Report - ecocalor.michelettigroup.it/wp-includes/fonts/opt/

Report Overview

Submitted URL
ecocalor.michelettigroup.it/wp-includes/fonts/opt/
IP
80.252.226.191
ASN
#21454 Easynet S.P.A.
Submitted
2022-10-20 23:08:00
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-09T09:24:51Z	510 B	694 B	142.250.74.3
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	1.6 kB	4.4 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.9 kB	34.160.144.191
ecocalor.michelettigroup.it	unknown			14 kB	307 kB	80.252.226.191
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-09T07:43:12Z	612 B	722 B	173.194.73.155
s.go-mpulse.net	1280	2017-07-13T10:35:40Z	2023-03-09T05:15:12Z	390 B	52 kB	23.38.200.138
c.go-mpulse.net	568	2014-03-15T02:53:06Z	2023-03-09T05:13:24Z	768 B	321 B	23.38.200.138
www.google.com	7	2015-05-10T13:11:19Z	2023-03-09T13:38:50Z	511 B	694 B	142.250.74.164
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	46 kB	34.120.237.76
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	2.3 kB	4.9 kB	142.250.74.3
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	329 B	797 B	93.184.220.29
webmail.optusnet.com.au	unknown	2017-02-03T10:30:51Z	2023-03-09T02:02:03Z	5.5 kB	497 kB	104.84.152.187
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	52.41.246.187
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.36
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-09T13:40:16Z	381 B	47 kB	142.250.74.168
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-09T13:53:17Z	804 B	647 B	142.250.74.174
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
smb.optus.com.au	unknown	2012-10-10T04:48:13Z	2023-03-06T06:11:59Z	3.4 kB	406 kB	23.38.200.195

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-10-20	medium	ecocalor.michelettigroup.it/wp-includes/fonts/opt/	Singtel Optus

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-20	medium	ecocalor.michelettigroup.it/wp-admin/install.php	Phishing
2022-10-20	medium	ecocalor.michelettigroup.it/wp-admin/install.php	Phishing
2022-10-20	medium	ecocalor.michelettigroup.it/wp-admin/install.php	Phishing
2022-10-20	medium	ecocalor.michelettigroup.it/wp-admin/install.php	Phishing
2022-10-20	medium	ecocalor.michelettigroup.it/wp-admin/install.php	Phishing
2022-10-20	medium	ecocalor.michelettigroup.it/wp-admin/install.php	Phishing
2022-10-20	medium	ecocalor.michelettigroup.it/wp-admin/install.php	Phishing
2022-10-20	medium	ecocalor.michelettigroup.it/wp-admin/install.php	Phishing
2022-10-20	medium	ecocalor.michelettigroup.it/wp-admin/install.php	Phishing
2022-10-20	medium	ecocalor.michelettigroup.it/wp-admin/install.php	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (24)

	URL	Size	First Seen	Last Seen
	ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/globalHeaderNavMain.js	9.1 kB	2023-03-10	2023-03-10
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/globalHeaderNavMain.js IP 80.252.226.191 ASN #21454 Easynet S.P.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:11:21 Last Seen2023-03-10 12:11:21 Times Seen1 Hash 8e34bef9cfea360f43330c5cc83181ef 13365a65bd30f0c3d8dc6979187963a8d058c7a3 c4aa769d35fead5c3688d631c29bc57ae3e729900a5b00cbac0c1a121c42fca4 Loading...

	ecocalor.michelettigroup.it/wp-includes/fonts/opt/	26 B	2023-03-07	2024-04-25
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/ IP 80.252.226.191 ASN #21454 Easynet S.P.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-04-25 14:02:07 Times Seen19661 Hash 0096b3a75c132c10f6a90df56192e4d7 07cfa420d654e1531d97a9dccd23f4bede5edde7 7e519b79026424c478dc1b72f347eb1327c9d01dc2458973bafe2690ca7d016d Loading...

	ecocalor.michelettigroup.it/wp-includes/fonts/opt/	26 B	2023-03-07	2024-04-25
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/ IP 80.252.226.191 ASN #21454 Easynet S.P.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-25 14:02:07 Times Seen19659 Hash 91e37f24be76111b93a0ff728b96cddb e1740ea479e156d424cb918060d779528ecc8fae 49ef43da1c84ec34b398aaab43e8debad168559596297c7586e9c9e8239c79bf Loading...

	ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/analytics.js	50 kB	2023-03-07	2024-04-18
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/analytics.js IP 80.252.226.191 ASN #21454 Easynet S.P.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-18 21:14:10 Times Seen840 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/modernizr.js	31 kB	2023-03-07	2023-08-09
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/modernizr.js IP 80.252.226.191 ASN #21454 Easynet S.P.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:38:42 Last Seen2023-08-09 01:24:37 Times Seen34 Hash 52682fa5db103459436cfd9ef72e81fb 73cfdcdb42553bfac47424fd9310721ad20b3485 22680640d03747d132d2e358560a474a380f1f50c51977a948fdee3b7e732937 Loading...

	ecocalor.michelettigroup.it/wp-includes/fonts/opt/	26 B	2023-03-07	2024-04-25
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/ IP 80.252.226.191 ASN #21454 Easynet S.P.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-04-25 14:02:07 Times Seen19665 Hash 813f7afe12806d2df1c685b53ab49c0e 8ebc2ee97e18dd336b670b53dbccdfb8788a5825 ab008176ac77145e392d8392787e81c90c2592a54b1590d8779c74f956c0e46a Loading...

	ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/247tag.js	9.1 kB	2023-03-10	2023-03-10
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/247tag.js IP 80.252.226.191 ASN #21454 Easynet S.P.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:11:21 Last Seen2023-03-10 12:11:21 Times Seen1 Hash 58d8af6cdcd69d85ca5465c46821f70f b8413ad26a19f7c1c781528a7c0bd0d2a0926f41 dbf4c0f065199f600cd5c0aea5d39dd399072e11e9939cb387a7c3c628aae9d5 Loading...

	s.go-mpulse.net/boomerang/PC6VM-4FQA5-8HDKN-MYG9N-T5BRS	207 kB	2023-03-07	2023-05-05
Pretty URL s.go-mpulse.net/boomerang/PC6VM-4FQA5-8HDKN-MYG9N-T5BRS IP 23.38.200.138 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:52 Last Seen2023-05-05 19:55:26 Times Seen141 Hash 53f533fdf71fdb8527ab9fa6641e241b 8cde78b625d06e4304941ec09ee038c47e4768dc 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54 Loading...

	ecocalor.michelettigroup.it/wp-includes/fonts/opt/	26 B	2023-03-07	2024-04-25
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/ IP 80.252.226.191 ASN #21454 Easynet S.P.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-25 14:02:07 Times Seen19663 Hash 8cf91652fc7787b535b26f390f9ed9af d39e49793059ab3b8a97b61bac69ad2a451c8ff2 f876a7b1e6234843f5d8487af055addd42fe6018d4f4e2f29ab08c0f08a85d94 Loading...

	ecocalor.michelettigroup.it/wp-includes/fonts/opt/	339 B	2023-03-08	2023-05-04
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/ IP 80.252.226.191 ASN #21454 Easynet S.P.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:19:25 Last Seen2023-05-04 02:03:16 Times Seen8 Hash 69a1ab2492449a0868d442eadb9265b7 504cc8bc887f7e63a2dfa22f11ae8cd29a3705c0 1480dc32e988fa60b3c562b46a1cfc250fd47f0903673d34442b30b151b15f49 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 14:16:01 Times Seen37063996 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/jquery-migrate-1.4.1.js	9.1 kB	2023-03-10	2023-03-10
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/jquery-migrate-1.4.1.js IP 80.252.226.191 ASN #21454 Easynet S.P.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:11:21 Last Seen2023-03-10 12:11:21 Times Seen1 Hash aace4324ac3a4d8f793f1d5e7b6240ce 5c569e16baa5dcd11bbb841c9f8e872ed3b75d48 079bb5012e5ec48cf69cf83a20e215a2241abef93cd9bdff4ffeeb3ba7ef0730 Loading...

	ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/247px.js	9.1 kB	2023-03-10	2023-03-10
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/247px.js IP 80.252.226.191 ASN #21454 Easynet S.P.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:11:21 Last Seen2023-03-10 12:11:21 Times Seen1 Hash 0b740617d438e85a9d7271b619cb139d ebab75ee255e7d8eb43a86cf0a0d3b4075bd7e83 2c8a8376b3c0be915626084f8544b249820095a0c31642315b0e41a0c7428582 Loading...

	ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/jquery-1.12.4.js	9.1 kB	2023-03-10	2023-03-10
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/jquery-1.12.4.js IP 80.252.226.191 ASN #21454 Easynet S.P.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:11:21 Last Seen2023-03-10 12:11:21 Times Seen1 Hash c4e9f64b0ae574ebc41b519235361d37 cb31dcfd778f14af564d6a1bb392190cf7a3218c 32bd149c819f49ecc845ea900c46ea660405c317e68e1da69f8058bc204412bf Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-24
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-24 18:41:20 Times Seen1526 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	ecocalor.michelettigroup.it/wp-includes/fonts/opt/	32 B	2023-03-10	2023-05-04
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/ IP 80.252.226.191 ASN #21454 Easynet S.P.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:11:21 Last Seen2023-05-04 02:03:16 Times Seen2 Hash 133a82774313747463e09418fd69e4f5 ddea0053a00da382410b40fc9783f4b71158fcbc 92d7f0f0403f74828e56bb5481dc428046aa12cbc2694185df7452c0f0e2ce66 Loading...

	ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/globalHeaderNavDesktop.js	9.1 kB	2023-03-10	2023-03-10
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/globalHeaderNavDesktop.js IP 80.252.226.191 ASN #21454 Easynet S.P.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:11:21 Last Seen2023-03-10 12:11:21 Times Seen1 Hash 4fe1eaae48ca8b7f989fd9f0c34a5895 eccd874f0b90d86a5f8dd756d2c00d7c3a5f90a8 fd8d5067de9fdbeaf56026bebfd027bf317b2e04335194df5a7ea253ba9130da Loading...

	ecocalor.michelettigroup.it/wp-includes/fonts/opt/	26 B	2023-03-07	2024-04-25
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/ IP 80.252.226.191 ASN #21454 Easynet S.P.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-25 14:02:07 Times Seen19661 Hash 339aaaa033bd435bc3d3442976b21150 309497f761b4649d113688cb611242810ed2a8bc 47536a23eb95f0f1d8f00b6ef54ac4553cc05d06ddce49260dab7dc9f083296d Loading...

	ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/18ae682f	27 kB	2023-03-10	2024-01-03
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/18ae682f IP 80.252.226.191 ASN #21454 Easynet S.P.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:11:21 Last Seen2024-01-03 08:12:15 Times Seen17 Hash c05c1e11c9c7b3f3dd6cc1fc15bcfa3f 32ae031ed77f4b22d65b37a449e804d7bd8c6bd7 5f8d78703eacfcd43e9157bc9d7f5e7c0b20ba06621cf8ec882b2cb9682b9f71 Loading...

	ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/FhBwcEk	86 kB	2023-03-07	2024-04-14
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/FhBwcEk IP 80.252.226.191 ASN #21454 Easynet S.P.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:48 Last Seen2024-04-14 23:10:20 Times Seen552 Hash 95ed6677924852b9085a949341297472 dbcad9d1273a65c3cd7c0e08c7f7a8cbdde089f0 fa43fd4073d3976c0bc94de0d58e6f81290443515528b60e80aa889fa38f80c2 Loading...

	ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/header.js	1.6 kB	2023-03-07	2023-08-09
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/header.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:38:42 Last Seen2023-08-09 01:24:37 Times Seen15 Hash 9d51841821728e7f5650093c7ec267f9 cdf6bd9f4a80e74e55b19d88e8e31c242152f9db 3b8849edf71354f42d48427198035e7779335be0d1252f67d0c6dc8bd3499f5c Loading...

	ecocalor.michelettigroup.it/wp-includes/fonts/opt/	984 B	2023-03-08	2023-08-09
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/ IP 80.252.226.191 ASN #21454 Easynet S.P.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:19:25 Last Seen2023-08-09 01:24:37 Times Seen9 Hash 5141f90061b3fc5f288b10dd6b938c21 fd842052d502ccff46d0f241e5ab63655467d6a3 62e732143e0fa10198ddc56c6bc60a7c83a144f1af94f037b19bdcace65963e6 Loading...

	ecocalor.michelettigroup.it/wp-includes/fonts/opt/	3.0 kB	2023-03-10	2023-05-04
Pretty URL ecocalor.michelettigroup.it/wp-includes/fonts/opt/ IP 80.252.226.191 ASN #21454 Easynet S.P.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:11:21 Last Seen2023-05-04 02:03:16 Times Seen2 Hash b3c27133a10992f5a51501b4f343d6c4 3096b68bed6c53887ed4012c794b3537ecae92ec 7c0e70b205d62de48548743ac019018cda369ac26828c5071d084bf74d8bf36f Loading...

		Size	First Seen	Last Seen
	#1 Write - 307a647aed7ff64fc52f7e430c9882ee	30 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:06:27 Last Seen2024-04-25 12:30:56 Times Seen5116 Hash 307a647aed7ff64fc52f7e430c9882ee 061cb2a0b893008a8c66563d96199a58b149141c 807a15fef8a2e854bd4657ca750efc8effd5f91349736064e0ef649819a7a296 Loading...

HTTP Transactions (78)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 20 Oct 2022 22:52:00 GMT
Expires: Thu, 20 Oct 2022 23:37:57 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BaCftxxP6wt8FnmfcbCChRyQDP7e1hgAx2GwLkzAiP_OKTigSrFMtw==
Age: 950

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
24a97183f836954e0f05c4dc794ff4d1
52778bbe39b9f736c16b5798575d1d96607ce9d0
01f6721f2674f54662fff590fdf7247cc8c58a3f84906cae75527fb7b6dd2436

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01F6721F2674F54662FFF590FDF7247CC8C58A3F84906CAE75527FB7B6DD2436"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8538
Expires: Fri, 21 Oct 2022 01:30:08 GMT
Date: Thu, 20 Oct 2022 23:07:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9dc4f23f82148797f6d8041bdda3c7f7
6841ded3e2dd94fd762316d01efd43f7aafb8354
e229db1854a85b320cee574e805210f3adf5797136ea820c0a0ce9abcd63d4dd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E229DB1854A85B320CEE574E805210F3ADF5797136EA820C0A0CE9ABCD63D4DD"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8537
Expires: Fri, 21 Oct 2022 01:30:07 GMT
Date: Thu, 20 Oct 2022 23:07:50 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: KC45CZ5XXwDdfvxS4RehDCmtLiS2PeLeRzEIjB8J9Ag0S9P290U3WEdB+9ylgCrxNl4+Zfa+D2Af91CiCa9cNw==
x-amz-request-id: 0EERBZ2Q4VEXB7VX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 20 Oct 2022 22:36:55 GMT
age: 1855
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 23:07:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ecocalor.michelettigroup.it/wp-includes/fonts/opt/

80.252.226.191

200 OK

10 kB

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-includes/fonts/opt/
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- PHP script text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3190), with CRLF line terminators
Size
10 kB (10096 bytes)
Hash
bc64cfc68cd94c531cafe7e3ba0ede54
f094951ea6b41639cda204085ff9a3c062093647
e4bd788c40be87ff34522d9880e91bcf71ef034e4f8a1ccb42ccf9fa041610d8

Detections

Analyzer	Verdict	Alert
openphish	Singtel Optus

HTTP Headers

GET /wp-includes/fonts/opt/ HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host,Accept-Encoding
Content-Encoding: gzip
Content-Length: 10096
Keep-Alive: timeout=10, max=10000
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/analytics.js

80.252.226.191

200 OK

20 kB

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/analytics.js
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
a8d5e06df793aa34009b792587610413
27cf8f84b9fa9330d9c535d0703b01945aba5540
7aa50b03c5dde9c0ab3a21ec6185f267d220c4edd10c5b5266405a9fe940bf47

HTTP Headers

GET /wp-includes/fonts/opt/css/analytics.js HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host,Accept-Encoding
Last-Modified: Wed, 13 Jul 2022 21:43:16 GMT
ETag: "c41d-5e3b6ac310500-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 20006
Keep-Alive: timeout=10, max=9999
Connection: Keep-Alive
Content-Type: application/javascript

smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/all-fonts4.css

23.38.200.195

200 OK

981 B

URL HTTP/2
smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/all-fonts4.css
IP
23.38.200.195:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (368), with CRLF line terminators
Size
981 B (981 bytes)
Hash
db32ac7df96f9ef941e90b86d9e516d2
d75a3e8501856fa4ce49e903615afe263d264d8a
024e58c8873d964f3be6af4ad8b04dd6b9a0e8fd34eed1bc1a868dc61f2c339f

HTTP Headers

GET /opfiles/Shop/Consumer/Assets/AllFonts/all-fonts4.css HTTP/1.1
Host: smb.optus.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 21 Jan 2022 06:42:59 GMT
etag: "a02750-167c-5d611edfb22c0"
accept-ranges: bytes
content-encoding: gzip
content-length: 981
content-type: text/css
cache-control: max-age=20410
expires: Fri, 21 Oct 2022 04:48:00 GMT
date: Thu, 20 Oct 2022 23:07:50 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/jquery-migrate-1.4.1.js

80.252.226.191

302 Found

0 B

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/jquery-migrate-1.4.1.js
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/fonts/opt/css/jquery-migrate-1.4.1.js HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=9998
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
13b2ffd04752d468f707090604f6ed1c
94de24b43698a598b060edea68a4b1b5c6bf9879
98f0ad0db175ed53ed6b048cc4427f902c148adc378d833dcb8cd89d59397aad

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 23:07:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/18ae682f

80.252.226.191

200 OK

27 kB

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/18ae682f
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type
ASCII text, with very long lines (14360)
Size
27 kB (26684 bytes)
Hash
c05c1e11c9c7b3f3dd6cc1fc15bcfa3f
32ae031ed77f4b22d65b37a449e804d7bd8c6bd7
5f8d78703eacfcd43e9157bc9d7f5e7c0b20ba06621cf8ec882b2cb9682b9f71

HTTP Headers

GET /wp-includes/fonts/opt/css/18ae682f HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Last-Modified: Wed, 13 Jul 2022 21:43:16 GMT
ETag: "683c-5e3b6ac310500"
Accept-Ranges: bytes
Content-Length: 26684
Keep-Alive: timeout=10, max=9997
Connection: Keep-Alive

ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/247px.js

80.252.226.191

302 Found

0 B

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/247px.js
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/fonts/opt/css/247px.js HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=10000
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

www.googletagmanager.com/gtm.js?id=GTM-525H7H9

142.250.74.168

200 OK

46 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-525H7H9
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1588)
Size
46 kB (45997 bytes)
Hash
17e30fe1b313a9c466e6f473a34ab71b
418af7db0bd6ec812bf8892d8b18a9d614fc86e6
ce504718f9ca99b5751e20ac7f439cd5b7d24d7a402f170e84f311cf63852296

HTTP Headers

GET /gtm.js?id=GTM-525H7H9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 20 Oct 2022 23:07:50 GMT
expires: Thu, 20 Oct 2022 23:07:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/247tag.js

80.252.226.191

302 Found

0 B

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/247tag.js
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/fonts/opt/css/247tag.js HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=10000
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/jquery-1.12.4.js

80.252.226.191

302 Found

0 B

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/jquery-1.12.4.js
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/fonts/opt/css/jquery-1.12.4.js HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=10000
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 20 Oct 2022 22:43:40 GMT
Cache-Control: max-age=3600
Expires: Thu, 20 Oct 2022 22:44:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dfl89EpNgNhzzDsJ_wStQMNKciMTLQeZIW2xGZ9S-ippUT1ms6Gn3Q==
Age: 1450

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a5dd4f71f4ddd5be9201466ed7a6c423
1d0832fb6e227d42137d319f728c8bc1414c816f
1edffa6a320210fccbd0e5fa6dbdaa45561678a75a66639985f02791c8283b40

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6404
Cache-Control: max-age=125140
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 23:07:50 GMT
Etag: "63510196-1d7"
Expires: Sat, 22 Oct 2022 09:53:30 GMT
Last-Modified: Thu, 20 Oct 2022 08:06:46 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/globalHeaderNavDesktop.js

80.252.226.191

302 Found

0 B

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/globalHeaderNavDesktop.js
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/fonts/opt/css/globalHeaderNavDesktop.js HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=9999
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/modernizr.js

80.252.226.191

200 OK

8.4 kB

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/modernizr.js
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (3738), with CRLF line terminators
Size
8.4 kB (8375 bytes)
Hash
749ec6f33435e6285fa38109d65d3112
5f0d8afb9c4eaf34e6af8de921ab8844f6a5938c
8ffb2978b3070c5d17c29253443380932bee1eeb3284eff92e55678ae4bc4e54

HTTP Headers

GET /wp-includes/fonts/opt/css/modernizr.js HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host,Accept-Encoding
Last-Modified: Wed, 13 Jul 2022 21:43:16 GMT
ETag: "77f8-5e3b6ac310500-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 8375
Keep-Alive: timeout=10, max=9996
Connection: Keep-Alive
Content-Type: application/javascript

ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/globalHeaderNavMain.js

80.252.226.191

302 Found

0 B

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/globalHeaderNavMain.js
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/fonts/opt/css/globalHeaderNavMain.js HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=9999
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
13b2ffd04752d468f707090604f6ed1c
94de24b43698a598b060edea68a4b1b5c6bf9879
98f0ad0db175ed53ed6b048cc4427f902c148adc378d833dcb8cd89d59397aad

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 23:07:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/gtm

80.252.226.191

200 OK

113 kB

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/gtm
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type
ASCII text, with very long lines (1600)
Size
113 kB (112575 bytes)
Hash
29e5aa09ed493ef60adc7049d18c1b9c
2e1824a271116c13f9516d2c1651d4bfb8b5141d
d4642910b397dc44c34f4e8ee0ccb2c4ec6e83a55ed50faec712b9e736074049

HTTP Headers

GET /wp-includes/fonts/opt/css/gtm HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Last-Modified: Wed, 13 Jul 2022 21:43:16 GMT
ETag: "1b7bf-5e3b6ac310500"
Accept-Ranges: bytes
Content-Length: 112575
Keep-Alive: timeout=10, max=10000
Connection: Keep-Alive

ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/FhBwcEk

80.252.226.191

200 OK

86 kB

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/FhBwcEk
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
86 kB (85846 bytes)
Hash
95ed6677924852b9085a949341297472
dbcad9d1273a65c3cd7c0e08c7f7a8cbdde089f0
fa43fd4073d3976c0bc94de0d58e6f81290443515528b60e80aa889fa38f80c2

HTTP Headers

GET /wp-includes/fonts/opt/css/FhBwcEk HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Last-Modified: Wed, 13 Jul 2022 21:43:16 GMT
ETag: "14f56-5e3b6ac310500"
Accept-Ranges: bytes
Content-Length: 85846
Keep-Alive: timeout=10, max=9999
Connection: Keep-Alive

www.google-analytics.com/j/collect?v=1&_v=j96&a=866316565&t=pageview&_s=1&dl=https%3A%2F%2Fecocalor.michelettigroup.it%2Fwp-includes%2Ffonts%2Fopt%2F&ul=en-us&de=UTF-8&dt=Optus%20-%20Webmail&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aGBACEABFAAAAC~&jid=473857071&gjid=1965497801&cid=71832969.1666307282&tid=UA-22088848-3&_gid=919567179.1666307282&_r=1&gtm=2wgaj0525H7H9&z=100649488

142.250.74.174

200 OK

2 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j96&a=866316565&t=pageview&_s=1&dl=https%3A%2F%2Fecocalor.michelettigroup.it%2Fwp-includes%2Ffonts%2Fopt%2F&ul=en-us&de=UTF-8&dt=Optus%20-%20Webmail&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aGBACEABFAAAAC~&jid=473857071&gjid=1965497801&cid=71832969.1666307282&tid=UA-22088848-3&_gid=919567179.1666307282&_r=1&gtm=2wgaj0525H7H9&z=100649488
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

HTTP Headers

POST /j/collect?v=1&_v=j96&a=866316565&t=pageview&_s=1&dl=https%3A%2F%2Fecocalor.michelettigroup.it%2Fwp-includes%2Ffonts%2Fopt%2F&ul=en-us&de=UTF-8&dt=Optus%20-%20Webmail&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aGBACEABFAAAAC~&jid=473857071&gjid=1965497801&cid=71832969.1666307282&tid=UA-22088848-3&_gid=919567179.1666307282&_r=1&gtm=2wgaj0525H7H9&z=100649488 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://ecocalor.michelettigroup.it
date: Thu, 20 Oct 2022 23:07:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

webmail.optusnet.com.au/css/headerFooter.css

104.84.152.187

200 OK

36 kB

URL HTTP/2
webmail.optusnet.com.au/css/headerFooter.css
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65502)
Size
36 kB (36541 bytes)
Hash
7bf6d4616f35414f59dfe74b2e873cd3
e78a6efbc279e2e85c8cb7d5b5d65f5869902888
a3e9ca9db0a801a881aa7293ff67c9a0c4b60e6ad8b0749bc94706606c9700f3

HTTP Headers

GET /css/headerFooter.css HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache
last-modified: Wed, 02 Dec 2020 13:28:19 GMT
etag: "12239d-582d7-5b57b37762e41"
accept-ranges: bytes
content-encoding: gzip
content-length: 36541
content-type: text/css
expires: Thu, 20 Oct 2022 23:07:50 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:50 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2

webmail.optusnet.com.au/css/lux.base.8fba59704a65bcc34212ff1ef5e4708d.css

104.84.152.187

200 OK

51 kB

URL HTTP/2
webmail.optusnet.com.au/css/lux.base.8fba59704a65bcc34212ff1ef5e4708d.css
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (51031)
Size
51 kB (50683 bytes)
Hash
4384b6a0b62d9982f6fe87be29cbc1e9
7501c812704905cc420a0bc0cce2b4b15991ac4e
fa70e99bbb1d75bbd317006646972e6cc10cb988cb161e7189a8e914b547ccb9

HTTP Headers

GET /css/lux.base.8fba59704a65bcc34212ff1ef5e4708d.css HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache
last-modified: Wed, 25 Nov 2020 03:07:09 GMT
etag: "38061c-7c9fd-5b4e5b9119140"
accept-ranges: bytes
content-encoding: gzip
content-length: 50683
content-type: text/css
expires: Thu, 20 Oct 2022 23:07:50 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:50 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2

ecocalor.michelettigroup.it/wp-admin/install.php

80.252.226.191

200 OK

2.9 kB

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-admin/install.php
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Size
2.9 kB (2922 bytes)
Hash
d1ffbeb517ba1da574add75a391651af
14c907d7662c380557299b1cc8549e2ba8d2218b
1e42bf84891c03e401c890f57a236b0d0a13578a222a9a621ad92dc81d7fdbc9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2922
Keep-Alive: timeout=10, max=9999
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/mob.png

80.252.226.191

200 OK

1.2 kB

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/mob.png
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type
PNG image data, 80 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1190 bytes)
Hash
746c5446544934459f95c61b1cce0f56
30a65f665997cad02775e7bb8f6946239c730bde
d4b023ef19903b8679087af12c0888bb945f320f9453aa4f351702dac09b0c2c

HTTP Headers

GET /wp-includes/fonts/opt/css/mob.png HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Last-Modified: Wed, 13 Jul 2022 21:43:16 GMT
ETag: "4a6-5e3b6ac310500"
Accept-Ranges: bytes
Content-Length: 1190
Keep-Alive: timeout=10, max=9995
Connection: Keep-Alive
Content-Type: image/png

ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/tablet.png

80.252.226.191

200 OK

1.3 kB

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/tablet.png
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type
PNG image data, 80 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1327 bytes)
Hash
d71f2f87bee3b11e5625b7fb1305ee9f
d43bb7f610e19406b0db952f340b1192c9d92f60
75df7b13dd67f6b31092e2a72f963d1c77cdfa88938b4b45f3152330173e3f2c

HTTP Headers

GET /wp-includes/fonts/opt/css/tablet.png HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Last-Modified: Wed, 13 Jul 2022 21:43:16 GMT
ETag: "52f-5e3b6ac310500"
Accept-Ranges: bytes
Content-Length: 1327
Keep-Alive: timeout=10, max=9998
Connection: Keep-Alive
Content-Type: image/png

ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/macpc.png

80.252.226.191

200 OK

2.0 kB

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-includes/fonts/opt/css/macpc.png
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type
PNG image data, 80 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (2021 bytes)
Hash
6ede4f453e5942b129e44e1cfb32a034
c32d46e6a89113297323d31849220f623f663bf3
1911f1118b639907dc998c8afd117af682ee15046693af74fb0ec3c82b150a85

HTTP Headers

GET /wp-includes/fonts/opt/css/macpc.png HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host
Last-Modified: Wed, 13 Jul 2022 21:43:16 GMT
ETag: "7e5-5e3b6ac310500"
Accept-Ranges: bytes
Content-Length: 2021
Keep-Alive: timeout=10, max=9999
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8709f3baa978d291fda131e2f445ddda
987cf815a2d18b4aeb0a1047e9e7f8783dde6d88
b24f6a13ff0a1f888143ad742bf32a2b80e3d7f5a903d2e59e1dbfbf1a1a3e11

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 23:07:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22088848-3&cid=71832969.1666307282&jid=473857071&gjid=1965497801&_gid=919567179.1666307282&_u=aGBACEAAFAAAAC~&z=1620163978

173.194.73.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22088848-3&cid=71832969.1666307282&jid=473857071&gjid=1965497801&_gid=919567179.1666307282&_u=aGBACEAAFAAAAC~&z=1620163978
IP
173.194.73.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22088848-3&cid=71832969.1666307282&jid=473857071&gjid=1965497801&_gid=919567179.1666307282&_u=aGBACEAAFAAAAC~&z=1620163978 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://ecocalor.michelettigroup.it
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 20 Oct 2022 23:07:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.41.246.187

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.246.187:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R27qQo1CQ0YdBhoDQ7sP9w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: x838ZG2WAH9M0BKnObnyxyJNvDs=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8709f3baa978d291fda131e2f445ddda
987cf815a2d18b4aeb0a1047e9e7f8783dde6d88
b24f6a13ff0a1f888143ad742bf32a2b80e3d7f5a903d2e59e1dbfbf1a1a3e11

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 23:07:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ecocalor.michelettigroup.it/wp-admin/install.php

80.252.226.191

200 OK

2.9 kB

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-admin/install.php
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Size
2.9 kB (2917 bytes)
Hash
41b11f567d3f70db682a441ac93a0f2d
4ff2d20ce9ce9fddd6bf057e90839b3286e4c0ee
26661d516b0b7a5ee40581ea681866c77ff85660827bbb52915f63401140c0a6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2917
Keep-Alive: timeout=10, max=9998
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

ecocalor.michelettigroup.it/wp-admin/install.php

80.252.226.191

200 OK

2.9 kB

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-admin/install.php
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Size
2.9 kB (2918 bytes)
Hash
0bfaf57f960a2be919641c072f4c855d
9dc65802b22dec4e6ea6f52530bdf51c45968024
81b2699ad900a67e1511d5d9200958edb46c2d2ef29ac9f6c1e04984dd31615e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2918
Keep-Alive: timeout=10, max=9998
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

ecocalor.michelettigroup.it/wp-admin/install.php

80.252.226.191

200 OK

2.9 kB

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-admin/install.php
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Size
2.9 kB (2917 bytes)
Hash
2eec70fe495bcf46d009ebdfbd48e29e
feac8315f90cad95522b6a7571eab0da7b1c42a6
521c1bb11933079edd6f89c76c303ae494c6339ef9f2ad57b776cee50843a476

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:50 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2917
Keep-Alive: timeout=10, max=9997
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

ecocalor.michelettigroup.it/fonts/TradeGothicLTPro.woff

80.252.226.191

302 Found

0 B

URL HTTP/1.1
ecocalor.michelettigroup.it/fonts/TradeGothicLTPro.woff
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fonts/TradeGothicLTPro.woff HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:51 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=9994
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

s.go-mpulse.net/boomerang/PC6VM-4FQA5-8HDKN-MYG9N-T5BRS

23.38.200.138

200 OK

52 kB

URL HTTP/2
s.go-mpulse.net/boomerang/PC6VM-4FQA5-8HDKN-MYG9N-T5BRS
IP
23.38.200.138:0
ASN
#16625 AKAMAI-AS

File type
C source, ASCII text, with very long lines (31985)
Size
52 kB (51580 bytes)
Hash
cd84496512bb060357bd7e6e877fe2d1
90992f2c8c86540facb19e7ed4ab0ae3e4fdcda4
3b53bb627cec222cfed7c8c6ad8b68f869500bbd4231f4e1ed67358ae74fd5f6

HTTP Headers

GET /boomerang/PC6VM-4FQA5-8HDKN-MYG9N-T5BRS HTTP/1.1
Host: s.go-mpulse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
content-encoding: br
last-modified: Fri, 23 Sep 2022 00:15:32 GMT
timing-allow-origin: *
vary: Accept-Encoding
content-length: 51580
date: Thu, 20 Oct 2022 23:07:51 GMT
X-Firefox-Spdy: h2

ecocalor.michelettigroup.it/wp-admin/install.php

80.252.226.191

200 OK

2.9 kB

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-admin/install.php
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Size
2.9 kB (2916 bytes)
Hash
e30ba8030b5457f569081f08f1158955
4b2540cd8050b334585f40d0ab43839ce6a49171
0d9f1832ee60c6cf424e8384698d7b87f4cc77ec0c21f40467f9705c93ceb5e8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:51 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2916
Keep-Alive: timeout=10, max=9996
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

ecocalor.michelettigroup.it/wp-admin/install.php

80.252.226.191

200 OK

2.9 kB

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-admin/install.php
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Size
2.9 kB (2921 bytes)
Hash
776e60da03cd412ed46ac89f4c4bb463
13d5f2584cc90bf0fb06204dd32e3f254296ffd0
e9258879cfc3f7dfbf7a5bc1abef33c080ab7d8698e6454bb304502a900ae190

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:51 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2921
Keep-Alive: timeout=10, max=9997
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

smb.optus.com.au/opfiles/ys/online-style/images/logo/logo_optus.png

23.38.200.195

200 OK

1.4 kB

URL HTTP/2
smb.optus.com.au/opfiles/ys/online-style/images/logo/logo_optus.png
IP
23.38.200.195:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 84 x 17, 8-bit colormap, non-interlaced\012- data
Size
1.4 kB (1438 bytes)
Hash
261efcd6f96789f44e5d68ec4f70e7cb
01103070885237bc27ea96b0364930613d19c993
6f7079f7f44f2ef5c07100f61ee2843c1c3720158e62a1948c186f00c882b8aa

HTTP Headers

GET /opfiles/ys/online-style/images/logo/logo_optus.png HTTP/1.1
Host: smb.optus.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61a72-780-535f1e3375cc0"
last-modified: Tue, 22 Sep 2020 19:27:06 GMT
server: Akamai Image Manager
content-length: 1438
content-type: image/png
cache-control: private, no-transform, max-age=2404654
expires: Thu, 17 Nov 2022 19:05:25 GMT
date: Thu, 20 Oct 2022 23:07:51 GMT
X-Firefox-Spdy: h2

webmail.optusnet.com.au/css/assets/fonts/lux-icons/2d0e6ce5791dcb72fd35df708136be66.woff

104.84.152.187

200 OK

58 kB

URL HTTP/2
webmail.optusnet.com.au/css/assets/fonts/lux-icons/2d0e6ce5791dcb72fd35df708136be66.woff
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format, TrueType, length 58352, version 1.0\012- data
Size
58 kB (58352 bytes)
Hash
2d0e6ce5791dcb72fd35df708136be66
cda7b1fbf8c5537a46c531971179e41c58200b9c
8855f50a2c19e5186a498b2cfd5a21f20e6e71e16ecfb8c396b1af3f9bb8e9db

HTTP Headers

GET /css/assets/fonts/lux-icons/2d0e6ce5791dcb72fd35df708136be66.woff HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
last-modified: Wed, 25 Nov 2020 04:03:26 GMT
etag: "3e07a3-e3f0-5b4e6825a7f80"
accept-ranges: bytes
content-length: 58352
content-type: text/plain; charset=UTF-8
expires: Thu, 20 Oct 2022 23:07:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:51 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: ak_bmsc=957F7EB4ACD994E5519CE3D11D574DBE~000000000000000000000000000000~YAAQt5hUaDa+6++DAQAA3iqn9xHK+O1ePyopV5ePg2k5gbX0mA1xyRDArbP0X7T6bUcfCw+Vk1gROOJ7o21KlD4/3B5D6VFsUaGZvqJqfpPxm7uDX66M7zQ67/RHgdDDGOcFNlLh0xGSJAbZ7+Ghn5WsOnCN+YI+3jRSTHCy902Yw3w2j7aDc4Aqs9/2u5KtzaLRHQeFNC9StFbgiDxIayuuUpgpaW6QepAmV+PX50QHX8nmOtZpEmIHhgrDXmwMgxslXbgTS8xGTwbI8IN+b4HYtuQS1E31CMNvKGl1kjv5Z8BNylwwJji3RSor9b+VDZODTq7va5kCbaC2xq5lUQ+Dii0X0A5SqHxR87xJF529jsSGhPmfGZxEUMop9hoGs5FmsmGcdhkcz7iIuwU=; Domain=.optusnet.com.au; Path=/; Expires=Fri, 21 Oct 2022 01:07:51 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2

webmail.optusnet.com.au/css/assets/fonts/markpro-bold/507b76aa0351c57ece90f02239b62ba3.woff

104.84.152.187

200 OK

68 kB

URL HTTP/2
webmail.optusnet.com.au/css/assets/fonts/markpro-bold/507b76aa0351c57ece90f02239b62ba3.woff
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format, CFF, length 67824, version 7.504\012- data
Size
68 kB (67824 bytes)
Hash
507b76aa0351c57ece90f02239b62ba3
ed8f2b819f5e89eba31a38f405860c83a2578596
06e6ac46fef95be90de802cbf8f07aefa9d2c9416ea8e32bccef5d526bb96e5f

HTTP Headers

GET /css/assets/fonts/markpro-bold/507b76aa0351c57ece90f02239b62ba3.woff HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
last-modified: Wed, 25 Nov 2020 03:44:01 GMT
etag: "3e07cf-108f0-5b4e63cea0240"
accept-ranges: bytes
content-length: 67824
content-type: text/plain; charset=UTF-8
expires: Thu, 20 Oct 2022 23:07:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:51 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: ak_bmsc=854341867F841A832EEFF53FBB53D2F8~000000000000000000000000000000~YAAQt5hUaDe+6++DAQAAAiun9xHRUHk3+SCK07xR8fhmd9kA9qFBGtkdLp88QQMROzTO+ud35XjYTpm0tCVRKNAWqyzrpdcP0mtrk5xxw0lnylXDtwDFIUA0tu4GlmG+6mWrWe2J0GyXp2X/OeASfot84NXOh0u/TfbwyE5ijfiNXNjqbb/vRBPshQCuOjxzcWM03K5XkTlm9CPiAowLcPOxXRGe6sP6kTV7foF+7o9KHU8MLKmTCH+pXt5c12XNLhDShNa6tiUKTSxPlY4/odM8nnMqoX7uUlddJ1VfGVdGbDaXyajdNx/CEkFFh760BVpNL1IY3vl6I0QlF0uAbf5Do6P0ZFeUA7/Fduw+z6/WmXMJUqptD6/EZ8d1i0Ex/IR5UoqEbw8kNxUwCO4=; Domain=.optusnet.com.au; Path=/; Expires=Fri, 21 Oct 2022 01:07:51 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2

webmail.optusnet.com.au/fonts/TradeGothicLTPro-Bold.woff

104.84.152.187

200 OK

24 kB

URL HTTP/2
webmail.optusnet.com.au/fonts/TradeGothicLTPro-Bold.woff
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format, CFF, length 24100, version 2.0\012- data
Size
24 kB (24100 bytes)
Hash
8f94edabe8c022fd046b4cac75b9e7d4
210d10865330002b4f80ef523bf6dd24db853e39
abdf7b15897f5c4cc2df8a0ec80bb7af8afba3f018eccd88bb6eaed68e8c1e42

HTTP Headers

GET /fonts/TradeGothicLTPro-Bold.woff HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
last-modified: Mon, 07 Sep 2020 14:46:42 GMT
etag: "38075a-5e24-5aeba49709ecb"
accept-ranges: bytes
content-length: 24100
content-type: text/plain; charset=UTF-8
expires: Thu, 20 Oct 2022 23:07:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:51 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: ak_bmsc=6AB346AE985E2A5C0414EA5694007418~000000000000000000000000000000~YAAQt5hUaDi+6++DAQAADCun9xHVI+MRgjB9vHCp5OBJVe9/S0gYykSROKLFb1EvIjcAzLM4lhO/zaG/2fu42CxEvtaKTkpWsCFmEdHam6ieL2MARs5r40lWaxN3v1fCenKag2FWpYRMSL+VvpPTcMkHHTS3EzkBUpqD1jK5EX0eEKIWskWOLt0ScDIqVBQIDkG5MvRdtT/b+8vNKkIAU9qKSGb6b1yc4UliRtgqDZOajx4prHOvMsLwx7O8+9uzyi/7R9CBT6F3yq41gS4Vwg041hW+6CGqMvecU2F3Mq0jMnXb49nn3vfSE8+P5SkAePCsAQZfp1zhWB4Zxkrv9jIQM6d/9ze/5CkFaU653IwxMv65ZWW6Q9thCQNOBRyy++9O1FbyOWL30OkphTs=; Domain=.optusnet.com.au; Path=/; Expires=Fri, 21 Oct 2022 01:07:51 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2

webmail.optusnet.com.au/css/assets/fonts/markpro/ee10f7196c1b125a3b8222341465bf5e.woff

104.84.152.187

200 OK

67 kB

URL HTTP/2
webmail.optusnet.com.au/css/assets/fonts/markpro/ee10f7196c1b125a3b8222341465bf5e.woff
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format, CFF, length 66552, version 7.504\012- data
Size
67 kB (66552 bytes)
Hash
ee10f7196c1b125a3b8222341465bf5e
58a1d6aeb83e74b3a9e0eda8ad4daf3f1f1f387f
7b1443ccd9f5702ad832d5f8f58cd7955da80b6be466208e37900863097dbb12

HTTP Headers

GET /css/assets/fonts/markpro/ee10f7196c1b125a3b8222341465bf5e.woff HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
last-modified: Wed, 25 Nov 2020 03:44:01 GMT
etag: "3e07ce-103f8-5b4e63cea0240"
accept-ranges: bytes
content-length: 66552
content-type: text/plain; charset=UTF-8
expires: Thu, 20 Oct 2022 23:07:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:51 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: ak_bmsc=8D6BA49CF01A312B176572EA541B8960~000000000000000000000000000000~YAAQt5hUaDm+6++DAQAAFCun9xHjvmAHvgqMO+C9l9jEwYneINRHr8ekwS41ACZPman14kaPKLVYewEWP7AQte0Usz4hj/lYbnDN5UB9L0pmnaHXVuW5NiCHg0LKBRWoHBqgZkhp5bdEM9uy0YEOAoaQGqjqa0Ij6Ea3fpvo7o1aBzQTSu3Wk6XnOa/3A7t+y4RmowOr7IPGevP0mJGZxcLVShJBWlt8V3Gte4yLrw+LSSFQ63vtos761+KC6gmVpr5khaLyxA6LLuhX+U/EI7/k/3W/0zKymzSki70P2QxRb8bnJR/dZ0LEawF1U52p+jLQ2ReQuLCK1+Mp8qzrDgpiIaAteBnALzEpbvm75uO/aW3f+D+2TtVT1zqWLLN5afQXuRdv/X6YYAn1IPA=; Domain=.optusnet.com.au; Path=/; Expires=Fri, 21 Oct 2022 01:07:51 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2

ecocalor.michelettigroup.it/wp-admin/install.php

80.252.226.191

200 OK

2.9 kB

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-admin/install.php
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Size
2.9 kB (2916 bytes)
Hash
c54b295aea8a4de4833705c1cba3760b
8b5e26f95e933cd4be75621a8ca8745a6f733863
c7ffd30b9d1d5649167bc8ad857bf076de23a46f5649c0a065baffdf863d5072

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:51 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2916
Keep-Alive: timeout=10, max=9993
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

ecocalor.michelettigroup.it/fonts/optus-icons.woff

80.252.226.191

302 Found

0 B

URL HTTP/1.1
ecocalor.michelettigroup.it/fonts/optus-icons.woff
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fonts/optus-icons.woff HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:51 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=9996
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

webmail.optusnet.com.au/fonts/TradeGothicLTPro-Bold.ttf

104.84.152.187

200 OK

22 kB

URL HTTP/2
webmail.optusnet.com.au/fonts/TradeGothicLTPro-Bold.ttf
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
TrueType Font data, 15 tables, 1st "FFTM", 34 names, Macintosh\012- data
Size
22 kB (22200 bytes)
Hash
cfdb5ba9409879d9074dd348b0c55f92
700119f9abe7625a466d39a2f0607d22ce12f84c
da7610cafac818ab5f205486522bda0fa045e8ba770287b38ec074777f219631

HTTP Headers

GET /fonts/TradeGothicLTPro-Bold.ttf HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
last-modified: Mon, 07 Sep 2020 14:46:42 GMT
etag: "380758-b908-5aeba49709ecb"
accept-ranges: bytes
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 20 Oct 2022 23:07:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:51 GMT
content-length: 22200
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: ak_bmsc=3A7DC045B8803CC1A9B00DC6C5E6AB17~000000000000000000000000000000~YAAQt5hUaD2+6++DAQAAdyun9xEIzYnv7pdEBCHiHPTfm+e3EJkywAMcFCSNSX7l8HpwqxabjtCBZINNJIqaujCGXqrZpZuN9qe728A+mmF7reJhK/RXXQ/gSpJhcHzmR64p4WUJfgjkIQrQdUk/pcVMHIXBTAMvHvaijgdVG47z9sa6Y/mgHXAVVrzMEeJT6+j9lkyy21FNu1GBPS6ke8/717ijcASHRbHs/CxH356/BmWw1fWlZq1WPS7B7e3cT9s9sUijrvVlUH9Ib1JHg46snfGODIru/v8BINGanZdMjEeSgv5hDAY2r9HtcaY+fkfuhOHwtqNwjR8BP/c3dSgEwqSVhURl9V7YdM5w3XGFHEkpuL58iSeWMZyR+oF97GTQhMvbObDidJx9IqQ=; Domain=.optusnet.com.au; Path=/; Expires=Fri, 21 Oct 2022 01:07:51 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2

smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/optus-icons4.ttf

23.38.200.195

200 OK

24 kB

URL HTTP/2
smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/optus-icons4.ttf
IP
23.38.200.195:0
ASN
#16625 AKAMAI-AS

File type
TrueType Font data, 11 tables, 1st "GSUB", 16 names, Macintosh, type 1 string, optus-iconsRegularoptus-iconsoptus-iconsVersion 1.0optus-iconsGenerated by svg2ttf from Fontello\012- data
Size
24 kB (24359 bytes)
Hash
3ad802f9f1d8233b0f22d017fd0ea0a7
a9bd66bc31fee3718f9279846c16dd937a018409
a6eb28bea76265b388497a8a156cbd15e192cae11ff026a77e21e8330e67e5a1

HTTP Headers

GET /opfiles/Shop/Consumer/Assets/AllFonts/optus-icons4.ttf HTTP/1.1
Host: smb.optus.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://smb.optus.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=31536000
last-modified: Thu, 23 Mar 2017 05:17:39 GMT
etag: "18301a-9e0c-54b5efee542c0"
accept-ranges: bytes
content-encoding: gzip
content-length: 24359
content-type: text/plain; charset=ISO-8859-1
cache-control: max-age=28757
expires: Fri, 21 Oct 2022 07:07:08 GMT
date: Thu, 20 Oct 2022 23:07:51 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2

ecocalor.michelettigroup.it/fonts/TradeGothicLTPro.ttf

80.252.226.191

302 Found

0 B

URL HTTP/1.1
ecocalor.michelettigroup.it/fonts/TradeGothicLTPro.ttf
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fonts/TradeGothicLTPro.ttf HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1; RT="z=1&dm=michelettigroup.it&si=z9arzyjvtkn&ss=l9hoc01n&sl=0&tt=0"
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:51 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=9995
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/lux-icon.f3b05436332f1b3b6e43b84b30eb59d6.woff

23.38.200.195

200 OK

24 kB

URL HTTP/2
smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/lux-icon.f3b05436332f1b3b6e43b84b30eb59d6.woff
IP
23.38.200.195:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 24040, version 1.0\012- data
Size
24 kB (24040 bytes)
Hash
f3b05436332f1b3b6e43b84b30eb59d6
cdeee7ddf5a41722ed3a06b57c30d0fb188bd024
fd79a7fea081166cdd9eeeba41272a4c9a34c335f29dddb752e136efb04612db

HTTP Headers

GET /opfiles/Shop/Consumer/Assets/AllFonts/lux-icon.f3b05436332f1b3b6e43b84b30eb59d6.woff HTTP/1.1
Host: smb.optus.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://smb.optus.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Mar 2017 22:55:27 GMT
etag: "18300a-5de8-54ae0f4fe75c0"
content-type: text/plain; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: max-age=4449318
expires: Sun, 11 Dec 2022 11:03:09 GMT
date: Thu, 20 Oct 2022 23:07:51 GMT
content-length: 24040
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2

ecocalor.michelettigroup.it/wp-admin/install.php

80.252.226.191

200 OK

2.9 kB

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-admin/install.php
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Size
2.9 kB (2923 bytes)
Hash
ec173c94b7dd732ecb7bc319b9951054
022543405f00bd435199dfa29f2bd33af006a7e4
e6802d8dde98e5878a30c9f9c1a487f39033622ff46cd95f838df2837d6a9e75

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1; RT="z=1&dm=michelettigroup.it&si=z9arzyjvtkn&ss=l9hoc01n&sl=0&tt=0"
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:51 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2923
Keep-Alive: timeout=10, max=9995
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

webmail.optusnet.com.au/css/assets/fonts/markpro-bold/b36bd0abdbc7fa03aa4a74b044f01b41.ttf

104.84.152.187

200 OK

66 kB

URL HTTP/2
webmail.optusnet.com.au/css/assets/fonts/markpro-bold/b36bd0abdbc7fa03aa4a74b044f01b41.ttf
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
TrueType Font data, 15 tables, 1st "FFTM", 30 names, Macintosh\012- data
Size
66 kB (66337 bytes)
Hash
0612e65313c05c690a2c75acd8b8a8a7
b4237c92117860d8782a06e55eb59612a514448e
c447635573c6e9562add915ebd964e98f042d421662893be857eff91c45963fd

HTTP Headers

GET /css/assets/fonts/markpro-bold/b36bd0abdbc7fa03aa4a74b044f01b41.ttf HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
last-modified: Wed, 25 Nov 2020 03:44:01 GMT
etag: "3e07d2-24aa8-5b4e63cea0240"
accept-ranges: bytes
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 20 Oct 2022 23:07:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:51 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: ak_bmsc=1CBF93416E1DE2773E3BA624DF5B84F7~000000000000000000000000000000~YAAQt5hUaEC+6++DAQAAeCun9xFiTpBq85TsruBInonYptcx2A95FJ/vRXcm1iqrog5U4i48Uejloh4G7gSQ9cHCR4JDCGKrNgS+32+CL7WxkiIEPnDlnAhfCOhv7UvJewGL6G15zLmbGZCFQfoIAc6SnDCvMaZj4B42mqwtGStO+rxuTzzPxIdkehoPxaaRo9RwR2kZUzE6jCYDjD+AbrwIQDvIawfYverzqe5rExtvyNHiFvfL2ZNasJam34G17lLRpQC3WiRIevLAqD8oNF0vvE/Qg+K9aihyLJFu3hvHvbF2Au4JzxXQHuNpMWF/Y6Bj2E3ke5VJW12x92N8cKAgnl4KIu4up72sXfIasYklWINQNaAHHfa6mSBXbN54RQqGNXCp0Xh1rX+p4X0=; Domain=.optusnet.com.au; Path=/; Expires=Fri, 21 Oct 2022 01:07:51 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2

c.go-mpulse.net/api/config.json?key=PC6VM-4FQA5-8HDKN-MYG9N-T5BRS&d=ecocalor.michelettigroup.it&t=5554358&v=1.632.0&if=&sl=0&si=z9arzyjvtkn-rk2qxf&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=647240

23.38.200.138

200 OK

51 B

URL HTTP/1.1
c.go-mpulse.net/api/config.json?key=PC6VM-4FQA5-8HDKN-MYG9N-T5BRS&d=ecocalor.michelettigroup.it&t=5554358&v=1.632.0&if=&sl=0&si=z9arzyjvtkn-rk2qxf&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=647240
IP
23.38.200.138:0
ASN
#16625 AKAMAI-AS

File type
JSON data\012- , ASCII text
Size
51 B (51 bytes)
Hash
0c31809e4fd33a86721fb9b52fc97cb6
2c65ea77e432a8df5d43cf74564139a1830943c9
e5d7255215c2de4586458722f3bf16f0d4f2be286be48d45b2fdff258d434407

HTTP Headers

GET /api/config.json?key=PC6VM-4FQA5-8HDKN-MYG9N-T5BRS&d=ecocalor.michelettigroup.it&t=5554358&v=1.632.0&if=&sl=0&si=z9arzyjvtkn-rk2qxf&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=647240 HTTP/1.1
Host: c.go-mpulse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Timing-Allow-Origin: *
Content-Length: 51
Date: Thu, 20 Oct 2022 23:07:51 GMT
Connection: keep-alive
Content-Type: application/json

ecocalor.michelettigroup.it/wp-admin/install.php

80.252.226.191

200 OK

2.9 kB

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-admin/install.php
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Size
2.9 kB (2919 bytes)
Hash
e9a4b174df4b26e01b10d160925e005b
23dd9cc616d8a2b7a5275cf12c3dbe4ceb64e134
2dc77e4c0e883d9cd10dae2f1b50b84c9310faa6e562220f189a6a066035a4b8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1; RT="z=1&dm=michelettigroup.it&si=z9arzyjvtkn&ss=l9hoc01n&sl=0&tt=0"
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:51 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2919
Keep-Alive: timeout=10, max=9994
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

webmail.optusnet.com.au/fonts/TradeGothicLTPro.woff

104.84.152.187

200 OK

24 kB

URL HTTP/2
webmail.optusnet.com.au/fonts/TradeGothicLTPro.woff
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format, CFF, length 24000, version 2.0\012- data
Size
24 kB (24000 bytes)
Hash
a82ff9bc3d36880ef95c322c31465b76
b362b3bdbddffc032b271be74a596562b36fb4e6
0e295e739425866834aa396daa3334bc878c6f72da205fe317ecc3ff749d9f0e

HTTP Headers

GET /fonts/TradeGothicLTPro.woff HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
last-modified: Mon, 07 Sep 2020 14:46:42 GMT
etag: "38075d-5dc0-5aeba4970a2b3"
accept-ranges: bytes
content-length: 24000
content-type: text/plain; charset=UTF-8
expires: Thu, 20 Oct 2022 23:07:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:51 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: ak_bmsc=A1895EDD26EEA81AFF2BAC537464183A~000000000000000000000000000000~YAAQt5hUaEa+6++DAQAAGC2n9xGncb4q9qhpnoslIonpEOwES4zO0QVm2Y7uujTzpghC9Rhxf1+S3rhsjeEexGMcTXuq4Z9N5IpPjuTMct1MHOZ438fwKtXCangfKlKw7PWstxslRjuX1wCGQS2wTWREjXSdIzDXTOZXpVfvryQT5YIXDFBsEpM6Kyhp4Hbn33GUlJi2534uQ8FFV6MLAOh1SSwregVUsoEUwINSDyZTeqb32y82ZGsg5krOvV89XZ3Gc7LfGcKMDGUJIzf1QBRvewCicrwX0qSyVKWpWolGjzBf9gTBHH8G+JC/jYab4IfkFZ6rQvorjxbKu6QP4L2iftRoB2+AXOkdV2gxyHMsAOwKARHysThu1qS5StGulHVzZMzafwdqxfJJd28=; Domain=.optusnet.com.au; Path=/; Expires=Fri, 21 Oct 2022 01:07:51 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2

smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/MarkPro.woff

23.38.200.195

200 OK

89 kB

URL HTTP/2
smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/MarkPro.woff
IP
23.38.200.195:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, CFF, length 66548, version 7.504\012- data
Size
89 kB (89206 bytes)
Hash
42b95416cc7461159de6d4b82879d5b9
95f13168524a16ddd107dccf682b433debe4ac92
7f9a444b94772328d76ff762787e95b4ad12582fd5f4e690796ddf3d94790031

HTTP Headers

GET /opfiles/Shop/Consumer/Assets/AllFonts/MarkPro.woff HTTP/1.1
Host: smb.optus.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://smb.optus.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 01 Apr 2016 05:01:15 GMT
etag: "a00cb9-103f4-52f6544bd1cc0"
content-type: text/plain; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: max-age=14797571
expires: Mon, 10 Apr 2023 05:34:02 GMT
date: Thu, 20 Oct 2022 23:07:51 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2

ecocalor.michelettigroup.it/akam/13/pixel_18ae682f

80.252.226.191

302 Found

0 B

URL HTTP/1.1
ecocalor.michelettigroup.it/akam/13/pixel_18ae682f
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /akam/13/pixel_18ae682f HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2670
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1; RT="z=1&dm=michelettigroup.it&si=z9arzyjvtkn&ss=l9hoc01n&sl=0&tt=0"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 23:07:51 GMT
Server: Apache
Vary: Host
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ecocalor.michelettigroup.it/wp-admin/install.php
Content-Length: 0
Keep-Alive: timeout=10, max=9993
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/markpro-medium.woff

23.38.200.195

200 OK

125 kB

URL HTTP/2
smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/markpro-medium.woff
IP
23.38.200.195:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, CFF, length 63644, version 7.504\012- data
Size
125 kB (125344 bytes)
Hash
ecb4204ec0c85cc6f28b7c4212a9ec3d
1220344ed454dfcbd1aea96563fda7dfc2a26e40
cfd8077706219799a7b8d457be4691de0492b56f682705b0c4657444e44e7c39

HTTP Headers

GET /opfiles/Shop/Consumer/Assets/AllFonts/markpro-medium.woff HTTP/1.1
Host: smb.optus.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://smb.optus.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 06 May 2016 02:33:43 GMT
etag: "a00cd1-f89c-5322349906fc0"
content-type: text/plain; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: max-age=4028131
expires: Tue, 06 Dec 2022 14:03:22 GMT
date: Thu, 20 Oct 2022 23:07:51 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2

webmail.optusnet.com.au/css/assets/fonts/markpro/19a3ebc699884aecee079593432d97c3.ttf

104.84.152.187

200 OK

71 kB

URL HTTP/2
webmail.optusnet.com.au/css/assets/fonts/markpro/19a3ebc699884aecee079593432d97c3.ttf
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
data
Size
71 kB (70595 bytes)
Hash
16a0f17f4cee84808ca8b670815767e2
d1d4b232eb94297ee019d66c914debf1a80c7122
13fadf5f8c0932e64bdd360fdf7223344223fd7509a513f5b46c24d3406acda1

HTTP Headers

GET /css/assets/fonts/markpro/19a3ebc699884aecee079593432d97c3.ttf HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
last-modified: Wed, 25 Nov 2020 03:43:59 GMT
etag: "3e07ca-24718-5b4e63ccb7dc0"
accept-ranges: bytes
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 20 Oct 2022 23:07:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:51 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: ak_bmsc=8D7D9F32BDBE04F0FD8758B3F44631AD~000000000000000000000000000000~YAAQt5hUaEG+6++DAQAAeyun9xGhZ14sDPFDIAJBAW9+qFGIAxI5zFdmuU7oRdaT92lMn9QkmjxBDg6qb9Bpp2qBFSpm8rh28NfiF6TCK2kQOwX8QIRpI3j8m0rHjGNYBlfHZtThIF8VL/UOK4iK4xptpPcPG4aamfZfH1Ys18QP24kSjoBEvkaR+S5d41NNhc6d7vzSkn2ndb3rqr5ngI8ZOaxE4RN8Tpc72xdL0WJ+Jq+kJaOorcfsEP4kBLQSHBw6EW9K0X2TJnkv+9ZCEVsaFZT39wPzyMQ2zVPy/a55HXq4ixy2kuQ7Qjt/e9T7J42OV2v9iXF3NBfaWmx9yt7zyoc2zcBfMphsg326Ek54V9snkFcGXkjS5Hn3/Spv99iyu/DPZWoS8KLMvms=; Domain=.optusnet.com.au; Path=/; Expires=Fri, 21 Oct 2022 01:07:51 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2

ecocalor.michelettigroup.it/wp-admin/install.php

80.252.226.191

200 OK

2.9 kB

URL HTTP/1.1
ecocalor.michelettigroup.it/wp-admin/install.php
IP
80.252.226.191:0
ASN
#21454 Easynet S.P.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Size
2.9 kB (2916 bytes)
Hash
4af6ffa3042984e1276e00e004dca30c
feb72d7280ae54cf9481c2723f4dc41740fe591f
44d4608dce462c8b42411af2a27e4f711f33d128a6f1faaa0b1b7a13c5c98b43

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/install.php HTTP/1.1
Host: ecocalor.michelettigroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ecocalor.michelettigroup.it/wp-includes/fonts/opt/
Connection: keep-alive
Cookie: _ga=GA1.2.71832969.1666307282; _gid=GA1.2.919567179.1666307282; _gat_optus=1; RT="z=1&dm=michelettigroup.it&si=z9arzyjvtkn&ss=l9hoc01n&sl=0&tt=0"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 23:07:52 GMT
Server: Apache
Vary: Host,Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Content-Length: 2916
Keep-Alive: timeout=10, max=9992
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9f4b1d3c4fdfbd28fa4afc92115bd9f9
365125fe68f668bae6f3c13ef21d92bb00783ebe
92ea3ab34acb6f2464ef06496365dd1a54767519d3429346849898739bf05bb5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 23:07:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f0b55633a85caa84bbab66d84cfeaefd
f26db3965219030d152064bc0893b6e2bfcb4957
6f74b2dc627a54e47e4f1ac97fae03d25e5557d2b7e6efd4856e929788e9f956

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 23:07:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22088848-3&cid=71832969.1666307282&jid=473857071&_u=aGBACEAAFAAAAC~&z=1189367336

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22088848-3&cid=71832969.1666307282&jid=473857071&_u=aGBACEAAFAAAAC~&z=1189367336
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22088848-3&cid=71832969.1666307282&jid=473857071&_u=aGBACEAAFAAAAC~&z=1189367336 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 23:07:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22088848-3&cid=71832969.1666307282&jid=473857071&_u=aGBACEAAFAAAAC~&z=1189367336

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22088848-3&cid=71832969.1666307282&jid=473857071&_u=aGBACEAAFAAAAC~&z=1189367336
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22088848-3&cid=71832969.1666307282&jid=473857071&_u=aGBACEAAFAAAAC~&z=1189367336 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecocalor.michelettigroup.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 23:07:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f0b55633a85caa84bbab66d84cfeaefd
f26db3965219030d152064bc0893b6e2bfcb4957
6f74b2dc627a54e47e4f1ac97fae03d25e5557d2b7e6efd4856e929788e9f956

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 23:07:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/markpro-heavy.woff

23.38.200.195

200 OK

138 kB

URL HTTP/2
smb.optus.com.au/opfiles/Shop/Consumer/Assets/AllFonts/markpro-heavy.woff
IP
23.38.200.195:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, CFF, length 67808, version 7.504\012- data
Size
138 kB (137651 bytes)
Hash
10b53bc387545537691755c39b5221ef
08f55b7ecf0a58ee031fe15704d40415cf3982fa
309e9aea7fb3ae0211c35d44eedbd69e1b5dc233af7a028ac4b3297024201991

HTTP Headers

GET /opfiles/Shop/Consumer/Assets/AllFonts/markpro-heavy.woff HTTP/1.1
Host: smb.optus.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://smb.optus.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 06 May 2016 02:16:33 GMT
etag: "181e89-108e0-532230c2be240"
content-type: text/plain; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: max-age=4477114
expires: Sun, 11 Dec 2022 18:46:25 GMT
date: Thu, 20 Oct 2022 23:07:51 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8538
Expires: Fri, 21 Oct 2022 01:30:10 GMT
Date: Thu, 20 Oct 2022 23:07:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8538
Expires: Fri, 21 Oct 2022 01:30:10 GMT
Date: Thu, 20 Oct 2022 23:07:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8538
Expires: Fri, 21 Oct 2022 01:30:10 GMT
Date: Thu, 20 Oct 2022 23:07:52 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0f39369-b0de-4f1a-a265-fb5b78bd72bb.jpeg

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0f39369-b0de-4f1a-a265-fb5b78bd72bb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8859 bytes)
Hash
9092a9add4d42e5bd0fd11c1459b5c69
4055fbef2d5d4e27a1d88ee293552f7742914390
b07359415e41671b4eb74c0d253d36f99bd2b40f6223bf4915bb11d2086af571

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0f39369-b0de-4f1a-a265-fb5b78bd72bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8859
x-amzn-requestid: 8ecd9a22-fe28-487d-b01a-a818eb874d6d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsQ9Es8oAMFiVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0d2-6cd9f84f1fe795e5758d2527;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:42:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fdnNzqN_Gw5Ysi3SdxOkqc2GfZwR3ORbXsjy64hkcxXhSWx8MpHaOw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:50:24 GMT
age: 4648
etag: "4055fbef2d5d4e27a1d88ee293552f7742914390"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0e33502-97b5-4327-985f-813c8107dbb8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4786 bytes)
Hash
b772335d96ac97ec5b28623955fb026d
7a19bf011359ad768b05dd79cec66787d2dc59fd
c13e7384880ec6fe431f3627eb61529c7fdb934cf0b021b4586ff2dc1c2e1244

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0e33502-97b5-4327-985f-813c8107dbb8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4786
x-amzn-requestid: 263fe384-2385-48c4-b250-1708a3cdd710
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKKFOYoAMF92Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-46dfbb85286685373b0b5e77;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xdusXhbeR0jyonK4NDRdcAGEDLLLJ5rL1X3u4seqIpfGaw4yIN5LEg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:50:08 GMT
age: 4664
etag: "7a19bf011359ad768b05dd79cec66787d2dc59fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.3 kB (2305 bytes)
Hash
76fdbaaa2ef28349492bdf0e44fa1208
6769eeb6762a3dd7dacf6a054fedf043acb463df
8c8b2db96e764f97aa91bd800b2a6f7bf6c9d96a9dd67f919f27b53074e339e2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2305
x-amzn-requestid: d44cceea-ab77-400f-a7a6-ed80b9873106
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aE95TG2YoAMFiiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b76a1-57ed4d9437044cc1665e535b;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 03:12:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AsSDzjeB5RvDY9ZCxMe-b1bTQiQI6r2yB-PPBo9Qap4hWMINj4wmSA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 10:13:37 GMT
age: 46455
etag: "6769eeb6762a3dd7dacf6a054fedf043acb463df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97a147f-f3d0-45e2-ab3e-cd90d0626589.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6551 bytes)
Hash
1c6ab9a31e082a0c0eaab2a0f526495a
c30e9954dcef66d4f14ac8618ebf2a1da0b3e12a
ca3a602c8af7b3e87957e54910663ea2bb72d008e14719af0f9fd7bd1a949f3e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97a147f-f3d0-45e2-ab3e-cd90d0626589.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6551
x-amzn-requestid: 4deffe4d-e687-436e-938c-f8128bb84376
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zql_MG5QoAMFahg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6340e9fa-66d4e2210fda5a80155f2466;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 03:09:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V5ilfg4GVL-HvWbuZrvFkZynDNCZDiBVNTDWjLdr2ZCLjH04NW3yqw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 07:30:12 GMT
age: 56260
etag: "c30e9954dcef66d4f14ac8618ebf2a1da0b3e12a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcd75a30-b86f-487c-9bd7-4cc33f5ffaa6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11799 bytes)
Hash
92376b39b83dbbd4e18725ffe338a348
9a9fa707f507d0c9db15f422b29e1ea4baff5aff
5dca893e682d31f6ebbd01f2f587bb5374c0ccc23d81a99ccae38c02db86c166

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcd75a30-b86f-487c-9bd7-4cc33f5ffaa6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11799
x-amzn-requestid: 99c0ee76-b0c5-47fb-bb88-8f2041c14013
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUr-UF2mIAMFh4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c05b-386fb3157e4b63af7899705b;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:40:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lhRt-nFYnea2frKiWBGu6akrGHom67TzZU488Otjk40lEFMWpuaNWA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:49:07 GMT
age: 4725
etag: "9a9fa707f507d0c9db15f422b29e1ea4baff5aff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cf1b5d7-d878-479d-b3d9-7686ee0227ab.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5748 bytes)
Hash
ef2bbeb80f3b5ed8230377024febf22a
542d0ec1eb9ed3805327a415606dfdaebc760650
b05e48b03380a0f57cafd7e78682cdf78b087de20a8af3f9e83b286c3df27e19

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cf1b5d7-d878-479d-b3d9-7686ee0227ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5748
x-amzn-requestid: 43155cec-36ed-461c-80d8-4dd55a74f622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKLHLgoAMFrpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-5dc550c8214d049c6319189f;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hEjyTWJG-5hG2_dT0-lhuJ6LH846ls6-wLEXM-tfnXZQfmgP8ERdbw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:50:08 GMT
etag: "542d0ec1eb9ed3805327a415606dfdaebc760650"
content-type: image/jpeg
age: 4664
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

webmail.optusnet.com.au/css/assets/fonts/optus-icons/3b871fdce18529649ee34f0a03b9c4a7.woff

104.84.152.187

200 OK

0 B

URL HTTP/2
webmail.optusnet.com.au/css/assets/fonts/optus-icons/3b871fdce18529649ee34f0a03b9c4a7.woff
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/assets/fonts/optus-icons/3b871fdce18529649ee34f0a03b9c4a7.woff HTTP/1.1
Host: webmail.optusnet.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ecocalor.michelettigroup.it
Connection: keep-alive
Referer: https://webmail.optusnet.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
last-modified: Wed, 25 Nov 2020 03:44:02 GMT
etag: "3e07de-20284-5b4e63cf94480"
accept-ranges: bytes
content-length: 131716
content-type: text/plain; charset=UTF-8
expires: Thu, 20 Oct 2022 23:07:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 23:07:51 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: ak_bmsc=E7330D4B2640AEF690C54D70BCC94837~000000000000000000000000000000~YAAQt5hUaDu+6++DAQAAXyun9xEiylWlUoLODZ/XD7Re03QtsqyXveBC03xc2iuOyqh2lvsFU4qCU9vadjLBQUGMIwJvs+QAWVSrjVY4WTdJ52X8dMcAObAMnh/g2JGYKA6sI/Tn2JcTWY1t5vgWJqmXi6sVB8LxNPIOoVWWddLGsPJGMO+3UIw82yy+lmd/lKRi3PanS+eRB9hGAUWN2KhSIaPAL2hv5ovdTnvQBxqVNCWWY+AlLjSV4TdGSHlp9k5meD8qmOHUElHpbSpIWNZh4BMTnYLrlvNkeJLFnwxGxWIoYiAeTubMYvO19/QG5tNJnxPxiUJCtb0xcaJ54d8Ogd/Ori8n17YziAjrpnYCDSnG1wXbyrvX3JkOKjzwmSD68v1qwNTaPXnzdeA=; Domain=.optusnet.com.au; Path=/; Expires=Fri, 21 Oct 2022 01:07:51 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations