r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14104
Expires: Wed, 25 Jan 2023 11:47:09 GMT
Date: Wed, 25 Jan 2023 07:52:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0be6cec5607bb65c06dbadd33456aec1
9d13129e936eb5fc82e403931884cdc8c6e6ab92
cb028034340b709ece65e45e8fc1a26a64dd85926beaa542f308d3f1d5ee2c84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB028034340B709ECE65E45E8FC1A26A64DD85926BEAA542F308D3F1D5EE2C84"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6724
Expires: Wed, 25 Jan 2023 09:44:09 GMT
Date: Wed, 25 Jan 2023 07:52:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 07:42:47 GMT
content-type: application/json
age: 558
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6cd4f1da1215c7473500807c185f2449
b14db0c67cf1f5faf85648ed8f94baf2dd03808b
9750518efd869da5ff74ba65a196445bd4340c909157cc1a420f62c1d07224a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9750518EFD869DA5FF74BA65A196445BD4340C909157CC1A420F62C1D07224A0"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2450
Expires: Wed, 25 Jan 2023 08:32:56 GMT
Date: Wed, 25 Jan 2023 07:52:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EBmnRIz0dQnMOPS3aJxEmUC5c7XvWcQZpeVwfAZcve8RxTgRbokkMY8VEcIGXtvS3WJCTUtvt3w=
x-amz-request-id: 40612G9YSM2T7AMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 07:19:35 GMT
age: 1951
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 07:52:06 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 07:48:59 GMT
age: 187
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20307
Expires: Wed, 25 Jan 2023 13:30:33 GMT
Date: Wed, 25 Jan 2023 07:52:06 GMT
Connection: keep-alive
push.services.mozilla.com/
52.43.228.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.228.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: THOin5z+yWyaXQHoRSrMkQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hHWiFQkhBoTJidBIB/QA7SYWJyM=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10741
Expires: Wed, 25 Jan 2023 10:51:09 GMT
Date: Wed, 25 Jan 2023 07:52:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10741
Expires: Wed, 25 Jan 2023 10:51:09 GMT
Date: Wed, 25 Jan 2023 07:52:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10741
Expires: Wed, 25 Jan 2023 10:51:09 GMT
Date: Wed, 25 Jan 2023 07:52:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10741
Expires: Wed, 25 Jan 2023 10:51:09 GMT
Date: Wed, 25 Jan 2023 07:52:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c2ede8d-ac50-4d79-98d8-53ba683ea9fe.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c2ede8d-ac50-4d79-98d8-53ba683ea9fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03ba93e6c29fb268712e33228fa5ee38
2528a659d067ce39b31d5d8a0a9943e313a4caa6
2a3dfcbafd31bfc0cc653f9f43cfa98206334551b8ab76e9ab6d20338c8d6e1c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c2ede8d-ac50-4d79-98d8-53ba683ea9fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9864
x-amzn-requestid: dd368937-de20-4e2a-82e3-e82bc20a806c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4AtgGu3oAMFaoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c647ef-7efe789a5411c14a74ec327a;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:02:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MDBCOwO8k543vmWo7ROvYyqyzju9iJIyGZvMpzHv7VqIoats0p3Nxg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 10:10:42 GMT
age: 78086
etag: "2528a659d067ce39b31d5d8a0a9943e313a4caa6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13891ffe8a0cc240be63b7945e4b7688
958b50e9e7e5e02882d55612a5d6d2402e225390
1570d69731ba13051454a048ac85bde7c1de8e39dea0fd78e7e5c3f2be122cb6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9650
x-amzn-requestid: 3b968ee5-c941-4305-9f06-01e646deef15
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH88wEUmoAMFerw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca851-061f65177f36420a4685f372;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xfiiS5M5j8iYKMyopaVqwYV6KKB1VIWT_yQbEKZ9G1wuq2QUEyDBpA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 03:16:15 GMT
age: 16553
etag: "958b50e9e7e5e02882d55612a5d6d2402e225390"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd57136f3-3a32-4cb9-be6a-29e47e59a6f9.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd57136f3-3a32-4cb9-be6a-29e47e59a6f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24a73392615d623dc852bdab43c9f133
3a5ac9f9831aa4c735d335e7d24e9ccc5e1ee0d4
edc11bdc8b40a513dc62b32f7eff0ba1f80db27208bd80bd16235da3c369157b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd57136f3-3a32-4cb9-be6a-29e47e59a6f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5732
x-amzn-requestid: 779904e5-f2c8-4d10-a3bf-0ed43b9ca019
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e7ULOFf3oAMFfUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c79a47-22f5fe110d67b7d8215368d4;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: kYNlMFpl4zmNWdYW1WatxKIqjZw4lWONAX0uXKBi0mfwzND1kTeLOg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 13:55:37 GMT
age: 64591
etag: "3a5ac9f9831aa4c735d335e7d24e9ccc5e1ee0d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2972ed07-7fe0-4c0a-99f8-993c3f6e55c2.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2972ed07-7fe0-4c0a-99f8-993c3f6e55c2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a625c16030b935ba09ec63cb2d6e1525
1a1ebddb1ee9cf3c2445d29a85127134a0a5db01
ab6dd4aec486677bd68826e4f01dd36b005d46d521611dc271406a57a64ac615
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2972ed07-7fe0-4c0a-99f8-993c3f6e55c2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4831
x-amzn-requestid: 585cf8dd-27e2-4f57-964c-9f5c5975cd30
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKmd9Gh8oAMF25Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdb78c-474af4932439a7b75e55031b;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 22:24:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0eET1YmQZzrOOhm_z29dbcFRLkupqzuzv3EHSsVMHzu_yqxZfsqcog==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 10:50:42 GMT
age: 75686
etag: "1a1ebddb1ee9cf3c2445d29a85127134a0a5db01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cb7be12333fa7ea3353901b4b3215af
4b758cc432874384f330568177eef5a328d7e69a
d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: df7df0ae-d70e-4b80-9483-2ecd5c8ee4a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqvPEXMoAMF5Aw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57fa-04193e0514c1c1e85d9d023b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fznabMNG3n9Uo4L1jrrewtL_hJnQv8oR2qggeZtruvOLVzpUpcs7Tw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 03:28:51 GMT
age: 15797
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07f8fda5-486e-4c4b-82f2-d763219f4562.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07f8fda5-486e-4c4b-82f2-d763219f4562.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6fa8338e574e2b8272ad3ca7cd9d1d63
298cafecdcac99de25fe5c2c4c993487f73ced6b
f75c20ebc4c0db2df40d958337cd87768714bdf53a48609ad0f97b7129b0b100
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07f8fda5-486e-4c4b-82f2-d763219f4562.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6715
x-amzn-requestid: c808c9d9-bbbb-43ff-ab15-33074a760093
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4BO5En_oAMFTzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c648c5-67151eb46f5a10b0732fbd09;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:05:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0pvebF903zoRPgzBK2gxMlcYQTurylOzzCfOO07hYCG5aD7wX_fl9g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 19:26:10 GMT
age: 44758
etag: "298cafecdcac99de25fe5c2c4c993487f73ced6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pp2.it.45-142-122-112.cprapid.com/PP2/
45.142.122.112200 OK 30 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 0030f6836ce07235b484941a1bcd53b6
fbf13b6ec95c566ecbf01b3eb9e8df7e503e6b09
3c7a5bbd7079fd2a3eec33ea828a783d301c76ff5231fb368405adf35dc260b1
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
quad9 Sinkholed
GET /PP2/ HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:06 GMT
Server: Apache
Set-Cookie: COOKIE_KEY=167463312820; expires=Sat, 22-Jan-2033 07:52:08 GMT; Max-Age=315360000
COOKIE_KEY=167463312865; expires=Sat, 22-Jan-2033 07:52:08 GMT; Max-Age=315360000
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/base.css
45.142.122.112200 OK 416 B URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/base.css
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
Hash a00dda3f91b12b16ef9736f89c1d5042
0ad4a038ed350f7a4bbb738849f876eeced6c1d3
0da7a1b970b5c8e4c5f781761450c034462288a375d5c189f7e90027207f3524
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt/condivise/stili/trasversali/base.css HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 416
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/owl.carousel.css
45.142.122.112200 OK 4.6 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/owl.carousel.css
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
Hash b51416af9e8adbe3d16f5f2526aba221
097c8d67412f44534449ed4cadc6dd22b025801d
dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt/condivise/stili/trasversali/owl.carousel.css HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 4614
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
assets.adobedtm.com/launch-EN592261e36dc14b10a9936e854a4b30db.min.js
23.38.200.237200 OK 67 kB URL HTTP/2 assets.adobedtm.com/launch-EN592261e36dc14b10a9936e854a4b30db.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32762)
Hash 6718be2aa951f2087607e504ca009399
8079a6d0723ad4094601bfa9d43c008cbdd52c59
b43d95110f3ddde377cdcce689547ed9e1c75b41f7265dadfc5f6cde1ef20b68
GET /launch-EN592261e36dc14b10a9936e854a4b30db.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "a8748c1a3dc6086fb36b7406d543d2b5:1672761833.817218"
last-modified: Tue, 03 Jan 2023 16:03:53 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Wed, 25 Jan 2023 08:52:09 GMT
date: Wed, 25 Jan 2023 07:52:09 GMT
content-length: 66985
access-control-allow-origin: http://pp2.it.45-142-122-112.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2
waust.at/d.js
104.26.4.7200 OK 7.6 kB IP 104.26.4.7:0
File type ASCII text, with very long lines (14706), with no line terminators
Hash e23c073a2e43c9ae75c8f1663778db21
c04fe83eb4953920b1fe567f54e44e5ca5a15777
9c896e04f689d594d35c2d0319598ccbf9e618296bdd63e5d4063a7702d0230b
GET /d.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 12 Jan 2023 17:19:48 GMT
etag: W/"63c04134-3972"
expires: Thu, 26 Jan 2023 07:45:41 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
CF-Cache-Status: HIT
Age: 388
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lMMGRUpz5r4u1g%2F2j6deQhlRkKHwW3miLgwCO3uP%2F%2F%2F%2BvFWkowFQ6kM0QAGNSSaG71yrKXuNzBi5B5MSfEVM%2F430o6XvNRkmE%2F9lnKiO8XiflwiHjgd5Zj6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ef6d81ac80b51e-OSL
alt-svc: h2=":443"; ma=60
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/javascript/utilita.js
45.142.122.112200 OK 14 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/javascript/utilita.js
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type ASCII text, with very long lines (534)
Hash 15e270138da3a46ed6a82f192fa0cf5c
86f7a03b47e1d63a8b5aecdb15be546aa7ec057a
ca9c7a3760bf9bf10d8386938fdce15b4327a4158bd836a446c2d4af3aa2d88d
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/risorse_dt/condivise/javascript/utilita.js HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 13994
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/javascript/poste-it.js
45.142.122.112200 OK 5.6 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/javascript/poste-it.js
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type ASCII text, with very long lines (326)
Hash 11ed8d787ab28bb7faad321627cbf050
a82e0d6e34c4c166a1d0eb05907cbca2db830886
ee466faaa33a9e0c8786659f3a54c09fb056815dac6059867937a31797fa7929
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/risorse_dt/condivise/javascript/poste-it.js HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 5588
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/retina.css
45.142.122.112200 OK 115 B URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/retina.css
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
Hash ee5d2b27eb8a486f46909f007cd2c3bc
f1b58d02621607b7cbe1c775a5c04572fd2859ce
63ae9fac5779ea8db4b2bf9adebfb54f5651b105e4a935b3f4c42308e3ab8557
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt/condivise/stili/trasversali/retina.css HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 115
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.poste.it/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-small.png
13.107.237.53200 OK 5.0 kB URL HTTP/2 www.poste.it/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-small.png
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 110 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e9962a2babbe39b3725e2a13d7b233d
e67105271b1076016a630071a3a231e0084e96ed
ccb7ecb1eadb470600c66ed9548f5dd49cfbbbd67eb34f9d4437eeec55c69212
GET /risorse_dt/condivise/immagini/loghi/logo-poste-italiane-small.png HTTP/1.1
Host: www.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600,public
pragma: public
content-length: 4959
content-type: image/png
expires: Wed, 25 Jan 2023 08:52:09 GMT
last-modified: Wed, 21 Dec 2022 14:55:14 GMT
accept-ranges: bytes
etag: "63a31e52-135f"
x-cache: CONFIG_NOCACHE
x-azure-ref: 0qd/QYwAAAAB0BEaVmMoIQIgGZxoQV756Q1BIMzBFREdFMDQxMgBiZWE0YWQ2MS1kNWI2LTRmYmYtOWYyMC04NzJlNzI1N2U1NmE=
date: Wed, 25 Jan 2023 07:52:08 GMT
X-Firefox-Spdy: h2
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/javascript/jquery.min.js
45.142.122.112200 OK 97 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/javascript/jquery.min.js
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type ASCII text, with very long lines (32077)
Hash 4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/risorse_dt/condivise/javascript/jquery.min.js HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 97163
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/javascript/scroll-pi.js
45.142.122.112200 OK 7.5 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/javascript/scroll-pi.js
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
Hash 1019dc04b5f21a58f899ef6a5c0391d3
b39e7c8581a6b06a46911b64dbd1e81472971b62
e40c7597c5edee3bddede5398bfa7a3a25acd5e081138da68da133eb4ea8b822
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/risorse_dt/condivise/javascript/scroll-pi.js HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 7538
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/javascript/megamenu-pi.js
45.142.122.112200 OK 14 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/javascript/megamenu-pi.js
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
Hash 250bfa1bdb9cc3ed6b8a48a5f2281784
092938daea2f1352513f18a21e27d4a9860bc31f
c5d5b2ba0288caa7178d3999dd5478ab6c9d2f6528ee421fa0af724cb8c94035
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/risorse_dt/condivise/javascript/megamenu-pi.js HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 14476
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/megamenu-pi.css
45.142.122.112200 OK 26 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/megamenu-pi.css
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
Hash 91a45dd5d6409bb0a5db3104a2f6c543
933b6e5b6acac709ff1e36d52135bf819df48507
89c0e53575ae03072f5b2a9d587c1611bad7a22090382318c391756dcf6e812c
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt/condivise/stili/trasversali/megamenu-pi.css HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 26357
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.poste.it/bowser.js
13.107.237.53200 OK 17 kB IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 971b649748eb819a7f4c8cdc4805376c
f520540daa055e999dd6599e6e7e9f977899a8f6
61e2728bce5b153ccca7fd7ffe0a98a29dbfb0218300a39dd0cf0535635683f2
GET /bowser.js HTTP/1.1
Host: www.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600,public
pragma: public
content-length: 16647
content-type: application/javascript
expires: Wed, 25 Jan 2023 08:52:09 GMT
last-modified: Wed, 20 Oct 2021 13:58:32 GMT
accept-ranges: bytes
etag: "61702088-4107"
x-cache: CONFIG_NOCACHE
x-azure-ref: 0qd/QYwAAAABbioJ48W/AQaJSJ29UPUecQ1BIMzBFREdFMDQxMgBiZWE0YWQ2MS1kNWI2LTRmYmYtOWYyMC04NzJlNzI1N2U1NmE=
date: Wed, 25 Jan 2023 07:52:09 GMT
X-Firefox-Spdy: h2
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/bootstrap/css/bootstrap.min.css
45.142.122.112200 OK 122 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/bootstrap/css/bootstrap.min.css
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type ASCII text, with very long lines (64985)
Size 122 kB (122291 bytes)
Hash 6181a38a601eb664522623bae7db95c9
9671b5fc92e27a915769b59bc60bf26fde343d7e
8b922a249c9f81562d99eee24407bf38c7feac74a10dfe712292c0b032144dfa
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 122291
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/javascript/jquery.mobile.custom.min.js
45.142.122.112200 OK 7.8 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/javascript/jquery.mobile.custom.min.js
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type ASCII text, with very long lines (7687)
Hash 74ee4c679b03074b55a1da9bbbe29cf5
745701d8ab39733f989313a5747c54cf3248eb5b
5c2f6c5d5cd0fe0ecfa24b844f841c8a73d8baaafb827ec413afa41335aa1c47
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/risorse_dt/condivise/javascript/jquery.mobile.custom.min.js HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 7784
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/javascript/jquery.hc-sticky.min.js
45.142.122.112200 OK 8.9 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/javascript/jquery.hc-sticky.min.js
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type exported SGML document, ASCII text, with very long lines (8423)
Hash 0cef027039bf8251fa53f22336981780
02f550f2117d54683191a964e0b54f3c253bb1b3
ce237a2bc80dd06901d9d66d3d6fd1a634157389d2daeabb377caab879ce3a02
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/risorse_dt/condivise/javascript/jquery.hc-sticky.min.js HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 8885
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/javascript/slick.min.js
45.142.122.112200 OK 42 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/javascript/slick.min.js
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type ASCII text, with very long lines (32076)
Hash 14c2e83236ae603c42164f30103634c6
1b2bad348d7fb92022c2218882242ee6223b46b6
6fa18ab0db86897ea250d65eda6233b1533fdf7f94c9d44a6af2ee16af8242ab
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/risorse_dt/condivise/javascript/slick.min.js HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 41953
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/applicazioni/trasversali/javascript/custom-form-element.js
45.142.122.112200 OK 6.8 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/applicazioni/trasversali/javascript/custom-form-element.js
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type ASCII text, with very long lines (338)
Hash 0db4764d4e4e66899267d79703fe99ce
816c19ddfe3088858714d0ba55a646f5df09321a
aa3b054914a360287080d0bf7946f5fc59aab7ed99e2299ba2fc94c16f29f075
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/risorse_dt/applicazioni/trasversali/javascript/custom-form-element.js HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 6831
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/applicazioni/trasversali/javascript/utilita-app.js
45.142.122.112200 OK 3.0 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/applicazioni/trasversali/javascript/utilita-app.js
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
Hash 9aa07ea97efef38c156c5065ec6b040e
3d25ced0d2bbac415a0f583f54bc270b7b051a45
9bdd42402354335825af6f1b45bb83f645c16199d4bc7ee5f428efb3dbfef811
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/risorse_dt/applicazioni/trasversali/javascript/utilita-app.js HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 2983
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
pp2.it.45-142-122-112.cprapid.com/PP2/jod-fcc/posteID/x-jod-poste-id.js
45.142.122.112200 OK 3.8 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/jod-fcc/posteID/x-jod-poste-id.js
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type ASCII text, with CRLF line terminators
Hash fec7eb85618cb63c3fb5b3efee61d2b2
9c120ed394fa9ddf75062361fc00c073d3ace5aa
12359170db0ece19b214a4f15092e82199ca7b179bc8ef4ffa722918f4623b46
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/jod-fcc/posteID/x-jod-poste-id.js HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 3812
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
pp2.it.45-142-122-112.cprapid.com/PP2/jod-fcc/resources/portal/js-rsa-2/hashtable.js
45.142.122.112200 OK 14 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/jod-fcc/resources/portal/js-rsa-2/hashtable.js
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type ASCII text, with CRLF line terminators
Hash f47c9a2aad50eddc384597280522f86a
73500eb3a7b9c96d0b6f075bc7a742dfe014a2a1
138143108101149f64bcda5fe38cdd2f3f2139cc957b45949e71fac33ea94482
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/jod-fcc/resources/portal/js-rsa-2/hashtable.js HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 14081
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
pp2.it.45-142-122-112.cprapid.com/PP2/jod-fcc/resources/portal/js-rsa-2/pbase-css-poste.js
45.142.122.112200 OK 2.9 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/jod-fcc/resources/portal/js-rsa-2/pbase-css-poste.js
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type ASCII text, with very long lines (597), with CRLF line terminators
Hash 03aea05809bf32353408cb78cdf40f08
5bfe199b18c64b584d8bc98308c769c8e32b331a
9b8d058f857c6ca7f7d4c0ef2e800c6884d6a89bb52cb294774505d1d3c7283b
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/jod-fcc/resources/portal/js-rsa-2/pbase-css-poste.js HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 2915
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
pp2.it.45-142-122-112.cprapid.com/PP2/jod-fcc/resources/portal/js-rsa-2/rsa.js
45.142.122.112200 OK 39 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/jod-fcc/resources/portal/js-rsa-2/rsa.js
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type ASCII text, with very long lines (2059), with CRLF line terminators
Hash 5791e2f173300646df45d5698867dc27
b28280fcfccd6891e88d912834062ee18e9f7333
a8e90848cdc80b7134da128a50574ec9f913f947ce72a769d392177eb8647377
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/jod-fcc/resources/portal/js-rsa-2/rsa.js HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 39372
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/javascript/start-script.js
45.142.122.112200 OK 23 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/javascript/start-script.js
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type Unicode text, UTF-8 text, with very long lines (306)
Hash ed56f6a18269e8a0626db5de25f3f657
c850fa6c06893edb1926db33bf7d13971f6e2ad5
4d43fc9cc16f5907f1a85777ae1e40d4e520a10302c424c505325723b64ea160
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/risorse_dt/condivise/javascript/start-script.js HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 22866
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
pp2.it.45-142-122-112.cprapid.com/PP2/jod-fcc/resources/portal/js-polling/jdpolling.js
45.142.122.112404 Not Found 315 B URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/jod-fcc/resources/portal/js-polling/jdpolling.js
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/jod-fcc/resources/portal/js-polling/jdpolling.js HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 404 Not Found
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/bootstrap/js/bootstrap.js
45.142.122.112200 OK 69 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/bootstrap/js/bootstrap.js
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
Hash e3676b6eb90f0f6739c89d56a3efa245
83188f24cfbd8e33b69b23139202c0cf2f390063
31d80f65a2c078aa3ca5051504f29d8986df61f04bc998036527374eef1c286b
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/risorse_dt/bootstrap/js/bootstrap.js HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 69214
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/bootstrap/js/ie10-viewport-bug-workaround.js
45.142.122.112200 OK 694 B URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/bootstrap/js/ie10-viewport-bug-workaround.js
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
Hash b5a0dd7ce1f7c1c6b80b5abe13308dd2
6cc4835430ac4ba8845fd02efdb5688166a5ed8a
ce01c41255d7e61cc44e865184559085737a98cf6911ef67f915692152b88852
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/risorse_dt/bootstrap/js/ie10-viewport-bug-workaround.js HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 694
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/applicazioni/trasversali/stili/custom-form-element.css
45.142.122.112200 OK 18 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/applicazioni/trasversali/stili/custom-form-element.css
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type ASCII text, with very long lines (376)
Hash eb65c2ea5d0082591243aee8425d4eff
a5adf6ce96c015f865a93d54b930cdfd5c6c669a
2213c377877c722511173afad5794c4ca2fce629c79d26a4df200fc4ab3f06f3
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt/applicazioni/trasversali/stili/custom-form-element.css HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 18280
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/typography.css
45.142.122.112200 OK 5.1 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/typography.css
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type assembler source, ASCII text
Hash 9bc1f2ccabef97230a29e52bb7d71e2e
c2cc92960a2674ffa0c8d32b2133e596b3613630
2a96cd832563fdde56f4c71a663dd68bd9202eeed6a4c2c525e3275e4e68be06
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt/condivise/stili/trasversali/typography.css HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/base.css
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 5123
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/spaces.css
45.142.122.112200 OK 30 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/spaces.css
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
Hash a0339ef2039b90034b16e341e508b5e8
dab67a84e5a8228a6f9ed90f05b8a7b983912b3c
9fb634a5bbfbee4fc2503595fa18a98142ca8cf0bb29984d065edfeef0006bdd
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt/condivise/stili/trasversali/spaces.css HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/base.css
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 29954
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/fonts.css
45.142.122.112200 OK 4.5 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/fonts.css
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
Hash c26ff7c37210341d690599a8a2310737
3127758f8fcf89472099f6963b90464cbe3b01b9
f4e596fd7ef88f965cc4df8dd6895f65cbdb0d2f49e58bfc5c4832675318ddc0
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt/condivise/stili/trasversali/fonts.css HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/base.css
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 4511
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/alignment.css
45.142.122.112200 OK 2.7 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/alignment.css
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type assembler source, ASCII text
Hash 2b774691bee7183287e841ed3287c1c1
bb03284b1ee77d718adee2286f8ce20e42f0e9c6
8d4821ff1de6348bb012672849a8205eb9833edde9b1e417f2fa5365261c08bf
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt/condivise/stili/trasversali/alignment.css HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/base.css
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 2731
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/extra.css
45.142.122.112200 OK 5.0 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/extra.css
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
Hash 6845e4602367a2454bf3a8aa15d014a6
841e011124cb8f568f3c2d8bfcb3013ea6f042fd
dc4a581b65b22475fbb99580954525d488986dc35b37b19310d30a0598a32fde
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt/condivise/stili/trasversali/extra.css HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/base.css
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:09 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 4991
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/base-element.css
45.142.122.112200 OK 214 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/base-element.css
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
Size 214 kB (213450 bytes)
Hash f938de6880813c3c7b2a30b28a6c0da8
19d93950a34345d83dfc8096214d6082c2d6706a
1f615511776a12840fb4cccea90ef49bc3c6bc0d430932bd6f219e82e13c025b
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt/condivise/stili/trasversali/base-element.css HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/base.css
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:10 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 213450
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
23.38.200.237200 OK 12 kB URL HTTP/2 assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32717)
Hash 9edbefe8919a34cc9ec5343e49caf90d
9e8f2b92a35df8e01814e558d10248a928ea2504
c276e66ee697edfb8fbe70a13d6cb8498b21fb998d10d6faaf3999f34f5525cc
GET /extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 12384
expires: Wed, 25 Jan 2023 08:52:10 GMT
date: Wed, 25 Jan 2023 07:52:10 GMT
cache-control: no-cache
access-control-allow-origin: http://pp2.it.45-142-122-112.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
23.38.200.237200 OK 1.6 kB URL HTTP/2 assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (3138)
Hash dbb5211703cf7696d634360cc8874fa7
9231e7ebe8096b629c9ac522e41f8c2a8013db99
535a218392da01549f9fd640908f59c213e809c2db778c36094e3a84959106df
GET /extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1598
expires: Wed, 25 Jan 2023 08:52:10 GMT
date: Wed, 25 Jan 2023 07:52:10 GMT
cache-control: no-cache
access-control-allow-origin: http://pp2.it.45-142-122-112.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2
pp2.it.45-142-122-112.cprapid.com/PP2/.jod-fcc/qrr.png
45.142.122.112404 Not Found 315 B URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/.jod-fcc/qrr.png
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/.jod-fcc/qrr.png HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 404 Not Found
Date: Wed, 25 Jan 2023 07:52:10 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png
45.142.122.112404 Not Found 315 B URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 404 Not Found
Date: Wed, 25 Jan 2023 07:52:10 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt_ext/icone/ico-pp.png
45.142.122.112200 OK 3.0 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt_ext/icone/ico-pp.png
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type PNG image data, 45 x 44, 8-bit/color RGB, non-interlaced\012- data
Hash b58f05ef3e25628af63aca1f633afef2
ed29c9437597aed2c13291305a262d03684d8910
068347897472440f46e706b2d61c77ec861e2facb34b567e2e2c851ae1bc4dea
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt_ext/icone/ico-pp.png HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:10 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 2957
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt_ext/icone/empty-profile.png
45.142.122.112404 Not Found 315 B URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt_ext/icone/empty-profile.png
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt_ext/icone/empty-profile.png HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 404 Not Found
Date: Wed, 25 Jan 2023 07:52:10 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt_ext/icone/ico-bp.png
45.142.122.112200 OK 3.5 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt_ext/icone/ico-bp.png
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type PNG image data, 45 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 8d96bc9b08477815ed8655ced98af0ac
04b6fa972775456746a7cfeba72f3878cf904183
d7f9c88c4f19de13e5ef1040c08cd72970808301de221e2ea7acfc71bf802cc1
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt_ext/icone/ico-bp.png HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:10 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 3511
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt_ext/icone/small-modal-ico-bp-pp.png
45.142.122.112200 OK 13 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt_ext/icone/small-modal-ico-bp-pp.png
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type PNG image data, 132 x 132, 8-bit/color RGBA, non-interlaced\012- data
Hash 22e37aed1a37a4d10a2c011e969a1337
05d054f563899fffd3ffd4f5cba486c5273d17d9
d4a66d846de1a39c49b3d03f1c4c4d21cd9f5436f362b7a72fd2eb773f6cfaca
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt_ext/icone/small-modal-ico-bp-pp.png HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:10 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 12995
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
pp2.it.45-142-122-112.cprapid.com/PP2/jod-fcc/resources/portal/js-polling/jdpolling.js
45.142.122.112404 Not Found 315 B URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/jod-fcc/resources/portal/js-polling/jdpolling.js
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/jod-fcc/resources/portal/js-polling/jdpolling.js HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 404 Not Found
Date: Wed, 25 Jan 2023 07:52:10 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
assets.adobedtm.com/4d622ce80bd2/66013fe91d66/9f1c66cb2727/RCce78d2ba79364101b982bf481cca240c-source.min.js
23.38.200.237200 OK 1.1 kB URL HTTP/2 assets.adobedtm.com/4d622ce80bd2/66013fe91d66/9f1c66cb2727/RCce78d2ba79364101b982bf481cca240c-source.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (3366)
Hash 7e6264ecc75f3523299c0c87e37142d6
f1ce41e1309db63d9193a6c470cb23937c12911d
6237aae5a11faff19cfbc09cbc47cab5b61014e465c9259a5246c6e42f3ba246
GET /4d622ce80bd2/66013fe91d66/9f1c66cb2727/RCce78d2ba79364101b982bf481cca240c-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "157831d66f312d49aa942950fc941437:1672761834.591696"
last-modified: Tue, 03 Jan 2023 16:03:54 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Wed, 25 Jan 2023 08:52:10 GMT
date: Wed, 25 Jan 2023 07:52:10 GMT
content-length: 1104
access-control-allow-origin: http://pp2.it.45-142-122-112.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/4d622ce80bd2/66013fe91d66/9f1c66cb2727/RCace12870bc974581b26b193857913875-source.min.js
23.38.200.237200 OK 1.1 kB URL HTTP/2 assets.adobedtm.com/4d622ce80bd2/66013fe91d66/9f1c66cb2727/RCace12870bc974581b26b193857913875-source.min.js
IP 23.38.200.237:0
File type HTML document, ASCII text, with very long lines (3225)
Hash 1791176d104c8c0e300eb1a4c5b06bb3
3aeb7fe2c23bf280c2289f13c4372267b651f0e2
cfba455d8f73debc9c5594beaaaebe4fa4ee10216ac9a50757968de9e47a47f3
GET /4d622ce80bd2/66013fe91d66/9f1c66cb2727/RCace12870bc974581b26b193857913875-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "157831d66f312d49aa942950fc941437:1672761834.591696"
last-modified: Tue, 03 Jan 2023 16:03:54 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Wed, 25 Jan 2023 08:52:10 GMT
date: Wed, 25 Jan 2023 07:52:10 GMT
content-length: 1073
access-control-allow-origin: http://pp2.it.45-142-122-112.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/4d622ce80bd2/66013fe91d66/9f1c66cb2727/RC0571d095fad64781ad9ad87fc8a7eda3-source.min.js
23.38.200.237200 OK 1.2 kB URL HTTP/2 assets.adobedtm.com/4d622ce80bd2/66013fe91d66/9f1c66cb2727/RC0571d095fad64781ad9ad87fc8a7eda3-source.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (2795)
Hash 7ab934797af682d79b4053afb8e791b5
b8eebb3755b6c7f539169f770a713e114ef5a1e7
9b5c69a34cc80d2b39456ec2425de36cde7e8e8d2c16b94338c562188da996e9
GET /4d622ce80bd2/66013fe91d66/9f1c66cb2727/RC0571d095fad64781ad9ad87fc8a7eda3-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "157831d66f312d49aa942950fc941437:1672761834.591696"
last-modified: Tue, 03 Jan 2023 16:03:54 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Wed, 25 Jan 2023 08:52:10 GMT
date: Wed, 25 Jan 2023 07:52:10 GMT
content-length: 1210
access-control-allow-origin: http://pp2.it.45-142-122-112.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png
45.142.122.112404 Not Found 315 B URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 404 Not Found
Date: Wed, 25 Jan 2023 07:52:10 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/risorse_dt/condivise/immagini/icone/icone-default-on/ico-torna-indietro.png
45.142.122.112404 Not Found 315 B URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/risorse_dt/condivise/immagini/icone/icone-default-on/ico-torna-indietro.png
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt/condivise/stili/trasversali/risorse_dt/condivise/immagini/icone/icone-default-on/ico-torna-indietro.png HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/base-element.css
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 404 Not Found
Date: Wed, 25 Jan 2023 07:52:10 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/applicazioni/trasversali/immagini/eye.png
45.142.122.112200 OK 645 B URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/applicazioni/trasversali/immagini/eye.png
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type PNG image data, 24 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 5dfd11f759177ca66df6bfb649fa131c
8151b051d99d5988a9761adcc40089bfb20f5576
5931ba755c44c364f074f95a904536fb4076da4e44c811a1934c5fff735c39c4
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt/applicazioni/trasversali/immagini/eye.png HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:10 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 645
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt_ext/icone/bg-qrcode.png
45.142.122.112200 OK 5.3 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt_ext/icone/bg-qrcode.png
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type PNG image data, 624 x 210, 8-bit/color RGBA, non-interlaced\012- data
Hash 4ed242012ee510aca41b30408eb02cc7
957fd32bcb5bc79b1f6e7795e2c6a6444dc462f0
bf6bcbcf84ff0f18c4110fa868c29ff14aef2458be49afd0ffe37e5f9cd74950
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt_ext/icone/bg-qrcode.png HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:10 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 5348
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt_ext/icone/empty-profile.png
45.142.122.112404 Not Found 315 B URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt_ext/icone/empty-profile.png
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt_ext/icone/empty-profile.png HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 404 Not Found
Date: Wed, 25 Jan 2023 07:52:10 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
pp2.it.45-142-122-112.cprapid.com/PP2/.jod-fcc/qrr.png
45.142.122.112404 Not Found 315 B URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/.jod-fcc/qrr.png
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/.jod-fcc/qrr.png HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 404 Not Found
Date: Wed, 25 Jan 2023 07:52:10 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/fonts/texta/Texta-Book/Texta-Book.woff
45.142.122.112200 OK 32 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/fonts/texta/Texta-Book/Texta-Book.woff
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type Web Open Font Format, TrueType, length 32412, version 1.0\012- data
Hash e49b4a99e99a162382c9135468cdff61
6fe7b52d7195d20e9d8ad05d4068dd87ddaeff76
0fa4aee030662ed700dc5cb2e13e52b85fb1254a195d9ab0a1a10d79e645c8f8
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/risorse_dt/condivise/fonts/texta/Texta-Book/Texta-Book.woff HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/fonts.css
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:11 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 32412
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/immagini/generiche/spinner_giallo.gif
45.142.122.112200 OK 34 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/immagini/generiche/spinner_giallo.gif
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type GIF image data, version 89a, 150 x 150\012- data
Hash 442d51dab3205cf4c81de67e4bafdbda
52726f8f87116bd1fd03e9d99c0bb22afd168937
ea638c8244c7a5cc50e617807b1fc35637430f976e8210ef3d560a5eb059e5f5
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt/condivise/immagini/generiche/spinner_giallo.gif HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:11 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 33869
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/immagini/loghi/logo-poste-italiane.png
45.142.122.112200 OK 7.3 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/immagini/loghi/logo-poste-italiane.png
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type PNG image data, 388 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 5f334889f79c8a60aca123b6f0e77cd6
b24faf71ad0f3fdb6228e8c101190aafa12b9216
f73f55b1729c6267bf5137b3de7a4e3a842780a87d7a918e878ff63437bb6a87
Analyzer Verdict Alert quad9 Sinkholed
GET /PP2/risorse_dt/condivise/immagini/loghi/logo-poste-italiane.png HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:11 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 7296
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/fonts/texta/Texta-Medium/Texta-Medium.woff
45.142.122.112200 OK 33 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/fonts/texta/Texta-Medium/Texta-Medium.woff
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type Web Open Font Format, TrueType, length 32756, version 1.0\012- data
Hash ddcb123ab58089ce07fa2d0e767decc4
b6bdcb18d6e6c3a28a40a041324001c794375c85
98a9f23066501d2b1676f72a2feb355caa114d4dffce7bae927083af92ccd6c9
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/risorse_dt/condivise/fonts/texta/Texta-Medium/Texta-Medium.woff HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/fonts.css
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:11 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 32756
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: font/woff
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/fonts/texta/Texta-Regular/Texta-Regular.woff
45.142.122.112200 OK 32 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/fonts/texta/Texta-Regular/Texta-Regular.woff
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type Web Open Font Format, TrueType, length 32376, version 1.0\012- data
Hash 8d611853ca1853f21ea4d768306f965e
b189a033f6a69180f2f705557021861ee89af975
4563e60af72ef8d0cc8b7c64716d81610d2f6595c7f76c8069b2015a89d623e2
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/risorse_dt/condivise/fonts/texta/Texta-Regular/Texta-Regular.woff HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/fonts.css
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:11 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 32376
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff
pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/fonts/texta/Texta-Light/Texta-Light.woff
45.142.122.112200 OK 32 kB URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/fonts/texta/Texta-Light/Texta-Light.woff
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type Web Open Font Format, TrueType, length 31976, version 1.0\012- data
Hash dcdd69e7910e57b0adc381e0fcf93e3e
21fd668706b3cd97f1b5df0c61ac4b05ab0bdf29
e3e914fafd966522cc6e0db2355a72202ece3052e768b0e34d05bdc4d26bf489
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /PP2/risorse_dt/condivise/fonts/texta/Texta-Light/Texta-Light.woff HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/risorse_dt/condivise/stili/trasversali/fonts.css
Cookie: COOKIE_KEY=167463312865
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:11 GMT
Server: Apache
Last-Modified: Thu, 28 Apr 2022 12:21:22 GMT
Accept-Ranges: bytes
Content-Length: 31976
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: font/woff
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash b1ef92b57345673cdbda29eea1bfbd8a
7bb5a59eea04731dea8b6373f1da824457ef5769
adac3cd09031934a3ee55b2cbeb8bd7807abef48c8998209b34d894178ff6f10
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 29 Jan 2023 06:34:07 GMT
ETag: "7bb5a59eea04731dea8b6373f1da824457ef5769"
Last-Modified: Wed, 25 Jan 2023 06:34:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ef6d8d7ecbb51b-OSL
widget.poste.it/js/custom.js
62.241.5.94200 OK 31 kB URL HTTP/1.1 widget.poste.it/js/custom.js
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type HTML document, Unicode text, UTF-8 text, with very long lines (306)
Hash e84988c180eec87621660bfd18da9af3
043326fe6385ac741d5c44f765dbe5bc9490d83d
05f5bac65a4da7b2658711f9ca44cfa9d17311287dad65f928c0922b4b8f16c2
GET /js/custom.js HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:11 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:05 GMT
ETag: "7808-5ee8af14ff540"
Accept-Ranges: bytes
Content-Length: 30728
Access-Control-Allow-Origin:
Keep-Alive: timeout=278, max=11
Connection: Keep-Alive
Content-Type: application/javascript
widget.poste.it/json/widgetLabels.json
62.241.5.94200 OK 7.1 kB URL HTTP/1.1 widget.poste.it/json/widgetLabels.json
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash f6bcc872c62240d4339b14acdb952341
2a14c8c5c5513ba23351a67ae1a6f23f95626a23
5dee78278049e1a73e771b2ea7b4d3cbf89f71a2e6c535e07e45ff392cb89fa4
POST /json/widgetLabels.json HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pp2.it.45-142-122-112.cprapid.com
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:11 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "1bd5-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 7125
Access-Control-Allow-Origin: http://pp2.it.45-142-122-112.cprapid.com
Keep-Alive: timeout=278, max=28
Connection: Keep-Alive
Content-Type: application/json
t.dtscout.com/pv/?_a=v&_h=pp2.it.45-142-122-112.cprapid.com&_ss=5chddctnal&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=2atw&_cb=_dtspv.c
141.101.120.11200 OK 54 B URL HTTP/2 t.dtscout.com/pv/?_a=v&_h=pp2.it.45-142-122-112.cprapid.com&_ss=5chddctnal&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=2atw&_cb=_dtspv.c
IP 141.101.120.11:0
File type ASCII text, with no line terminators
Hash eb8307a031b6da5c94e4d3dd0caf13a1
dc024aca3e3fab98e4e37c2ca6ba6394eb28b97f
8f1d049085b290426c0c319ac5388ede6556e702f842b3a1b0db9cff33dbb2d8
GET /pv/?_a=v&_h=pp2.it.45-142-122-112.cprapid.com&_ss=5chddctnal&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=2atw&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Cookie: m=1; oa=1; df=1674633131
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 07:52:11 GMT
content-type: application/javascript
x-t: 0.133
x-c: 0
expires: Wed, 25 Jan 2023 07:52:10 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkAUcv3RN4q3HaFwWXYRnQo%2FGx2LsS%2F42H3Bf613nFET1aAsm0seRw1hNTqklfNyHKFuZhFT2Z6FOjriC9RVoNVqq6Y6OOIKH%2FAAy2QLowlhOSV6idJoZ8nQ5sJTF7s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ef6d8e9b9909b0-ARN
content-encoding: br
X-Firefox-Spdy: h2
pp2.it.45-142-122-112.cprapid.com/favicon.ico
45.142.122.112404 Not Found 315 B URL HTTP/1.1 pp2.it.45-142-122-112.cprapid.com/favicon.ico
IP 45.142.122.112:0
ASN #210644 AEZA GROUP Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: pp2.it.45-142-122-112.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/PP2/
Cookie: s_fid=70DC937AB4E31107-348D006005722FFD; s_cc=true
HTTP/1.1 404 Not Found
Date: Wed, 25 Jan 2023 07:52:11 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
posteitalianespa.sc.omtrdc.net/b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s85395209732419?AQB=1&pccr=true&ndh=1&pf=1&t=25%2F0%2F2023%207%3A52%3A9%203%200&fid=70DC937AB4E31107-348D006005722FFD&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=pp2.it.45-142-122-112.cprapid.com%2FPP2%2F&c2=pp2.it.45-142-122-112.cprapid.com%2FPP2%2F&v2=pp2.it.45-142-122-112.cprapid.com%2FPP2%2F&v32=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F&v46=DEFAULT&v198=2023-01-03T16%3A02%3A29Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&AQE=1
15.236.125.10200 OK 43 B URL HTTP/1.1 posteitalianespa.sc.omtrdc.net/b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s85395209732419?AQB=1&pccr=true&ndh=1&pf=1&t=25%2F0%2F2023%207%3A52%3A9%203%200&fid=70DC937AB4E31107-348D006005722FFD&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=pp2.it.45-142-122-112.cprapid.com%2FPP2%2F&c2=pp2.it.45-142-122-112.cprapid.com%2FPP2%2F&v2=pp2.it.45-142-122-112.cprapid.com%2FPP2%2F&v32=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F&v46=DEFAULT&v198=2023-01-03T16%3A02%3A29Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&AQE=1
IP 15.236.125.10:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s85395209732419?AQB=1&pccr=true&ndh=1&pf=1&t=25%2F0%2F2023%207%3A52%3A9%203%200&fid=70DC937AB4E31107-348D006005722FFD&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=pp2.it.45-142-122-112.cprapid.com%2FPP2%2F&c2=pp2.it.45-142-122-112.cprapid.com%2FPP2%2F&v2=pp2.it.45-142-122-112.cprapid.com%2FPP2%2F&v32=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F&v46=DEFAULT&v198=2023-01-03T16%3A02%3A29Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&AQE=1 HTTP/1.1
Host: posteitalianespa.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Connection: keep-alive
HTTP/1.1 200 OK
access-control-allow-origin: *
date: Wed, 25 Jan 2023 07:52:11 GMT
expires: Tue, 24 Jan 2023 07:52:11 GMT
last-modified: Thu, 26 Jan 2023 07:52:11 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi_oplkzx7Eoo1pizmx7Ess1oplkz1vkx7Esvx7Eqz=[CS]v4|70DC937AB4E31107-348D006005722FFD|0[CE]; Path=/; Domain=omtrdc.net; Max-Age=63072000; Expires=Fri, 24 Jan 2025 07:52:52 GMT; SameSite=None;
etag: 3596247266300559360-4619680110337595400
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
whos.amung.us/pingjs/?k=c6hn8dsrid&t=Accedi%20o%20Registrati&c=d&x=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F&y=&a=0&v=27&r=6494
172.67.8.141200 OK 49 B URL HTTP/1.1 whos.amung.us/pingjs/?k=c6hn8dsrid&t=Accedi%20o%20Registrati&c=d&x=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F&y=&a=0&v=27&r=6494
IP 172.67.8.141:0
File type ASCII text, with no line terminators
Hash f50062daa3814ff4eb4532663f6bbc87
d114021790d0bd06beebb46a96fa6bbc5787e172
b65623459a521578d64be3cdfab20efabe4eb0bb6881a625c01e81883476909c
GET /pingjs/?k=c6hn8dsrid&t=Accedi%20o%20Registrati&c=d&x=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F&y=&a=0&v=27&r=6494 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:11 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78ef6d90f88cb515-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6a54734c0c08d9d7be0b854e6e8c67c2
845bff143dd35ff421a773b6a718e3f23a61fd0f
4e3efb152199735871fa3c94125f006618689caad9579c24c5c5ea4b04c45481
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:12 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 09:46:08 GMT
Expires: Sun, 29 Jan 2023 09:46:07 GMT
Etag: "845bff143dd35ff421a773b6a718e3f23a61fd0f"
Cache-Control: max-age=351834,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78ef6d931952b4fd-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 480a84860b5a64f7d266b7fa095c70a3
e4409d282dc6da24e38b759bf00be0dec31b8581
ae7169c9a001e909bf63fa5828d66ed267b951b14a7f967682fc08c1c6e5e229
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 11:33:39 GMT
Expires: Sun, 29 Jan 2023 11:33:38 GMT
Etag: "e4409d282dc6da24e38b759bf00be0dec31b8581"
Cache-Control: max-age=358285,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78ef6d93db06b4fa-OSL
api.ipify.org/
64.185.227.155200 OK 12 B IP 64.185.227.155:0
File type ASCII text, with no line terminators
Hash 35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
GET / HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pp2.it.45-142-122-112.cprapid.com
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: *
content-type: text/plain
date: Wed, 25 Jan 2023 07:52:12 GMT
vary: Origin
content-length: 12
X-Firefox-Spdy: h2
widget.poste.it/fonts/Texta-Black.woff
62.241.5.94200 OK 33 kB URL HTTP/1.1 widget.poste.it/fonts/Texta-Black.woff
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type Web Open Font Format, TrueType, length 33140, version 1.0\012- data
Hash bb38c2004fb8284b41ab208428f57e57
eede479ce3535e6dd33934e677de0b7224ce31c4
3d4a9402bef6028217f3f4279e7f6c4bb9af9bfce7786eac52d3a5d0065a27af
POST /fonts/Texta-Black.woff HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pp2.it.45-142-122-112.cprapid.com
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:12 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "8174-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 33140
Access-Control-Allow-Origin: http://pp2.it.45-142-122-112.cprapid.com
Keep-Alive: timeout=278, max=71
Connection: Keep-Alive
Content-Type: application/font-woff
widget.poste.it/fonts/Texta-LightItalic.woff
62.241.5.94200 OK 32 kB URL HTTP/1.1 widget.poste.it/fonts/Texta-LightItalic.woff
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type Web Open Font Format, TrueType, length 32084, version 1.0\012- data
Hash 50ff911beaeaea06a186cbe72898ea42
610aa069b2987d6fbbf46c456f177ced1aa49a57
91509bd0e2ed20655b4cbbf585f5587a1a1cc282291dd56d7821881699757971
POST /fonts/Texta-LightItalic.woff HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pp2.it.45-142-122-112.cprapid.com
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:12 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "7d54-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 32084
Access-Control-Allow-Origin: http://pp2.it.45-142-122-112.cprapid.com
Keep-Alive: timeout=278, max=10
Connection: Keep-Alive
Content-Type: application/font-woff
ic.tynt.com/b/p?id=w!c6hn8dsrid&lm=0&ts=1674633130516&dn=TC&iso=0&pu=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F&t=Accedi%20o%20Registrati
67.202.105.34204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!c6hn8dsrid&lm=0&ts=1674633130516&dn=TC&iso=0&pu=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F&t=Accedi%20o%20Registrati
IP 67.202.105.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!c6hn8dsrid&lm=0&ts=1674633130516&dn=TC&iso=0&pu=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F&t=Accedi%20o%20Registrati HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 25 Jan 2023 07:52:12 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!c6hn8dsrid&lm=0&ts=1674633130516&dn=TC&iso=0&pu=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F&t=Accedi%20o%20Registrati
67.202.105.34204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!c6hn8dsrid&lm=0&ts=1674633130516&dn=TC&iso=0&pu=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F&t=Accedi%20o%20Registrati
IP 67.202.105.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!c6hn8dsrid&lm=0&ts=1674633130516&dn=TC&iso=0&pu=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F&t=Accedi%20o%20Registrati HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 25 Jan 2023 07:52:13 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!c6hn8dsrid&dn=TC&cc=1&r=&pu=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F
67.202.105.34200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!c6hn8dsrid&dn=TC&cc=1&r=&pu=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F
IP 67.202.105.34:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!c6hn8dsrid&dn=TC&cc=1&r=&pu=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Thu, 26 Jan 2023 07:52:13 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Wed, 25 Jan 2023 07:52:12 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!c6hn8dsrid&lm=0&ts=1674633130516&dn=TC&iso=0&pu=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F
67.202.105.34204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!c6hn8dsrid&lm=0&ts=1674633130516&dn=TC&iso=0&pu=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F
IP 67.202.105.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!c6hn8dsrid&lm=0&ts=1674633130516&dn=TC&iso=0&pu=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 25 Jan 2023 07:52:13 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!c6hn8dsrid&lm=0&ts=1674633130516&dn=TC&iso=0&pu=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F
67.202.105.34204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!c6hn8dsrid&lm=0&ts=1674633130516&dn=TC&iso=0&pu=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F
IP 67.202.105.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!c6hn8dsrid&lm=0&ts=1674633130516&dn=TC&iso=0&pu=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 25 Jan 2023 07:52:13 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
widget.poste.it/fonts/Texta-Regular.woff
62.241.5.94200 OK 32 kB URL HTTP/1.1 widget.poste.it/fonts/Texta-Regular.woff
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type Web Open Font Format, TrueType, length 32376, version 1.0\012- data
Hash 8d611853ca1853f21ea4d768306f965e
b189a033f6a69180f2f705557021861ee89af975
4563e60af72ef8d0cc8b7c64716d81610d2f6595c7f76c8069b2015a89d623e2
POST /fonts/Texta-Regular.woff HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pp2.it.45-142-122-112.cprapid.com
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:12 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "7e78-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 32376
Access-Control-Allow-Origin: http://pp2.it.45-142-122-112.cprapid.com
Keep-Alive: timeout=278, max=8
Connection: Keep-Alive
Content-Type: application/font-woff
ic.tynt.com/b/p?id=w!c6hn8dsrid&lm=0&ts=1674633130516&dn=TC&iso=0&pu=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F
67.202.105.34204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!c6hn8dsrid&lm=0&ts=1674633130516&dn=TC&iso=0&pu=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F
IP 67.202.105.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!c6hn8dsrid&lm=0&ts=1674633130516&dn=TC&iso=0&pu=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 25 Jan 2023 07:52:13 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
widget.poste.it/css/chat_custom.css
62.241.5.94200 OK 1.8 kB URL HTTP/1.1 widget.poste.it/css/chat_custom.css
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type ASCII text, with CRLF line terminators
Hash b5630f2b6ef609755051582891d6f95f
ff9df70fc8ca0653c0fade1e7e062813785d5cec
0c4b8459c2b949886ae64971a9d3f2555b680dd1c1fa36a0b42dbca2a21bd053
GET /css/chat_custom.css HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:13 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:03 GMT
ETag: "715-5ee8af13170c0"
Accept-Ranges: bytes
Content-Length: 1813
Access-Control-Allow-Origin:
Keep-Alive: timeout=278, max=37
Connection: Keep-Alive
Content-Type: text/css
widget.poste.it/css/chat_common.css
62.241.5.94200 OK 12 kB URL HTTP/1.1 widget.poste.it/css/chat_common.css
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type ASCII text, with CRLF line terminators
Hash 76f9060cb105221022b473277418b467
e2bfcc835a6c8bcf4ceb9e1da7b731591cf6b723
b6343a0f5e0b6b1955a69ca6fb1ef749bbeb18c633e08cff39689d773a0fa53f
GET /css/chat_common.css HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:13 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "2cfc-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 11516
Access-Control-Allow-Origin:
Keep-Alive: timeout=278, max=35
Connection: Keep-Alive
Content-Type: text/css
widget.poste.it/css/widgets.min.css
62.241.5.94200 OK 118 kB URL HTTP/1.1 widget.poste.it/css/widgets.min.css
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type ASCII text, with very long lines (64898), with CRLF line terminators
Size 118 kB (118490 bytes)
Hash 8a02a55585ef2630988a32645ce68be2
00d11de0e5150cf3d35629f2bc52af00bfce4ee0
f0cf34169482d5d1aa31c2910fea9ad33979b7bf52a1202ab83d3de29843d8a3
GET /css/widgets.min.css HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:13 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "1ceda-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 118490
Access-Control-Allow-Origin:
Keep-Alive: timeout=278, max=38
Connection: Keep-Alive
Content-Type: text/css
widget.poste.it/js/lib/widgets.min.js
62.241.5.94200 OK 839 kB URL HTTP/1.1 widget.poste.it/js/lib/widgets.min.js
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type ASCII text, with very long lines (64898), with CRLF line terminators
Size 839 kB (839332 bytes)
Hash 82374b6c20855319bda55472e83e82b4
9067439be48ff638c5ff5ef790ce12bc08b21414
18fc4c844d845b1c289d1d1d324ff6e7abf51785619c9a60d9e245b2100c256a
GET /js/lib/widgets.min.js HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:13 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "ccea4-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 839332
Access-Control-Allow-Origin:
Keep-Alive: timeout=278, max=88
Connection: Keep-Alive
Content-Type: application/javascript
widget.poste.it/img/button_openChat.png
62.241.5.94200 OK 20 kB URL HTTP/1.1 widget.poste.it/img/button_openChat.png
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 7305cd2f12691ddda291fb1b21bd4347
5b3f944fc435c3ad74f138942aaf50ff159cbee0
25fbb9e5014408868cbd5d87ac48192ddddcb3b32ca3cdfb8e3efa0ebba2e251
GET /img/button_openChat.png HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.poste.it/css/chat_custom.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:14 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "4e8b-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 20107
Access-Control-Allow-Origin:
Keep-Alive: timeout=278, max=58
Connection: Keep-Alive
Content-Type: image/png
cdn.tynt.com/tc.js
172.64.151.83200 OK 0 B IP 172.64.151.83:0
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 07:52:12 GMT
content-type: application/javascript
last-modified: Tue, 10 Jan 2023 20:39:18 GMT
vary: Accept-Encoding
etag: W/"63bdccf6-4571"
content-encoding: gzip
cf-cache-status: HIT
age: 10042
expires: Sat, 28 Jan 2023 07:52:12 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 78ef6d952ca7b4f1-OSL
X-Firefox-Spdy: h2
widget.poste.it/fonts/Texta-Regular.woff
62.241.5.94200 OK 0 B URL HTTP/1.1 widget.poste.it/fonts/Texta-Regular.woff
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
GET /fonts/Texta-Regular.woff HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pp2.it.45-142-122-112.cprapid.com
Connection: keep-alive
Referer: https://widget.poste.it/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 07:52:14 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "7e78-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 32376
Access-Control-Allow-Origin: http://pp2.it.45-142-122-112.cprapid.com
Keep-Alive: timeout=278, max=25
Connection: Keep-Alive
Content-Type: application/font-woff
t.dtscout.com/i/?l=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F&j=
141.101.120.11200 OK 0 B URL HTTP/2 t.dtscout.com/i/?l=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F&j=
IP 141.101.120.11:0
GET /i/?l=http%3A%2F%2Fpp2.it.45-142-122-112.cprapid.com%2FPP2%2F&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pp2.it.45-142-122-112.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 07:52:11 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=1; Domain=dtscout.com; Expires=Wed, 25-Jan-2023 09:15:31 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Wed, 25-Jan-2023 11:52:11 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1674633131; Domain=dtscout.com; Expires=Fri, 05-May-2023 07:52:11 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.568
expires: Wed, 25 Jan 2023 07:52:10 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWc7EeMxRqPSGjDs5TFq4wrdq7PCGGxHZl6Qsi0siwIpGFDQuZXTdCXkqGfVfPo%2B04fHT%2FpdSeKlVH6jIc3i9i0%2BXV%2BGIquWR9vDF4gkdySB7VT1ZVbLyMk9Cs3c%2FhE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ef6d8ccaa409b0-ARN
content-encoding: br
X-Firefox-Spdy: h2