.jpg

185.136.89.218

200 OK

14 kB

URL HTTP/2
fiumicinobus.com/img/ryanair.jpg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 340x389, components 3\012- data
Size
14 kB (14385 bytes)
Hash
a6822e276e86fab61c3fee23c0cf7b48
594a1621bb23f51569ab3e25d16b210a15396044
c9ee6982de7160e1b1cec7b43e0dd5b4d161609838d35abe0a3674c02435f2fe

HTTP Headers

GET /img/ryanair.jpg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: image/jpeg
content-length: 14385
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-3831"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/img/blue-air.jpg

185.136.89.218

200 OK

11 kB

URL HTTP/2
fiumicinobus.com/img/blue-air.jpg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 340x389, components 3\012- data
Size
11 kB (10669 bytes)
Hash
0e56f0d4b72db0184956c1ccb4b8021f
3d33ccaa38b0b060fa42061de3a5b24237988cf0
4a21461655895ee5d7acaad11ac9c18102984314cd3849cda36c64d5be0548f3

HTTP Headers

GET /img/blue-air.jpg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: image/jpeg
content-length: 10669
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-29ad"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

stats.busbeauvaisparis.com/matomo/matomo.php?action_name=Bus%20Fiumicino%20Roma.%20Comprar%20ticket%20Bus%20aeropuerto%20de%20Fiumicino&idsite=4&rec=1&r=058253&h=7&m=36&s=28&url=https%3A%2F%2Ffiumicinobus.com%2F&_id=aae3f0a7c200a3a9&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=ZIo3lT&pf_net=425&pf_srv=252&pf_tfr=1&pf_dm1=1007&uadata=%7B%7D

185.136.89.218

204 No Content

0 B

URL HTTP/2
stats.busbeauvaisparis.com/matomo/matomo.php?action_name=Bus%20Fiumicino%20Roma.%20Comprar%20ticket%20Bus%20aeropuerto%20de%20Fiumicino&idsite=4&rec=1&r=058253&h=7&m=36&s=28&url=https%3A%2F%2Ffiumicinobus.com%2F&_id=aae3f0a7c200a3a9&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=ZIo3lT&pf_net=425&pf_srv=252&pf_tfr=1&pf_dm1=1007&uadata=%7B%7D
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /matomo/matomo.php?action_name=Bus%20Fiumicino%20Roma.%20Comprar%20ticket%20Bus%20aeropuerto%20de%20Fiumicino&idsite=4&rec=1&r=058253&h=7&m=36&s=28&url=https%3A%2F%2Ffiumicinobus.com%2F&_id=aae3f0a7c200a3a9&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=ZIo3lT&pf_net=425&pf_srv=252&pf_tfr=1&pf_dm1=1007&uadata=%7B%7D HTTP/1.1
Host: stats.busbeauvaisparis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://fiumicinobus.com
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
access-control-allow-origin: https://fiumicinobus.com
access-control-allow-credentials: true
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8339
Expires: Thu, 01 Dec 2022 09:55:28 GMT
Date: Thu, 01 Dec 2022 07:36:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8339
Expires: Thu, 01 Dec 2022 09:55:28 GMT
Date: Thu, 01 Dec 2022 07:36:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8339
Expires: Thu, 01 Dec 2022 09:55:28 GMT
Date: Thu, 01 Dec 2022 07:36:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8339
Expires: Thu, 01 Dec 2022 09:55:28 GMT
Date: Thu, 01 Dec 2022 07:36:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8339
Expires: Thu, 01 Dec 2022 09:55:28 GMT
Date: Thu, 01 Dec 2022 07:36:29 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9459 bytes)
Hash
e1e6b6ba4f82221b41c3d9129008c76d
2f9532d698b4c28df23e18bbb66399ec776d5b9f
218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: 9e243a73-18ff-4abf-9b9c-442719960125
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpppFXjoAMFehg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bca3-47620f39181264772d2fb52d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:13:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _v5hatZyEWVRB4Tebygbb-QfE02oaFxE8CRfQsUY7I_ektxE3YeIpw==
via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 17:08:01 GMT
age: 52108
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fiumicinobus.com/js/components-DIalogs-CovidDialog.629c559d43171b3cec90.js

185.136.89.218

200 OK

14 kB

URL HTTP/2
fiumicinobus.com/js/components-DIalogs-CovidDialog.629c559d43171b3cec90.js
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
ASCII text, with very long lines (1879)
Size
14 kB (13605 bytes)
Hash
3c0dd5e949053d19d2cad06abe00d7e0
3ac3d6a757fa56db18495e40ead71719f2b61265
0898a5f52c44aaea894f95c6339f07f7db772a73e51e6eba8662dc5645d7fefb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/components-DIalogs-CovidDialog.629c559d43171b3cec90.js HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-7a7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/js/components-Divs-Card.427a4fc01b3c083137ca.js

185.136.89.218

200 OK

9.7 kB

URL HTTP/2
fiumicinobus.com/js/components-Divs-Card.427a4fc01b3c083137ca.js
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
ASCII text, with very long lines (1805)
Size
9.7 kB (9670 bytes)
Hash
5389905783d2c4f7ea72b65b08e18284
86c4ba0e46557562aefa2df509dbc9c80851174e
b1a947ad10ddd2cffcc908597338a8a528f008b3502e9553b044e48414c370c8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/components-Divs-Card.427a4fc01b3c083137ca.js HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-753"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13411 bytes)
Hash
328ce221bcf3442f88d09373193ff594
63bfa2ea925aa2c188c664a7bf7af7b0e5417e60
21d5b5ec267430dba91b17f89a557aca5cd2a21535da18eb02ec69ed0e1b7371

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13411
x-amzn-requestid: 71f8798f-93e9-4649-8822-7ad3fadeec34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz6vH05oAMF_qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd11-1849aa08463e5c1f3d9b15b9;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QVGFEOePBybOeNxG6eWBffm8Ha_fmBnT8vMIGcI8zv9C7yiBeSncDw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:00 GMT
etag: "63bfa2ea925aa2c188c664a7bf7af7b0e5417e60"
content-type: image/jpeg
age: 35069
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f924fdd-ce65-4f00-8153-3caef7c54e22.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5295 bytes)
Hash
eb4b8985f697c1ff7753d3961fb4f67d
b412d62d44993500b947a38e8e242d0c6d6b7588
571c1543cd99b08e62438146f383bf48a9172ae377b4c17dbc6c8c58bdbb5803

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f924fdd-ce65-4f00-8153-3caef7c54e22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5295
x-amzn-requestid: e9c096df-2dba-408c-b45a-d114755fa883
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzM0HmuoAMF4Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbeb-5808a0756f4180a0613cdbcd;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUjE1-vViTaS5s23OSlhLlxC597y0etgzMYGUdlqdpHBTK_ww5DEYA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:17:18 GMT
age: 33551
etag: "b412d62d44993500b947a38e8e242d0c6d6b7588"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1fe6f5b-2658-4434-b276-36d841c8ceee.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8124 bytes)
Hash
42c762f71487f8e0285dd2129700f069
ec0fd74a981603e197df26c6fb79ef039f737557
8a40883d87b1e2c6e116e3cf881a8b39c987200a8556b651f78a376b3ddbaa26

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1fe6f5b-2658-4434-b276-36d841c8ceee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8124
x-amzn-requestid: e000c0d5-82d0-41a8-8def-b36970226969
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0UqEd1oAMFakQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdb7-27efd8c92b8f6e4f257cec3b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1GIxjB2nXfoxuqJHLtkXl4OJT_Po5DJA_w26E2K8WOmm_PZw1qU3IQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:19:35 GMT
etag: "ec0fd74a981603e197df26c6fb79ef039f737557"
content-type: image/jpeg
age: 33414
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fiumicinobus.com/img/home_bg_2.jpg

185.136.89.218

200 OK

65 kB

URL HTTP/2
fiumicinobus.com/img/home_bg_2.jpg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, manufacturer=Canon, model=Canon EOS 550D, xresolution=108, yresolution=116, resolutionunit=2], progressive, precision 8, 1912x610, components 3\012- data
Size
65 kB (64914 bytes)
Hash
435a0f6cdd6542c6128ca2166d0038c1
6fd409a25523a2ddca9ab7f027e2aa4651f6308a
afcb4f5c3739c398693a59aa47241c5b4b61813c20af9dc841a6372ed624a902

HTTP Headers

GET /img/home_bg_2.jpg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: image/jpeg
content-length: 64914
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-fd92"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/js/vendors~components-Util-Flag~components-Widgets-LanguagePicker.68a8f69e7b8ca791048c.js

185.136.89.218

200 OK

198 kB

URL HTTP/2
fiumicinobus.com/js/vendors~components-Util-Flag~components-Widgets-LanguagePicker.68a8f69e7b8ca791048c.js
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
198 kB (198452 bytes)
Hash
66736f4d0b7e848b3461593e5c0d463a
8aea0d326e2c518f0ee354dd069b77ec4e76809c
6237e6643840ab91e5e043afab44d9487f40ae228eef029e727289be85ab3537

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/vendors~components-Util-Flag~components-Widgets-LanguagePicker.68a8f69e7b8ca791048c.js HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:28 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-16a07"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.fiumicinobus.com/img/es.svg

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/2
www.fiumicinobus.com/img/es.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/es.svg HTTP/1.1
Host: www.fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: text/html
content-length: 162
location: https://fiumicinobus.com/img/es.svg
X-Firefox-Spdy: h2

www.fiumicinobus.com/img/gb.svg

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/2
www.fiumicinobus.com/img/gb.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/gb.svg HTTP/1.1
Host: www.fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: text/html
content-length: 162
location: https://fiumicinobus.com/img/gb.svg
X-Firefox-Spdy: h2

fiumicinobus.com/

185.136.89.218

200 OK

18 kB

URL HTTP/2
fiumicinobus.com/
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (50268)
Size
18 kB (17878 bytes)
Hash
bc1453d14f076a959da8def6aa85c86d
4539eb364f1ab71163d6a478d7e1ed9cf4be0a9c
0a30d2c3270d51a11a4a0fb4946b6130f9b3eb76d0ee3eb99e217c22d3415e56

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:27 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; expires=Thu, 01-Dec-2022 09:36:27 GMT; Max-Age=7200; path=/
fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; expires=Thu, 01-Dec-2022 09:36:27 GMT; Max-Age=7200; path=/; httponly
x-powered-by: PHP/7.3.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.fiumicinobus.com/img/it.svg

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/2
www.fiumicinobus.com/img/it.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/it.svg HTTP/1.1
Host: www.fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: text/html
content-length: 162
location: https://fiumicinobus.com/img/it.svg
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Gochi+Hand|Lato:300,400|Montserrat:400,400i,700,700i

142.250.74.74

200 OK

914 B

URL HTTP/2
fonts.googleapis.com/css?family=Gochi+Hand|Lato:300,400|Montserrat:400,400i,700,700i
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
914 B (914 bytes)
Hash
23e3de0a6f96230092d2375a29466941
cc0d8ddfc81f0936632e0bc3488ea3f3f67d21c4
ebbb14de1ef94a532850a449a4a1a97434b91ce385575cd143ae24c83039fac4

HTTP Headers

GET /css?family=Gochi+Hand|Lato:300,400|Montserrat:400,400i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 07:36:28 GMT
date: Thu, 01 Dec 2022 07:36:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fiumicinobus.com/css/base.css

185.136.89.218

200 OK

214 B

URL HTTP/2
fiumicinobus.com/css/base.css
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
ASCII text
Size
214 B (214 bytes)
Hash
1e70bc50bb1db3e25fc9996cfd33b734
7aa72ff447fa7fe55456a32bd8d581bd98009219
07e1bb476af90f55242c0266444ed7494e218183009f3fab949146c2341ba830

HTTP Headers

GET /css/base.css HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:28 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"6d-5e55507eca41b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.fiumicinobus.com/img/ro.png

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/2
www.fiumicinobus.com/img/ro.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /img/ro.png HTTP/1.1
Host: www.fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: text/html
content-length: 162
location: https://fiumicinobus.com/img/ro.png
X-Firefox-Spdy: h2

fiumicinobus.com/images/vendor/flag-icon-css/flags/4x3/es.svg?50623e6a761b392b5381ce35e8a77f99

185.136.89.218

200 OK

91 kB

URL HTTP/2
fiumicinobus.com/images/vendor/flag-icon-css/flags/4x3/es.svg?50623e6a761b392b5381ce35e8a77f99
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2714)
Size
91 kB (90819 bytes)
Hash
50623e6a761b392b5381ce35e8a77f99
ca76a86214554c7540cd3c98d8ceb2d2e22b6238
ab3d438837b7f1c4ebce6980cc9274cd2e6adcc8af9be6f5cfc47ef2c4c464e3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /images/vendor/flag-icon-css/flags/4x3/es.svg?50623e6a761b392b5381ce35e8a77f99 HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: image/svg+xml
content-length: 90819
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-162c3"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/img/plus.png

185.136.89.218

200 OK

92 B

URL HTTP/2
fiumicinobus.com/img/plus.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 8 x 8, 8-bit/color RGBA, non-interlaced\012- data
Size
92 B (92 bytes)
Hash
a0f055915bc97e33c668a31624ea56f7
531e0a16a7d2e017f892b6fb057feb2616bc18a4
b91acd4cbcc0d72d51e797aa2b26eee1510af26bcc0aceefc363552137ec6cd1

HTTP Headers

GET /img/plus.png HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: image/png
content-length: 92
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "5c-5e55507ee5d83"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

fiumicinobus.com/img/minus.png

185.136.89.218

200 OK

87 B

URL HTTP/2
fiumicinobus.com/img/minus.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 9 x 5, 8-bit/color RGBA, non-interlaced\012- data
Size
87 B (87 bytes)
Hash
2f9434c1015abb6e5e455d7a889c5dca
c2818954963dcdcf142d26174591eb90220a1696
b17b25a25184a8fd56784e859ff137b3842b2b175017a1252b1c8585cbe076b2

HTTP Headers

GET /img/minus.png HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: image/png
content-length: 87
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "57-5e55507ee55b3"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

fiumicinobus.com/img/gb.svg

185.136.89.218

200 OK

834 B

URL HTTP/2
fiumicinobus.com/img/gb.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
834 B (834 bytes)
Hash
b518e6a9d34783d12f1d71b014e7abb6
05e325c26f7527f3eeb957ee5f426318f44b5e67
ce93c8a6b974d63998e263f6d25f898fc20580a28464457f2f4463b687e4fe8d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/gb.svg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiumicinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: image/svg+xml
content-length: 834
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "342-5e55507ee0f63"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

fiumicinobus.com/img/it.svg

185.136.89.218

200 OK

295 B

URL HTTP/2
fiumicinobus.com/img/it.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
295 B (295 bytes)
Hash
529a7e6acbba61dafee3d7dfa6be0612
8f11f413db0778773570dded673c79c9225c31da
d2c168050fc509adac1163b097b0ed409217560735b27802ae9259587c146562

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/it.svg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiumicinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: image/svg+xml
content-length: 295
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "127-5e55507ee1733"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

fiumicinobus.com/img/fr.svg

185.136.89.218

200 OK

295 B

URL HTTP/2
fiumicinobus.com/img/fr.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
295 B (295 bytes)
Hash
9a5dcb2a490e33157ea7335c0a0e5aaa
dd1e77f728abca0e5dffd1dd225e700d205b45f7
30ed2f68dc9a17927643640f48f3d2a858bd041770547035349c6e79713cd84e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/fr.svg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiumicinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: image/svg+xml
content-length: 295
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "127-5e55507ee0f63"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

fiumicinobus.com/img/pl.svg

185.136.89.218

200 OK

225 B

URL HTTP/2
fiumicinobus.com/img/pl.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
225 B (225 bytes)
Hash
aa9329e76696c5835da30ce63de55721
80c26923e9b5914e3dd39719660c381ed89ef840
df8ec3d0ac33382e0b276fd1bfafb80b8914b4670f8e5676d9419f8bb5d89419

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/pl.svg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiumicinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: image/svg+xml
content-length: 225
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "e1-5e55507ee5d83"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

fiumicinobus.com/img/ro.png

185.136.89.218

200 OK

138 B

URL HTTP/2
fiumicinobus.com/img/ro.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 38 x 25, 8-bit/color RGB, non-interlaced\012- data
Size
138 B (138 bytes)
Hash
c43c3f93a9615869f6cc956dfe817779
cc5d45912b0935587b77e3360c89d1b0c910df2f
765ea57ad7fcf6aabd8da4b1b09a57b3f7faf818e4e8d92c0572703d1d78fb6b

HTTP Headers

GET /img/ro.png HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiumicinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: image/png
content-length: 138
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "8a-5e55507ee616b"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

fiumicinobus.com/img/pt.svg

185.136.89.218

200 OK

8.4 kB

URL HTTP/2
fiumicinobus.com/img/pt.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (606)
Size
8.4 kB (8393 bytes)
Hash
07f887f292303c33cff1f7edfff3bb70
7a75945aa92f7a3dd5aeb0cc01f3f8798d44e2d5
9aab20caed714ee47fc408f017037aea94a649b3ba4d87e2da37870ee31e4f92

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/pt.svg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiumicinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: image/svg+xml
content-length: 8393
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-20c9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/img/es.svg

185.136.89.218

200 OK

93 kB

URL HTTP/2
fiumicinobus.com/img/es.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2367)
Size
93 kB (92574 bytes)
Hash
f5311bf6aafc2459d2696b15aa933570
942a5a37d3455e70ca9b6b3710d3a32b6b137822
50e59681c6b6412498bd9cbfc473abedc713db75c54c538b839db3c394d64499

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/es.svg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiumicinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: image/svg+xml
content-length: 92574
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-1699e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

stats.busbeauvaisparis.com/matomo/matomo.js

185.136.89.218

200 OK

720 kB

URL HTTP/2
stats.busbeauvaisparis.com/matomo/matomo.js
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
ASCII text, with very long lines (1601)
Size
720 kB (720378 bytes)
Hash
daf49d888a51502d66714877c9557e30
d74a5b9efed6ae4b6f5637ac8bb2b3d1287f4bc1
0b48d5d0856ed78262d6b6749defd88cc9207665e80f31af3e6ceaf2d0ba389c

HTTP Headers

GET /matomo/matomo.js HTTP/1.1
Host: stats.busbeauvaisparis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:28 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 09:55:17 GMT
cache-control: max-age=2592000
expires: Sat, 31 Dec 2022 07:36:28 GMT
etag: W/"633ff785-10132"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 01 Dec 2022 06:41:08 GMT
expires: Thu, 01 Dec 2022 08:41:08 GMT
cache-control: public, max-age=7200
age: 3322
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-1721441.js?sv=6

143.204.55.54

200 OK

72 kB

URL HTTP/2
static.hotjar.com/c/hotjar-1721441.js?sv=6
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (5909)
Size
72 kB (71476 bytes)
Hash
cafcad22af6f1a83db507fbe8eef4b28
cd0f791c84de54455278376d441e9f521b1eafd3
a24a79ecb9f235ff254f938f44ed9e60eed28e1077f710508ac5a308bb48e48d

HTTP Headers

GET /c/hotjar-1721441.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 01 Dec 2022 07:36:11 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/b7428e08a51bb9ef0723a5ceda634049
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8EOUDwUqyvnS9flZgukIfKYLWeZhmiVoz16tx_h4lAavv3IHd_r8tA==
age: 19
X-Firefox-Spdy: h2

fiumicinobus.com/img/favicon.ico

185.136.89.218

200 OK

32 kB

URL HTTP/2
fiumicinobus.com/img/favicon.ico
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
32 kB (32038 bytes)
Hash
470ac769e31783d7e6ff8733d8d5a47d
6c3b510c99afa50b59e1edd0be4b67d13ecf12bd
a72779d89f095b976d583c78372684b1831f7a61378e54dfbd01b6da74b3021e

HTTP Headers

GET /img/favicon.ico HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: image/vnd.microsoft.icon
content-length: 32038
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-7d26"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

143.204.55.118

200 OK

1.0 kB

URL HTTP/2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP
143.204.55.118:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size
1.0 kB (1035 bytes)
Hash
e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d

HTTP Headers

GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bAiT6-irJrVI0NOe6pzZ4lGxMTbBk9edzCmYITJ7kcTSGT1YFCUgtQ==
age: 671184
X-Firefox-Spdy: h2

fiumicinobus.com/css/app.css

185.136.89.218

200 OK

0 B

URL HTTP/2
fiumicinobus.com/css/app.css
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/app.css HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:28 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-3f8ae"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/js/app.js

185.136.89.218

200 OK

0 B

URL HTTP/2
fiumicinobus.com/js/app.js
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/app.js HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:28 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-a633f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/js/components-Widgets-LanguagePicker.fa805e5dc1695e4eafc9.js

185.136.89.218

200 OK

0 B

URL HTTP/2
fiumicinobus.com/js/components-Widgets-LanguagePicker.fa805e5dc1695e4eafc9.js
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/components-Widgets-LanguagePicker.fa805e5dc1695e4eafc9.js HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:28 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-c7f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/css/menu.css

185.136.89.218

200 OK

0 B

URL HTTP/2
fiumicinobus.com/css/menu.css
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/menu.css HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/css/base.css
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:28 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-222d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/css/animate.min.css

185.136.89.218

200 OK

0 B

URL HTTP/2
fiumicinobus.com/css/animate.min.css
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/animate.min.css HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/css/base.css
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:28 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-d0bc"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/js/components-BusJourneySelector.9cf88cfa67f6b3f4e416.js

185.136.89.218

200 OK

0 B

URL HTTP/2
fiumicinobus.com/js/components-BusJourneySelector.9cf88cfa67f6b3f4e416.js
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/components-BusJourneySelector.9cf88cfa67f6b3f4e416.js HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:29 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-3de4"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/img/apple-touch-icon-144x144-precomposed.png

185.136.89.218

404 Not Found

0 B

URL HTTP/2
fiumicinobus.com/img/apple-touch-icon-144x144-precomposed.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/apple-touch-icon-144x144-precomposed.png HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D; _pk_id.4.5b3b=aae3f0a7c200a3a9.1669880188.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Thu, 01 Dec 2022 07:36:30 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.33
cache-control: no-cache, private
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/css/custom.css

185.136.89.218

200 OK

0 B

URL HTTP/2
fiumicinobus.com/css/custom.css
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/custom.css HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/css/base.css
Cookie: XSRF-TOKEN=eyJpdiI6IkZhNURJV1poN3lBTWhHRGhRWXpCK1E9PSIsInZhbHVlIjoiZXNlR3BMUlgyV2VTcnArR05kUjhGd2dudVhQcFJhLyszSStGNnpLM1NyWWNrKzZmU3B4T0lMMkNCdFRtZUxsS0dhYkNJQWZOZUQ2Q09BQ3hyaXAvdTZhZy9YU2JXdFcyK1VyeHEwOU1aSUtDS01IRmpjbEF5aW9oL2djNmVoYkoiLCJtYWMiOiI5MTg0YTVlNTQ1Yzg5YTUyOWUzY2I5MzNlZjE5MjYyMzUwZjFiNGMyMGVkMzkxNmEyMWFjMTc1ZmYwNDY5YzFhIn0%3D; fiumicinobus_session=eyJpdiI6Imp3V2dIOGRYSjd0bXptZC9sOUJCVHc9PSIsInZhbHVlIjoiU0cveDNaalFZcUNVQlpYc2kzbGd2U2xteFRleUxPV1pTZ1FPa2h0bytTMys5cEZCV0crcmlJckJYOEQxZFp6YTdtSFQrVE9PZm93MjJaTmJUVTVoOWUzd0M4M2xFRW5KRVgzWG9ZYWh0K1U1NkEycTZ2MG9ISXkwVVJ4UDk3dTUiLCJtYWMiOiI3NjJjMjc2YzA4M2FiOWU4OTU3ZGY2YTQzYmRjNTcyYzg4NDIxMGMxNTA5YTMzNDMzZjg5ODJlNTE1NzM5OTJjIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 07:36:28 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-131f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations