Report - b1.54-238-172-83.cprapid.com/

Report Overview

Submitted URL
b1.54-238-172-83.cprapid.com/
IP
54.238.172.83
ASN
#16509 AMAZON-02
Submitted
2022-12-08 14:33:11
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
150

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
assets.adobedtm.com	512	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	90 kB	23.38.200.237
posteitalianespa.sc.omtrdc.net	428002	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	2.0 kB	15.188.95.229
t.dtscout.com	11951	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	2.1 kB	141.101.120.11
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	1.9 kB	104.18.32.68
cdn.tynt.com	7260	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	392 B	172.64.151.83
www.poste.it	132877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	829 B	22 kB	13.107.246.53
widget.poste.it	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.6 kB	1.2 MB	62.241.5.94
api.ipify.org	3267	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	248 B	54.91.59.199
de.tynt.com	1252	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409 B	329 B	67.202.105.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
b1.54-238-172-83.cprapid.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	22 kB	1.0 MB	54.238.172.83
waust.at	38137	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	279 B	8.4 kB	104.26.4.7
ic.tynt.com	4300	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	2.1 kB	67.202.105.32
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.13.173.34
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	711 B	142.250.74.131
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	1.9 kB	104.18.20.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A
2022-12-07	medium	b1.54-238-172-83.cprapid.com/	Poste Italiane S.p.A

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-08	medium	b1.54-238-172-83.cprapid.com/	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/start-script.js	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/utilita.js	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/poste-it.js	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/scroll-pi.js	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.hc-sticky.min.js	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.mobile.custom.min.js	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/slick.min.js	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/javascript/custom-form-element.js	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/javascript/utilita-app.js	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/jod-fcc/posteID/x-jod-poste-id.js	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/hashtable.js	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/rsa.js	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/pbase-css-poste.js	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-polling/jdpolling.js	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.min.js	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/risorse_dt/bootstrap/js/ie10-viewport-bug-workaround.js	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/risorse_dt/bootstrap/js/bootstrap.js	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/megamenu-pi.js	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-polling/jdpolling.js	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Book/Texta-Book.woff	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Light/Texta-Light.woff	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Regular/Texta-Regular.woff	Phishing
2022-12-08	medium	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Medium/Texta-Medium.woff	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (49)

	URL	Size	First Seen	Last Seen
	b1.54-238-172-83.cprapid.com/	278 B	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/ IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-04-04 07:19:18 Times Seen182 Hash 55e29ccb09e1561f37867681c967bd0b 104413e24e350a8ffb3bb0982b504b16b9a14cce 8474b9e3067f6a270df9341690ab847c732afcfaf2829e0c35fa2664f3bba28f Loading...

	b1.54-238-172-83.cprapid.com/	865 B	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/ IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:44:29 Last Seen2024-04-04 07:19:18 Times Seen180 Hash 71a346023b3fd5e9704745e701630082 1dac74d77d1af4375e9427850d6448489566eb47 5e88bc305e6bcfdc09f6302f6aa63efabdbb335547278a64341375781dd78507 Loading...

	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.hc-sticky.min.js	8.9 kB	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.hc-sticky.min.js IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-04-04 07:19:19 Times Seen640 Hash 0cef027039bf8251fa53f22336981780 02f550f2117d54683191a964e0b54f3c253bb1b3 ce237a2bc80dd06901d9d66d3d6fd1a634157389d2daeabb377caab879ce3a02 Loading...

	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.min.js	97 kB	2023-03-07	2024-04-27
Pretty URL b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.min.js IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-27 00:37:22 Times Seen118764 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	b1.54-238-172-83.cprapid.com/jod-fcc/posteID/x-jod-poste-id.js	3.8 kB	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/jod-fcc/posteID/x-jod-poste-id.js IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-04-04 07:19:19 Times Seen716 Hash fec7eb85618cb63c3fb5b3efee61d2b2 9c120ed394fa9ddf75062361fc00c073d3ace5aa 12359170db0ece19b214a4f15092e82199ca7b179bc8ef4ffa722918f4623b46 Loading...

	b1.54-238-172-83.cprapid.com/	201 B	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/ IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:44:29 Last Seen2024-04-04 07:19:18 Times Seen332 Hash 92ecbd74e6a8ffe88bf29c4402b21ab7 b47632a523d0099de70d232788bc92a9c1a0ce5e faf2beeea765110aba5bc5ad31289d627cf6bb54043a82c9887ba751e19a596f Loading...

	assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js	34 kB	2023-03-08	2024-04-27
Pretty URL assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:57:44 Last Seen2024-04-27 00:47:08 Times Seen6844 Hash dfdd9e1f988805f0c2fbb10cd6b8f034 b6cd42821dd2e732919fd053a4665af0e15e0335 d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf Loading...

	b1.54-238-172-83.cprapid.com/	6 B	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/ IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-04-04 07:19:18 Times Seen267 Hash 4b8c072994ba9bea859a9b01d6205208 3eaae93ae9fb5785690b12424b6af2a6243ee7f1 ce85089bfa9d83e2220a519a0a0624d0e943376211d1a43eaaa231646615709b Loading...

	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/start-script.js	23 kB	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/start-script.js IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:44:29 Last Seen2024-04-04 07:19:19 Times Seen209 Hash ed56f6a18269e8a0626db5de25f3f657 c850fa6c06893edb1926db33bf7d13971f6e2ad5 4d43fc9cc16f5907f1a85777ae1e40d4e520a10302c424c505325723b64ea160 Loading...

	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/poste-it.js	5.6 kB	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/poste-it.js IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:44:29 Last Seen2024-04-04 07:19:19 Times Seen404 Hash 11ed8d787ab28bb7faad321627cbf050 a82e0d6e34c4c166a1d0eb05907cbca2db830886 ee466faaa33a9e0c8786659f3a54c09fb056815dac6059867937a31797fa7929 Loading...

	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/slick.min.js	42 kB	2023-03-07	2024-04-10
Pretty URL b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/slick.min.js IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-04-10 07:11:58 Times Seen596 Hash 14c2e83236ae603c42164f30103634c6 1b2bad348d7fb92022c2218882242ee6223b46b6 6fa18ab0db86897ea250d65eda6233b1533fdf7f94c9d44a6af2ee16af8242ab Loading...

	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/megamenu-pi.js	14 kB	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/megamenu-pi.js IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:44:29 Last Seen2024-04-04 07:19:19 Times Seen405 Hash 250bfa1bdb9cc3ed6b8a48a5f2281784 092938daea2f1352513f18a21e27d4a9860bc31f c5d5b2ba0288caa7178d3999dd5478ab6c9d2f6528ee421fa0af724cb8c94035 Loading...

	b1.54-238-172-83.cprapid.com/	2.5 kB	2023-03-07	2024-03-13
Pretty URL b1.54-238-172-83.cprapid.com/ IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-03-13 15:39:59 Times Seen263 Hash acf35cfe3c0faf5ceb5169f23750ee4e f94a68f0482a6fa4a44405b887d104162f15af58 29baddcbf85cc23a50db492d649d56cbeecd12748011b0bac15311c5ec595731 Loading...

	whos.amung.us/pingjs/?k=ur8gie9n2u&t=Accedi%20o%20Registrati&c=d&x=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&y=&a=0&v=27&r=8495	29 B	2023-03-08	2023-03-11
Pretty URL whos.amung.us/pingjs/?k=ur8gie9n2u&t=Accedi%20o%20Registrati&c=d&x=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&y=&a=0&v=27&r=8495 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:16:17 Last Seen2023-03-11 20:29:36 Times Seen1 Hash c46c1fb3a5a5ec60a9a25f231a2519a7 e2b09b656283dbeb8dde3b1bdb456897f1de14f0 b21dc84947208f0698fa8134a340194285f10e9cd2e25a9ccd7bcc8b0a8d687c Loading...

	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.mobile.custom.min.js	7.8 kB	2023-03-07	2024-04-25
Pretty URL b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.mobile.custom.min.js IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:10 Last Seen2024-04-25 16:26:22 Times Seen1524 Hash 74ee4c679b03074b55a1da9bbbe29cf5 745701d8ab39733f989313a5747c54cf3248eb5b 5c2f6c5d5cd0fe0ecfa24b844f841c8a73d8baaafb827ec413afa41335aa1c47 Loading...

	b1.54-238-172-83.cprapid.com/	593 B	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/ IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:10 Last Seen2024-04-04 07:19:18 Times Seen193 Hash b369ffdf74430da8bdada0d051db4b91 76faf71e0380fbeac69bea75bfd440176701930b 81c4e492a699906be679f05e7598fa4e78eaac101265cbed6e4245e0b4d7c595 Loading...

	b1.54-238-172-83.cprapid.com/	787 B	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/ IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:44:29 Last Seen2024-04-04 07:19:18 Times Seen185 Hash ae5c848f3af9d1b63ec7ca3d7149260c a8f9e17bdf47af30afd50a145ba929f3d17d77fc 49ce904ced87a4d6128d53bae2a6775eaf64abc7a3c4b8c79527b1d97aa8bbaf Loading...

	b1.54-238-172-83.cprapid.com/	92 B	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/ IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:44:29 Last Seen2024-04-04 07:19:18 Times Seen21 Hash 0337c565792f2a6a3c7ddbea76e96836 1b21f33d101f46d0ce89ef98f6e708c09b8f811a c0fa89c335ff1a6f0166c1d6b49c817592e97f70d86ece11eb357df5a466c809 Loading...

	b1.54-238-172-83.cprapid.com/	1.8 kB	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/ IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-04-04 07:19:18 Times Seen264 Hash 4a9b51435df0c8a9ca1a726488553820 d9649606b9d1a6f964a53dc57b9572da17b6a4aa c77f67307aadbb33a6c9d23883483041b7f2366634c229f74cc14f5f1617b6fc Loading...

	assets.adobedtm.com/4d622ce80bd2/66013fe91d66/6de93c1092bc/RC0571d095fad64781ad9ad87fc8a7eda3-source.min.js	2.9 kB	2023-03-08	2023-03-08
Pretty URL assets.adobedtm.com/4d622ce80bd2/66013fe91d66/6de93c1092bc/RC0571d095fad64781ad9ad87fc8a7eda3-source.min.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:16:17 Last Seen2023-03-08 22:16:17 Times Seen1 Hash 76ff35c76dbec0ae5e3526d6099103c6 eb397efff9a8ccf5d1b8b950005cdc0590dc70e8 230a89e494bc590024bd0d7deb78fa341bfc86267fef349c87a2a5d23c490098 Loading...

	b1.54-238-172-83.cprapid.com/	3.0 kB	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/ IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:10 Last Seen2024-04-04 07:19:18 Times Seen264 Hash 9c5fcce06b915aa7ed6cfe6b20c05693 ad57ebdad2f2fbaec5ba047506518ae020103963 3eec832c5175607f11ce1670f99fd506653996017a282b793bbce69e022b3270 Loading...

	t.dtscout.com/i/?l=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&j=	2.1 kB	2023-03-07	2024-04-27
Pretty URL t.dtscout.com/i/?l=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&j= IP 141.101.120.11 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-27 01:54:11 Times Seen4422 Hash 51bd741af3fcc4984d1a753eebfa1141 534664acf69cbbb5c9b97c96b63dd37bdc580da2 3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c Loading...

	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/scroll-pi.js	7.5 kB	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/scroll-pi.js IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:44:29 Last Seen2024-04-04 07:19:19 Times Seen403 Hash 1019dc04b5f21a58f899ef6a5c0391d3 b39e7c8581a6b06a46911b64dbd1e81472971b62 e40c7597c5edee3bddede5398bfa7a3a25acd5e081138da68da133eb4ea8b822 Loading...

	b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/rsa.js	39 kB	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/rsa.js IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-04-04 07:19:19 Times Seen720 Hash 5791e2f173300646df45d5698867dc27 b28280fcfccd6891e88d912834062ee18e9f7333 a8e90848cdc80b7134da128a50574ec9f913f947ce72a769d392177eb8647377 Loading...

	b1.54-238-172-83.cprapid.com/risorse_dt/bootstrap/js/ie10-viewport-bug-workaround.js	694 B	2023-03-07	2024-04-11
Pretty URL b1.54-238-172-83.cprapid.com/risorse_dt/bootstrap/js/ie10-viewport-bug-workaround.js IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-04-11 19:18:02 Times Seen1402 Hash b5a0dd7ce1f7c1c6b80b5abe13308dd2 6cc4835430ac4ba8845fd02efdb5688166a5ed8a ce01c41255d7e61cc44e865184559085737a98cf6911ef67f915692152b88852 Loading...

	b1.54-238-172-83.cprapid.com/	568 B	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/ IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-04-04 07:19:18 Times Seen349 Hash e788b4900338eb30e0d4c6093686364b ab7e690282d3557b0da88f1f5daf29266c3b658b 41644ca837a0cdccd64107c8b820da71897fd873ba985772799f2a05fe91544d Loading...

	de.tynt.com/deb/v2?id=w!ur8gie9n2u&dn=TC&cc=1&r=	4 B	2023-03-07	2024-04-24
Pretty URL de.tynt.com/deb/v2?id=w!ur8gie9n2u&dn=TC&cc=1&r= IP 67.202.105.32 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-24 03:12:14 Times Seen3075 Hash 350fd6ef6446635f7a8f608434a405ec a4b6c275ac2c80ec925b5c0c5c6abb79ba897356 d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179 Loading...

	b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/javascript/utilita-app.js	3.0 kB	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/javascript/utilita-app.js IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-04-04 07:19:19 Times Seen611 Hash 9aa07ea97efef38c156c5065ec6b040e 3d25ced0d2bbac415a0f583f54bc270b7b051a45 9bdd42402354335825af6f1b45bb83f645c16199d4bc7ee5f428efb3dbfef811 Loading...

	widget.poste.it/js/custom.js	31 kB	2023-03-08	2023-03-13
Pretty URL widget.poste.it/js/custom.js IP 62.241.5.94 ASN #15720 Poste Italiane S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:16:17 Last Seen2023-03-13 17:12:40 Times Seen1 Hash e84988c180eec87621660bfd18da9af3 043326fe6385ac741d5c44f765dbe5bc9490d83d 05f5bac65a4da7b2658711f9ca44cfa9d17311287dad65f928c0922b4b8f16c2 Loading...

	widget.poste.it/js/lib/widgets.min.js	839 kB	2023-03-08	2024-04-04
Pretty URL widget.poste.it/js/lib/widgets.min.js IP 62.241.5.94 ASN #15720 Poste Italiane S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:17:34 Last Seen2024-04-04 07:19:19 Times Seen365 Hash 82374b6c20855319bda55472e83e82b4 9067439be48ff638c5ff5ef790ce12bc08b21414 18fc4c844d845b1c289d1d1d324ff6e7abf51785619c9a60d9e245b2100c256a Loading...

	b1.54-238-172-83.cprapid.com/	345 B	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/ IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:44:29 Last Seen2024-04-04 07:19:18 Times Seen333 Hash 729bb4a9b0bfb273baac5ea6e6844de7 be5c9fa7dcb38b831522664a8de97049a4d564f9 d2b54a0869695bbbf4073b99f12debb9688a51783a951ca3eeecfcf500e54adb Loading...

	b1.54-238-172-83.cprapid.com/	240 B	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/ IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-04-04 07:19:18 Times Seen349 Hash dbc7441180dc8acc784aede20da4fc8c 23f95d05836bad5e55a43d998bd72b8d699596b4 e25c8a4e352ae2c9d77ee3ca500eddb76a508929ee52e19937a4be864bb19e15 Loading...

	assets.adobedtm.com/4d622ce80bd2/66013fe91d66/6de93c1092bc/RCace12870bc974581b26b193857913875-source.min.js	3.4 kB	2023-03-08	2023-03-08
Pretty URL assets.adobedtm.com/4d622ce80bd2/66013fe91d66/6de93c1092bc/RCace12870bc974581b26b193857913875-source.min.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:16:18 Last Seen2023-03-08 22:16:18 Times Seen1 Hash 3be3db40f43f6af44d3b72cc3a15fd5c 3658787aa9e310d82ad197b7f096ad379e959178 f71f2c8329636288171e1d2ca88b6d399d2320fc9b18784bd36d75cfc25c2779 Loading...

	b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/utilita.js	14 kB	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/utilita.js IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:44:29 Last Seen2024-04-04 07:19:19 Times Seen705 Hash 15e270138da3a46ed6a82f192fa0cf5c 86f7a03b47e1d63a8b5aecdb15be546aa7ec057a ca9c7a3760bf9bf10d8386938fdce15b4327a4158bd836a446c2d4af3aa2d88d Loading...

	b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/javascript/custom-form-element.js	6.8 kB	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/javascript/custom-form-element.js IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-04-04 07:19:19 Times Seen469 Hash 0db4764d4e4e66899267d79703fe99ce 816c19ddfe3088858714d0ba55a646f5df09321a aa3b054914a360287080d0bf7946f5fc59aab7ed99e2299ba2fc94c16f29f075 Loading...

	b1.54-238-172-83.cprapid.com/risorse_dt/bootstrap/js/bootstrap.js	69 kB	2023-03-07	2024-04-11
Pretty URL b1.54-238-172-83.cprapid.com/risorse_dt/bootstrap/js/bootstrap.js IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-04-11 19:18:02 Times Seen1194 Hash e3676b6eb90f0f6739c89d56a3efa245 83188f24cfbd8e33b69b23139202c0cf2f390063 31d80f65a2c078aa3ca5051504f29d8986df61f04bc998036527374eef1c286b Loading...

	b1.54-238-172-83.cprapid.com/	1.0 kB	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/ IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:44:29 Last Seen2024-04-04 07:19:18 Times Seen196 Hash 7cffb57b0ae161a30c4e3901d5bba6c3 bef394816ef46e7822ee55b4006ff872ddfd0f55 2dae4dc78c864eb104091a459d6961c4045d6d43e3497313042031b455586fc9 Loading...

	b1.54-238-172-83.cprapid.com/	63 B	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/ IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:44:29 Last Seen2024-04-04 07:19:18 Times Seen232 Hash 3061b743e16b9c13065db73e07b0ab7f 24d48892a0026114fdaa95e333666d1794dc4698 033d0b061d46c5cde3873a2b595dc959e8a64e4cb20ba92b3f133cede75d9d61 Loading...

	assets.adobedtm.com/4d622ce80bd2/66013fe91d66/6de93c1092bc/RCce78d2ba79364101b982bf481cca240c-source.min.js	3.5 kB	2023-03-08	2023-03-08
Pretty URL assets.adobedtm.com/4d622ce80bd2/66013fe91d66/6de93c1092bc/RCce78d2ba79364101b982bf481cca240c-source.min.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:16:18 Last Seen2023-03-08 22:16:18 Times Seen1 Hash 0ed0767852ed35cc4a40a2429de7df09 268b763f6fd5ac5011ca6f6ac6c6c2a9890e8fa4 923786109f9ba5c7d1fe7e3e162eb5408669989b429fa7cafb4f6c50a149f8e7 Loading...

	b1.54-238-172-83.cprapid.com/	3.1 kB	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/ IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:10 Last Seen2024-04-04 07:19:18 Times Seen264 Hash 6177f27c5d4e4974cda783b9b0171472 ffdba3107dbdf8749b8b25eb44f1649f4f962e83 d88fd2724a4d928cb046c746f4c4f8faf8654ab107aaab46f9335f5285a7e3dc Loading...

	cdn.tynt.com/tc.js	18 kB	2023-03-07	2023-03-17
Pretty URL cdn.tynt.com/tc.js IP 172.64.151.83 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2023-03-17 12:46:36 Times Seen1 Hash f9ab02a95c5035df7c44c8c046e95866 bafa1e72a0fa99774b56e31d04f5393bb1c04bbc 937458495c30f567aeafe715f0164bfe061ab17aee4a34aabbf191f69a6d32ae Loading...

	assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js	3.3 kB	2023-03-08	2024-04-27
Pretty URL assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:57:44 Last Seen2024-04-27 00:47:08 Times Seen5785 Hash b89fcb8870ac40eecb6d3cc844d35389 1bbde1a85912bdeff9c9cf55bf2fb3969d245874 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa Loading...

	waust.at/d.js	15 kB	2023-03-08	2024-04-26
Pretty URL waust.at/d.js IP 104.26.4.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:06 Last Seen2024-04-26 23:48:17 Times Seen2195 Hash 38cdedd658fa41770f607c0b117c1f82 3f3c9c6c330ab649e27ec56a8d852e9d41b0edf4 951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c Loading...

	t.dtscout.com/pv/?_a=v&_h=b1.54-238-172-83.cprapid.com&_ss=5zb44jvi9j&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=39xk&_cb=_dtspv.c	52 B	2023-03-08	2023-03-08
Pretty URL t.dtscout.com/pv/?_a=v&_h=b1.54-238-172-83.cprapid.com&_ss=5zb44jvi9j&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=39xk&_cb=_dtspv.c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:16:18 Last Seen2023-03-08 22:16:18 Times Seen1 Hash d095f11439d0b01d77ebfb07e170c6e0 2c3eff8fd68e37ab4b489d403df48fe7f1a70262 2c88aedf1dc9d1deafe9f15951d96a06e69050c4be177c8a10e1d767d756e069 Loading...

	www.poste.it/bowser.js	17 kB	2023-03-07	2024-04-04
Pretty URL www.poste.it/bowser.js IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-04-04 07:19:19 Times Seen598 Hash 971b649748eb819a7f4c8cdc4805376c f520540daa055e999dd6599e6e7e9f977899a8f6 61e2728bce5b153ccca7fd7ffe0a98a29dbfb0218300a39dd0cf0535635683f2 Loading...

	b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/hashtable.js	14 kB	2023-03-07	2024-04-23
Pretty URL b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/hashtable.js IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:10 Last Seen2024-04-23 20:06:42 Times Seen763 Hash f47c9a2aad50eddc384597280522f86a 73500eb3a7b9c96d0b6f075bc7a742dfe014a2a1 138143108101149f64bcda5fe38cdd2f3f2139cc957b45949e71fac33ea94482 Loading...

	b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/pbase-css-poste.js	2.9 kB	2023-03-07	2024-04-04
Pretty URL b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/pbase-css-poste.js IP 54.238.172.83 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-04-04 07:19:19 Times Seen726 Hash 03aea05809bf32353408cb78cdf40f08 5bfe199b18c64b584d8bc98308c769c8e32b331a 9b8d058f857c6ca7f7d4c0ef2e800c6884d6a89bb52cb294774505d1d3c7283b Loading...

	assets.adobedtm.com/launch-EN592261e36dc14b10a9936e854a4b30db.min.js	420 kB	2023-03-08	2023-03-08
Pretty URL assets.adobedtm.com/launch-EN592261e36dc14b10a9936e854a4b30db.min.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:16:18 Last Seen2023-03-08 22:16:18 Times Seen1 Hash 6148b6cd417bc890b625627a4c69c173 4fe841c7d3fcdd430f5d0a6f9768ed0848d9abb0 3e678141556497f6efe32b303eef5d35a22ae2114a358e2ac9f80ce8cfb0e845 Loading...

		Size	First Seen	Last Seen
	#1 Eval - b2c2041f8d99c45e0f21474fe4f8b7bc	17 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-26 01:51:27 Times Seen7451 Hash b2c2041f8d99c45e0f21474fe4f8b7bc 0b876666393469c726a2e3edbb29544c03a92154 17f5bfdbae6b35ae8bc3b27c069526d694021fe1e37a8027678e770fbb05e061 Loading...

HTTP Transactions (107)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16837
Expires: Thu, 08 Dec 2022 19:13:37 GMT
Date: Thu, 08 Dec 2022 14:33:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3503
Expires: Thu, 08 Dec 2022 15:31:23 GMT
Date: Thu, 08 Dec 2022 14:33:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4180
Expires: Thu, 08 Dec 2022 15:42:40 GMT
Date: Thu, 08 Dec 2022 14:33:00 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 14:08:13 GMT
content-type: application/json
age: 1487
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: obgkVwKx49c4Tw+gs17Dq+fM3/YEFF3UWRfLxep6Lr6ERCZblWdseu0NKhEe6e9jmdbDqYlk/OM=
x-amz-request-id: WVYGRGFGQD6MTB9Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 13:47:56 GMT
age: 2704
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 14:33:00 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 14:07:58 GMT
age: 1502
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1840
Cache-Control: max-age=155071
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:33:01 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 09:37:32 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.13.173.34

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.13.173.34:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MlMEOv39kfl1cwpdsOtWxw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 29oRybv7oZH9YIKUV4JVIXI9x7k=

assets.adobedtm.com/launch-EN592261e36dc14b10a9936e854a4b30db.min.js

23.38.200.237

200 OK

70 kB

URL HTTP/2
assets.adobedtm.com/launch-EN592261e36dc14b10a9936e854a4b30db.min.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (32715)
Size
70 kB (69487 bytes)
Hash
90d68cc6ff01ebc2d7aafe6cdd835441
ae0533cab4a8a742f8708dbf658e377f350637a2
12911addf568eef0e482edb529414db1e74c202c97f0656d6aa5212ebe00365a

HTTP Headers

GET /launch-EN592261e36dc14b10a9936e854a4b30db.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "6148b6cd417bc890b625627a4c69c173:1670422306.891072"
last-modified: Wed, 07 Dec 2022 14:11:46 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 69487
cache-control: max-age=3600
expires: Thu, 08 Dec 2022 15:33:01 GMT
date: Thu, 08 Dec 2022 14:33:01 GMT
access-control-allow-origin: http://b1.54-238-172-83.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2

b1.54-238-172-83.cprapid.com/

54.238.172.83

200 OK

29 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
29 kB (29382 bytes)
Hash
e5a0d84bfe06ceae824fcaac7e87d3e7
24ea14ed8eec8da6d521fd4bd5ae3e1c7ea8b191
ab920cb0aa918222337d3a5c000c19d37cb5fee90c57863f6c95332f2f98220d

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:00 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

waust.at/d.js

104.26.4.7

200 OK

7.6 kB

URL HTTP/1.1
waust.at/d.js
IP
104.26.4.7:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (14706), with no line terminators
Size
7.6 kB (7603 bytes)
Hash
e23c073a2e43c9ae75c8f1663778db21
c04fe83eb4953920b1fe567f54e44e5ca5a15777
9c896e04f689d594d35c2d0319598ccbf9e618296bdd63e5d4063a7702d0230b

HTTP Headers

GET /d.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:01 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 01 Dec 2022 21:21:07 GMT
etag: W/"63891ac3-3972"
expires: Fri, 09 Dec 2022 14:27:09 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
CF-Cache-Status: HIT
Age: 352
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=789SyZoe6SKz89mQ4c%2Bhspdn0iprF6tkoExa3bKYwxyAEK%2BwoWj1FiidbmtmM4cIbdbtPaTzZFSA41i6S1jPPV%2BLBXt6JFYF2sYCuFOinMiwZUXysBif%2F5Pu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776636b9dbfa1bfa-OSL
alt-svc: h2=":443"; ma=60

www.poste.it/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-small.png

13.107.246.53

200 OK

4.0 kB

URL HTTP/2
www.poste.it/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-small.png
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 158 x 23, 8-bit/color RGBA, non-interlaced\012- data
Size
4.0 kB (3981 bytes)
Hash
342591a0ea31e0fbe1e856d20e2c60dc
622e857e83951258f5ac71c4e51a8af9fc8df257
72464ecfdcec15e6f0e76157f45936021dc706b262b6d3ab7115ee92d47d73cc

HTTP Headers

GET /risorse_dt/condivise/immagini/loghi/logo-poste-italiane-small.png HTTP/1.1
Host: www.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600,public
pragma: public
content-length: 3981
content-type: image/png
expires: Thu, 08 Dec 2022 15:33:01 GMT
last-modified: Tue, 12 Jul 2022 08:10:12 GMT
accept-ranges: bytes
etag: "62cd2c64-f8d"
x-cache: CONFIG_NOCACHE
x-azure-ref: 0nfWRYwAAAACCzyeqecbVQpmcDmv7mn9qU1ZHMjBFREdFMDUwOABiZWE0YWQ2MS1kNWI2LTRmYmYtOWYyMC04NzJlNzI1N2U1NmE=
date: Thu, 08 Dec 2022 14:33:01 GMT
X-Firefox-Spdy: h2

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/start-script.js

54.238.172.83

200 OK

23 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/start-script.js
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (306)
Size
23 kB (22866 bytes)
Hash
ed56f6a18269e8a0626db5de25f3f657
c850fa6c06893edb1926db33bf7d13971f6e2ad5
4d43fc9cc16f5907f1a85777ae1e40d4e520a10302c424c505325723b64ea160

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /risorse_dt/condivise/javascript/start-script.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:01 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:46 GMT
Accept-Ranges: bytes
Content-Length: 22866
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

www.poste.it/bowser.js

13.107.246.53

200 OK

17 kB

URL HTTP/2
www.poste.it/bowser.js
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with CRLF line terminators
Size
17 kB (16647 bytes)
Hash
971b649748eb819a7f4c8cdc4805376c
f520540daa055e999dd6599e6e7e9f977899a8f6
61e2728bce5b153ccca7fd7ffe0a98a29dbfb0218300a39dd0cf0535635683f2

HTTP Headers

GET /bowser.js HTTP/1.1
Host: www.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=3600,public
pragma: public
content-length: 16647
content-type: application/javascript
expires: Thu, 08 Dec 2022 15:33:01 GMT
last-modified: Wed, 20 Oct 2021 13:58:32 GMT
accept-ranges: bytes
etag: "61702088-4107"
x-cache: CONFIG_NOCACHE
x-azure-ref: 0nfWRYwAAAACXDiSnfzW3RYFLB8ITwPFTU1ZHMjBFREdFMDUwOABiZWE0YWQ2MS1kNWI2LTRmYmYtOWYyMC04NzJlNzI1N2U1NmE=
date: Thu, 08 Dec 2022 14:33:01 GMT
X-Firefox-Spdy: h2

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/retina.css

54.238.172.83

200 OK

115 B

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/retina.css
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
115 B (115 bytes)
Hash
ee5d2b27eb8a486f46909f007cd2c3bc
f1b58d02621607b7cbe1c775a5c04572fd2859ce
63ae9fac5779ea8db4b2bf9adebfb54f5651b105e4a935b3f4c42308e3ab8557

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt/condivise/stili/trasversali/retina.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:02 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 23:21:36 GMT
Accept-Ranges: bytes
Content-Length: 115
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/utilita.js

54.238.172.83

200 OK

14 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/utilita.js
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (534)
Size
14 kB (13994 bytes)
Hash
15e270138da3a46ed6a82f192fa0cf5c
86f7a03b47e1d63a8b5aecdb15be546aa7ec057a
ca9c7a3760bf9bf10d8386938fdce15b4327a4158bd836a446c2d4af3aa2d88d

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /risorse_dt/condivise/javascript/utilita.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:02 GMT
Server: Apache
Last-Modified: Sun, 18 Jul 2021 13:26:04 GMT
Accept-Ranges: bytes
Content-Length: 13994
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/megamenu-pi.css

54.238.172.83

200 OK

26 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/megamenu-pi.css
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
26 kB (26357 bytes)
Hash
91a45dd5d6409bb0a5db3104a2f6c543
933b6e5b6acac709ff1e36d52135bf819df48507
89c0e53575ae03072f5b2a9d587c1611bad7a22090382318c391756dcf6e812c

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt/condivise/stili/trasversali/megamenu-pi.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:01 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:02 GMT
Accept-Ranges: bytes
Content-Length: 26357
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/poste-it.js

54.238.172.83

200 OK

5.6 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/poste-it.js
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (326)
Size
5.6 kB (5588 bytes)
Hash
11ed8d787ab28bb7faad321627cbf050
a82e0d6e34c4c166a1d0eb05907cbca2db830886
ee466faaa33a9e0c8786659f3a54c09fb056815dac6059867937a31797fa7929

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /risorse_dt/condivise/javascript/poste-it.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:02 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:40 GMT
Accept-Ranges: bytes
Content-Length: 5588
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/scroll-pi.js

54.238.172.83

200 OK

7.5 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/scroll-pi.js
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
7.5 kB (7538 bytes)
Hash
1019dc04b5f21a58f899ef6a5c0391d3
b39e7c8581a6b06a46911b64dbd1e81472971b62
e40c7597c5edee3bddede5398bfa7a3a25acd5e081138da68da133eb4ea8b822

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /risorse_dt/condivise/javascript/scroll-pi.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:02 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:42 GMT
Accept-Ranges: bytes
Content-Length: 7538
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4196
Expires: Thu, 08 Dec 2022 15:42:58 GMT
Date: Thu, 08 Dec 2022 14:33:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4196
Expires: Thu, 08 Dec 2022 15:42:58 GMT
Date: Thu, 08 Dec 2022 14:33:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4196
Expires: Thu, 08 Dec 2022 15:42:58 GMT
Date: Thu, 08 Dec 2022 14:33:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4196
Expires: Thu, 08 Dec 2022 15:42:58 GMT
Date: Thu, 08 Dec 2022 14:33:02 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8659 bytes)
Hash
b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:33:19 GMT
age: 53983
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9596 bytes)
Hash
c408efaa98ac2ce63bb1618368d10c15
a51bbb49ebd862d04eaee465d0a35b22dcd21391
077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FsbiyZG0110CEANduIIWuLcxFOxfrV0YPvOSy-ScXFIX1qM6qaOdCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:21:22 GMT
age: 58300
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7609 bytes)
Hash
0d0219e6bee2a28f003f396f872eecf0
b3d22d146c6094cb539de40a72b9c5a140802ee5
41c1b037e8e654c19f36b74cceccd1fc841cc9fb7de39ac552ab5089dc3e82db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7609
x-amzn-requestid: 02299a39-6804-49ae-b415-313b6e06b2ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfj24G39oAMF25Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63894cf8-5f578e3f211063bd125b645a;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 00:55:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EmQGdW6eDQGTNSY5o0bGb7rS5i9FBeV29pEQMPui8P9XOpgZHW8leA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:58:23 GMT
age: 59679
etag: "b3d22d146c6094cb539de40a72b9c5a140802ee5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7268 bytes)
Hash
24d89b69ba37bf23c5d576aff4063caf
3d46a21b4da571d7e4962e335c18a28ca5f81ecf
09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QSv756DvAzOQnKae5wVg75wrQS6oDGPkfIZka86FNQ2vizBnZ7sIDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:12:45 GMT
age: 55217
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6557 bytes)
Hash
210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: etWGqF-8tXSwaeZVTPK4g9CV5ZbdYv5ZDjF5Yx2PSNnTsreewpbhdA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 08:48:08 GMT
age: 20694
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7801 bytes)
Hash
8c94003641bb5a7595e7004f80f95d22
3446450df60d732f9021d5bfd5f5f7c6c870d9ec
4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:16:35 GMT
age: 54987
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

b1.54-238-172-83.cprapid.com/risorse_dt/bootstrap/css/bootstrap.min.css

54.238.172.83

200 OK

122 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/bootstrap/css/bootstrap.min.css
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (64985)
Size
122 kB (122291 bytes)
Hash
6181a38a601eb664522623bae7db95c9
9671b5fc92e27a915769b59bc60bf26fde343d7e
8b922a249c9f81562d99eee24407bf38c7feac74a10dfe712292c0b032144dfa

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:01 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:47:50 GMT
Accept-Ranges: bytes
Content-Length: 122291
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.hc-sticky.min.js

54.238.172.83

200 OK

8.9 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.hc-sticky.min.js
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
exported SGML document, ASCII text, with very long lines (8423)
Size
8.9 kB (8885 bytes)
Hash
0cef027039bf8251fa53f22336981780
02f550f2117d54683191a964e0b54f3c253bb1b3
ce237a2bc80dd06901d9d66d3d6fd1a634157389d2daeabb377caab879ce3a02

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /risorse_dt/condivise/javascript/jquery.hc-sticky.min.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:02 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:32 GMT
Accept-Ranges: bytes
Content-Length: 8885
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.mobile.custom.min.js

54.238.172.83

200 OK

7.8 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.mobile.custom.min.js
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (7687)
Size
7.8 kB (7784 bytes)
Hash
74ee4c679b03074b55a1da9bbbe29cf5
745701d8ab39733f989313a5747c54cf3248eb5b
5c2f6c5d5cd0fe0ecfa24b844f841c8a73d8baaafb827ec413afa41335aa1c47

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /risorse_dt/condivise/javascript/jquery.mobile.custom.min.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:02 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:36 GMT
Accept-Ranges: bytes
Content-Length: 7784
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/slick.min.js

54.238.172.83

200 OK

42 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/slick.min.js
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (32076)
Size
42 kB (41953 bytes)
Hash
14c2e83236ae603c42164f30103634c6
1b2bad348d7fb92022c2218882242ee6223b46b6
6fa18ab0db86897ea250d65eda6233b1533fdf7f94c9d44a6af2ee16af8242ab

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /risorse_dt/condivise/javascript/slick.min.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:02 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:44 GMT
Accept-Ranges: bytes
Content-Length: 41953
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/javascript/custom-form-element.js

54.238.172.83

200 OK

6.8 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/javascript/custom-form-element.js
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (338)
Size
6.8 kB (6831 bytes)
Hash
0db4764d4e4e66899267d79703fe99ce
816c19ddfe3088858714d0ba55a646f5df09321a
aa3b054914a360287080d0bf7946f5fc59aab7ed99e2299ba2fc94c16f29f075

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /risorse_dt/applicazioni/trasversali/javascript/custom-form-element.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:02 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:46:48 GMT
Accept-Ranges: bytes
Content-Length: 6831
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/javascript/utilita-app.js

54.238.172.83

200 OK

3.0 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/javascript/utilita-app.js
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
3.0 kB (2983 bytes)
Hash
9aa07ea97efef38c156c5065ec6b040e
3d25ced0d2bbac415a0f583f54bc270b7b051a45
9bdd42402354335825af6f1b45bb83f645c16199d4bc7ee5f428efb3dbfef811

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /risorse_dt/applicazioni/trasversali/javascript/utilita-app.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:46:52 GMT
Accept-Ranges: bytes
Content-Length: 2983
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

b1.54-238-172-83.cprapid.com/jod-fcc/posteID/x-jod-poste-id.js

54.238.172.83

200 OK

3.8 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/jod-fcc/posteID/x-jod-poste-id.js
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
3.8 kB (3812 bytes)
Hash
fec7eb85618cb63c3fb5b3efee61d2b2
9c120ed394fa9ddf75062361fc00c073d3ace5aa
12359170db0ece19b214a4f15092e82199ca7b179bc8ef4ffa722918f4623b46

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /jod-fcc/posteID/x-jod-poste-id.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:43:24 GMT
Accept-Ranges: bytes
Content-Length: 3812
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/hashtable.js

54.238.172.83

200 OK

14 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/hashtable.js
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
14 kB (14081 bytes)
Hash
f47c9a2aad50eddc384597280522f86a
73500eb3a7b9c96d0b6f075bc7a742dfe014a2a1
138143108101149f64bcda5fe38cdd2f3f2139cc957b45949e71fac33ea94482

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /jod-fcc/resources/portal/js-rsa-2/hashtable.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:44:12 GMT
Accept-Ranges: bytes
Content-Length: 14081
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/stili/custom-form-element.css

54.238.172.83

200 OK

18 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/stili/custom-form-element.css
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (376)
Size
18 kB (18280 bytes)
Hash
eb65c2ea5d0082591243aee8425d4eff
a5adf6ce96c015f865a93d54b930cdfd5c6c669a
2213c377877c722511173afad5794c4ca2fce629c79d26a4df200fc4ab3f06f3

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt/applicazioni/trasversali/stili/custom-form-element.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:47:00 GMT
Accept-Ranges: bytes
Content-Length: 18280
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/rsa.js

54.238.172.83

200 OK

39 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/rsa.js
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (2059), with CRLF line terminators
Size
39 kB (39372 bytes)
Hash
5791e2f173300646df45d5698867dc27
b28280fcfccd6891e88d912834062ee18e9f7333
a8e90848cdc80b7134da128a50574ec9f913f947ce72a769d392177eb8647377

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /jod-fcc/resources/portal/js-rsa-2/rsa.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:44:20 GMT
Accept-Ranges: bytes
Content-Length: 39372
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/pbase-css-poste.js

54.238.172.83

200 OK

2.9 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/pbase-css-poste.js
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (597), with CRLF line terminators
Size
2.9 kB (2915 bytes)
Hash
03aea05809bf32353408cb78cdf40f08
5bfe199b18c64b584d8bc98308c769c8e32b331a
9b8d058f857c6ca7f7d4c0ef2e800c6884d6a89bb52cb294774505d1d3c7283b

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /jod-fcc/resources/portal/js-rsa-2/pbase-css-poste.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:44:16 GMT
Accept-Ranges: bytes
Content-Length: 2915
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-polling/jdpolling.js

54.238.172.83

404 Not Found

315 B

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-polling/jdpolling.js
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /jod-fcc/resources/portal/js-polling/jdpolling.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/owl.carousel.css

54.238.172.83

200 OK

4.6 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/owl.carousel.css
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
4.6 kB (4614 bytes)
Hash
b51416af9e8adbe3d16f5f2526aba221
097c8d67412f44534449ed4cadc6dd22b025801d
dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt/condivise/stili/trasversali/owl.carousel.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:04 GMT
Accept-Ranges: bytes
Content-Length: 4614
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.min.js

54.238.172.83

200 OK

97 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.min.js
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (32077)
Size
97 kB (97163 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /risorse_dt/condivise/javascript/jquery.min.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:34 GMT
Accept-Ranges: bytes
Content-Length: 97163
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css

54.238.172.83

200 OK

416 B

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
416 B (416 bytes)
Hash
a00dda3f91b12b16ef9736f89c1d5042
0ad4a038ed350f7a4bbb738849f876eeced6c1d3
0da7a1b970b5c8e4c5f781761450c034462288a375d5c189f7e90027207f3524

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt/condivise/stili/trasversali/base.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Sun, 18 Jul 2021 13:01:22 GMT
Accept-Ranges: bytes
Content-Length: 416
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

b1.54-238-172-83.cprapid.com/risorse_dt/bootstrap/js/ie10-viewport-bug-workaround.js

54.238.172.83

200 OK

694 B

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/bootstrap/js/ie10-viewport-bug-workaround.js
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
694 B (694 bytes)
Hash
b5a0dd7ce1f7c1c6b80b5abe13308dd2
6cc4835430ac4ba8845fd02efdb5688166a5ed8a
ce01c41255d7e61cc44e865184559085737a98cf6911ef67f915692152b88852

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /risorse_dt/bootstrap/js/ie10-viewport-bug-workaround.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:48:00 GMT
Accept-Ranges: bytes
Content-Length: 694
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

b1.54-238-172-83.cprapid.com/risorse_dt/bootstrap/js/bootstrap.js

54.238.172.83

200 OK

69 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/bootstrap/js/bootstrap.js
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
69 kB (69214 bytes)
Hash
e3676b6eb90f0f6739c89d56a3efa245
83188f24cfbd8e33b69b23139202c0cf2f390063
31d80f65a2c078aa3ca5051504f29d8986df61f04bc998036527374eef1c286b

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /risorse_dt/bootstrap/js/bootstrap.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:47:58 GMT
Accept-Ranges: bytes
Content-Length: 69214
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/spaces.css

54.238.172.83

200 OK

30 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/spaces.css
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
30 kB (29954 bytes)
Hash
a0339ef2039b90034b16e341e508b5e8
dab67a84e5a8228a6f9ed90f05b8a7b983912b3c
9fb634a5bbfbee4fc2503595fa18a98142ca8cf0bb29984d065edfeef0006bdd

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt/condivise/stili/trasversali/spaces.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:08 GMT
Accept-Ranges: bytes
Content-Length: 29954
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/fonts.css

54.238.172.83

200 OK

4.5 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/fonts.css
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
4.5 kB (4511 bytes)
Hash
c26ff7c37210341d690599a8a2310737
3127758f8fcf89472099f6963b90464cbe3b01b9
f4e596fd7ef88f965cc4df8dd6895f65cbdb0d2f49e58bfc5c4832675318ddc0

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt/condivise/stili/trasversali/fonts.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Sun, 18 Jul 2021 13:10:22 GMT
Accept-Ranges: bytes
Content-Length: 4511
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/typography.css

54.238.172.83

200 OK

5.1 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/typography.css
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
assembler source, ASCII text
Size
5.1 kB (5123 bytes)
Hash
9bc1f2ccabef97230a29e52bb7d71e2e
c2cc92960a2674ffa0c8d32b2133e596b3613630
2a96cd832563fdde56f4c71a663dd68bd9202eeed6a4c2c525e3275e4e68be06

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt/condivise/stili/trasversali/typography.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:10 GMT
Accept-Ranges: bytes
Content-Length: 5123
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/extra.css

54.238.172.83

200 OK

5.0 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/extra.css
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
5.0 kB (4991 bytes)
Hash
6845e4602367a2454bf3a8aa15d014a6
841e011124cb8f568f3c2d8bfcb3013ea6f042fd
dc4a581b65b22475fbb99580954525d488986dc35b37b19310d30a0598a32fde

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt/condivise/stili/trasversali/extra.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:04 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:48:58 GMT
Accept-Ranges: bytes
Content-Length: 4991
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/alignment.css

54.238.172.83

200 OK

2.7 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/alignment.css
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
assembler source, ASCII text
Size
2.7 kB (2731 bytes)
Hash
2b774691bee7183287e841ed3287c1c1
bb03284b1ee77d718adee2286f8ce20e42f0e9c6
8d4821ff1de6348bb012672849a8205eb9833edde9b1e417f2fa5365261c08bf

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt/condivise/stili/trasversali/alignment.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:04 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:48:50 GMT
Accept-Ranges: bytes
Content-Length: 2731
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/megamenu-pi.js

54.238.172.83

200 OK

14 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/megamenu-pi.js
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text
Size
14 kB (14476 bytes)
Hash
250bfa1bdb9cc3ed6b8a48a5f2281784
092938daea2f1352513f18a21e27d4a9860bc31f
c5d5b2ba0288caa7178d3999dd5478ab6c9d2f6528ee421fa0af724cb8c94035

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /risorse_dt/condivise/javascript/megamenu-pi.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:04 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:38 GMT
Accept-Ranges: bytes
Content-Length: 14476
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base-element.css

54.238.172.83

200 OK

214 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base-element.css
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
214 kB (213450 bytes)
Hash
f938de6880813c3c7b2a30b28a6c0da8
19d93950a34345d83dfc8096214d6082c2d6706a
1f615511776a12840fb4cccea90ef49bc3c6bc0d430932bd6f219e82e13c025b

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt/condivise/stili/trasversali/base-element.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:04 GMT
Server: Apache
Last-Modified: Sun, 18 Jul 2021 13:01:52 GMT
Accept-Ranges: bytes
Content-Length: 213450
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js

23.38.200.237

200 OK

12 kB

URL HTTP/2
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (32717)
Size
12 kB (12384 bytes)
Hash
9edbefe8919a34cc9ec5343e49caf90d
9e8f2b92a35df8e01814e558d10248a928ea2504
c276e66ee697edfb8fbe70a13d6cb8498b21fb998d10d6faaf3999f34f5525cc

HTTP Headers

GET /extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 12384
expires: Thu, 08 Dec 2022 15:33:05 GMT
date: Thu, 08 Dec 2022 14:33:05 GMT
cache-control: no-cache
access-control-allow-origin: http://b1.54-238-172-83.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2

assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js

23.38.200.237

200 OK

1.6 kB

URL HTTP/2
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (3138)
Size
1.6 kB (1598 bytes)
Hash
dbb5211703cf7696d634360cc8874fa7
9231e7ebe8096b629c9ac522e41f8c2a8013db99
535a218392da01549f9fd640908f59c213e809c2db778c36094e3a84959106df

HTTP Headers

GET /extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1598
expires: Thu, 08 Dec 2022 15:33:05 GMT
date: Thu, 08 Dec 2022 14:33:05 GMT
cache-control: no-cache
access-control-allow-origin: http://b1.54-238-172-83.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2

b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/empty-profile.png

54.238.172.83

404 Not Found

315 B

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/empty-profile.png
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt_ext/icone/empty-profile.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/small-modal-ico-bp-pp.png

54.238.172.83

200 OK

13 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/small-modal-ico-bp-pp.png
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
PNG image data, 132 x 132, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12995 bytes)
Hash
22e37aed1a37a4d10a2c011e969a1337
05d054f563899fffd3ffd4f5cba486c5273d17d9
d4a66d846de1a39c49b3d03f1c4c4d21cd9f5436f362b7a72fd2eb773f6cfaca

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt_ext/icone/small-modal-ico-bp-pp.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Last-Modified: Tue, 21 Jul 2020 12:31:20 GMT
Accept-Ranges: bytes
Content-Length: 12995
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/ico-bp.png

54.238.172.83

200 OK

3.5 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/ico-bp.png
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
PNG image data, 45 x 44, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3511 bytes)
Hash
8d96bc9b08477815ed8655ced98af0ac
04b6fa972775456746a7cfeba72f3878cf904183
d7f9c88c4f19de13e5ef1040c08cd72970808301de221e2ea7acfc71bf802cc1

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt_ext/icone/ico-bp.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Last-Modified: Tue, 21 Jul 2020 12:31:12 GMT
Accept-Ranges: bytes
Content-Length: 3511
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png

54.238.172.83

404 Not Found

315 B

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

b1.54-238-172-83.cprapid.com/.jod-fcc/qrr.png

54.238.172.83

404 Not Found

315 B

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/.jod-fcc/qrr.png
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /.jod-fcc/qrr.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/ico-pp.png

54.238.172.83

200 OK

3.0 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/ico-pp.png
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
PNG image data, 45 x 44, 8-bit/color RGB, non-interlaced\012- data
Size
3.0 kB (2957 bytes)
Hash
b58f05ef3e25628af63aca1f633afef2
ed29c9437597aed2c13291305a262d03684d8910
068347897472440f46e706b2d61c77ec861e2facb34b567e2e2c851ae1bc4dea

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt_ext/icone/ico-pp.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Last-Modified: Tue, 21 Jul 2020 12:31:16 GMT
Accept-Ranges: bytes
Content-Length: 2957
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-polling/jdpolling.js

54.238.172.83

404 Not Found

315 B

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-polling/jdpolling.js
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /jod-fcc/resources/portal/js-polling/jdpolling.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

assets.adobedtm.com/4d622ce80bd2/66013fe91d66/6de93c1092bc/RCce78d2ba79364101b982bf481cca240c-source.min.js

23.38.200.237

200 OK

1.1 kB

URL HTTP/2
assets.adobedtm.com/4d622ce80bd2/66013fe91d66/6de93c1092bc/RCce78d2ba79364101b982bf481cca240c-source.min.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (3366)
Size
1.1 kB (1103 bytes)
Hash
098b6403c55675ec04c839dc51d1a248
ed277b7e4de2f9d48261cde8692dacf2d3a5e215
2d3d458db2ec2e72632654a5dfead492d07ebef0ed8e34ca3c01560fd8844b0c

HTTP Headers

GET /4d622ce80bd2/66013fe91d66/6de93c1092bc/RCce78d2ba79364101b982bf481cca240c-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "372bbd46f902d47edb073f81f931af4e:1670422307.780628"
last-modified: Wed, 07 Dec 2022 14:11:47 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1103
cache-control: max-age=3600
expires: Thu, 08 Dec 2022 15:33:05 GMT
date: Thu, 08 Dec 2022 14:33:05 GMT
access-control-allow-origin: http://b1.54-238-172-83.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2

assets.adobedtm.com/4d622ce80bd2/66013fe91d66/6de93c1092bc/RC0571d095fad64781ad9ad87fc8a7eda3-source.min.js

23.38.200.237

200 OK

1.2 kB

URL HTTP/2
assets.adobedtm.com/4d622ce80bd2/66013fe91d66/6de93c1092bc/RC0571d095fad64781ad9ad87fc8a7eda3-source.min.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (2795)
Size
1.2 kB (1210 bytes)
Hash
c3a2b0fabcac4486e78ce7b0eda24501
3279004718359ac8b0da9db206030e1a8ef4dc0a
02346a05f82af2895882a65f8d00bdaf5defdbdb3727ee61d142edc26cf3f83a

HTTP Headers

GET /4d622ce80bd2/66013fe91d66/6de93c1092bc/RC0571d095fad64781ad9ad87fc8a7eda3-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "372bbd46f902d47edb073f81f931af4e:1670422307.780628"
last-modified: Wed, 07 Dec 2022 14:11:47 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1210
cache-control: max-age=3600
expires: Thu, 08 Dec 2022 15:33:05 GMT
date: Thu, 08 Dec 2022 14:33:05 GMT
access-control-allow-origin: http://b1.54-238-172-83.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2

assets.adobedtm.com/4d622ce80bd2/66013fe91d66/6de93c1092bc/RCace12870bc974581b26b193857913875-source.min.js

23.38.200.237

200 OK

1.1 kB

URL HTTP/2
assets.adobedtm.com/4d622ce80bd2/66013fe91d66/6de93c1092bc/RCace12870bc974581b26b193857913875-source.min.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
HTML document, ASCII text, with very long lines (3225)
Size
1.1 kB (1072 bytes)
Hash
e9a24cdaa8c4f58aafc184dc12662897
4bdfddafb98bce9619c68e2308c07f04a34bfe46
61199b090ef23337435d241c48d5b8f29a0bda356337edf69ff1ab68d1b2e14e

HTTP Headers

GET /4d622ce80bd2/66013fe91d66/6de93c1092bc/RCace12870bc974581b26b193857913875-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "372bbd46f902d47edb073f81f931af4e:1670422307.780628"
last-modified: Wed, 07 Dec 2022 14:11:47 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1072
cache-control: max-age=3600
expires: Thu, 08 Dec 2022 15:33:05 GMT
date: Thu, 08 Dec 2022 14:33:05 GMT
access-control-allow-origin: http://b1.54-238-172-83.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/JNJj-Xek6-M

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/JNJj-Xek6-M
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0574554eeced9a54b5af9af033c7a085
0535f701d8d4823e26cf8d5d19859b5ec43d5fb8
29688d8cf321fca783808603849bfd935529be2ce66fb62b65b4aff6d6defe90

HTTP Headers

POST /s/gts1p5/JNJj-Xek6-M HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:33:05 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/empty-profile.png

54.238.172.83

404 Not Found

315 B

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/empty-profile.png
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt_ext/icone/empty-profile.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

b1.54-238-172-83.cprapid.com/.jod-fcc/qrr.png

54.238.172.83

404 Not Found

315 B

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/.jod-fcc/qrr.png
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /.jod-fcc/qrr.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png

54.238.172.83

404 Not Found

315 B

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/risorse_dt/condivise/immagini/icone/icone-default-on/ico-torna-indietro.png

54.238.172.83

404 Not Found

315 B

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/risorse_dt/condivise/immagini/icone/icone-default-on/ico-torna-indietro.png
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt/condivise/stili/trasversali/risorse_dt/condivise/immagini/icone/icone-default-on/ico-torna-indietro.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base-element.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/bg-qrcode.png

54.238.172.83

200 OK

5.3 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/bg-qrcode.png
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
PNG image data, 624 x 210, 8-bit/color RGBA, non-interlaced\012- data
Size
5.3 kB (5348 bytes)
Hash
4ed242012ee510aca41b30408eb02cc7
957fd32bcb5bc79b1f6e7795e2c6a6444dc462f0
bf6bcbcf84ff0f18c4110fa868c29ff14aef2458be49afd0ffe37e5f9cd74950

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt_ext/icone/bg-qrcode.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Last-Modified: Tue, 21 Jul 2020 12:31:04 GMT
Accept-Ranges: bytes
Content-Length: 5348
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png

b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/immagini/eye.png

54.238.172.83

200 OK

645 B

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/immagini/eye.png
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
PNG image data, 24 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
645 B (645 bytes)
Hash
5dfd11f759177ca66df6bfb649fa131c
8151b051d99d5988a9761adcc40089bfb20f5576
5931ba755c44c364f074f95a904536fb4076da4e44c811a1934c5fff735c39c4

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt/applicazioni/trasversali/immagini/eye.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:46:32 GMT
Accept-Ranges: bytes
Content-Length: 645
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
80c581cd6bb967abe1fe51827007d04a
f53f99352bdf80126b9703287ea70c91465445e6
3879dfa691b7c1214faab89d35ba9eb903bece733497b1180410fced5292fbed

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 12 Dec 2022 13:35:38 GMT
ETag: "f53f99352bdf80126b9703287ea70c91465445e6"
Last-Modified: Thu, 08 Dec 2022 13:35:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776636d3fcb8b50b-OSL

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Book/Texta-Book.woff

54.238.172.83

200 OK

32 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Book/Texta-Book.woff
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format, TrueType, length 32412, version 1.0\012- data
Size
32 kB (32412 bytes)
Hash
e49b4a99e99a162382c9135468cdff61
6fe7b52d7195d20e9d8ad05d4068dd87ddaeff76
0fa4aee030662ed700dc5cb2e13e52b85fb1254a195d9ab0a1a10d79e645c8f8

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /risorse_dt/condivise/fonts/texta/Texta-Book/Texta-Book.woff HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/fonts.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:53:54 GMT
Accept-Ranges: bytes
Content-Length: 32412
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/immagini/generiche/spinner_giallo.gif

54.238.172.83

200 OK

34 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/immagini/generiche/spinner_giallo.gif
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 150 x 150\012- data
Size
34 kB (33869 bytes)
Hash
442d51dab3205cf4c81de67e4bafdbda
52726f8f87116bd1fd03e9d99c0bb22afd168937
ea638c8244c7a5cc50e617807b1fc35637430f976e8210ef3d560a5eb059e5f5

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt/condivise/immagini/generiche/spinner_giallo.gif HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:06 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:50:40 GMT
Accept-Ranges: bytes
Content-Length: 33869
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/immagini/loghi/logo-poste-italiane.png

54.238.172.83

200 OK

7.3 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/immagini/loghi/logo-poste-italiane.png
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
PNG image data, 388 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
7.3 kB (7296 bytes)
Hash
5f334889f79c8a60aca123b6f0e77cd6
b24faf71ad0f3fdb6228e8c101190aafa12b9216
f73f55b1729c6267bf5137b3de7a4e3a842780a87d7a918e878ff63437bb6a87

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /risorse_dt/condivise/immagini/loghi/logo-poste-italiane.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:06 GMT
Server: Apache
Last-Modified: Fri, 11 Dec 2020 02:33:04 GMT
Accept-Ranges: bytes
Content-Length: 7296
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Light/Texta-Light.woff

54.238.172.83

200 OK

32 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Light/Texta-Light.woff
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format, TrueType, length 31976, version 1.0\012- data
Size
32 kB (31976 bytes)
Hash
dcdd69e7910e57b0adc381e0fcf93e3e
21fd668706b3cd97f1b5df0c61ac4b05ab0bdf29
e3e914fafd966522cc6e0db2355a72202ece3052e768b0e34d05bdc4d26bf489

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /risorse_dt/condivise/fonts/texta/Texta-Light/Texta-Light.woff HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/fonts.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:06 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:54:02 GMT
Accept-Ranges: bytes
Content-Length: 31976
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Regular/Texta-Regular.woff

54.238.172.83

200 OK

32 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Regular/Texta-Regular.woff
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format, TrueType, length 32376, version 1.0\012- data
Size
32 kB (32376 bytes)
Hash
8d611853ca1853f21ea4d768306f965e
b189a033f6a69180f2f705557021861ee89af975
4563e60af72ef8d0cc8b7c64716d81610d2f6595c7f76c8069b2015a89d623e2

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /risorse_dt/condivise/fonts/texta/Texta-Regular/Texta-Regular.woff HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/fonts.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:54:16 GMT
Accept-Ranges: bytes
Content-Length: 32376
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff

b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Medium/Texta-Medium.woff

54.238.172.83

200 OK

33 kB

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Medium/Texta-Medium.woff
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format, TrueType, length 32756, version 1.0\012- data
Size
33 kB (32756 bytes)
Hash
ddcb123ab58089ce07fa2d0e767decc4
b6bdcb18d6e6c3a28a40a041324001c794375c85
98a9f23066501d2b1676f72a2feb355caa114d4dffce7bae927083af92ccd6c9

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A
fortinet	Phishing

HTTP Headers

GET /risorse_dt/condivise/fonts/texta/Texta-Medium/Texta-Medium.woff HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/fonts.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:54:10 GMT
Accept-Ranges: bytes
Content-Length: 32756
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff

widget.poste.it/js/custom.js

62.241.5.94

200 OK

31 kB

URL HTTP/1.1
widget.poste.it/js/custom.js
IP
62.241.5.94:0
ASN
#15720 Poste Italiane S.p.A.

File type
HTML document, Unicode text, UTF-8 text, with very long lines (306)
Size
31 kB (30728 bytes)
Hash
e84988c180eec87621660bfd18da9af3
043326fe6385ac741d5c44f765dbe5bc9490d83d
05f5bac65a4da7b2658711f9ca44cfa9d17311287dad65f928c0922b4b8f16c2

HTTP Headers

GET /js/custom.js HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:06 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:05 GMT
ETag: "7808-5ee8af14ff540"
Accept-Ranges: bytes
Content-Length: 30728
Access-Control-Allow-Origin: 
Keep-Alive: timeout=278, max=54
Connection: Keep-Alive
Content-Type: application/javascript

posteitalianespa.sc.omtrdc.net/b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s67404672634570?AQB=1&ndh=1&pf=1&t=8%2F11%2F2022%2014%3A33%3A5%204%200&fid=6EBF899216286540-012E6139B2D1D69C&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b1.54-238-172-83.cprapid.com%2F&c2=b1.54-238-172-83.cprapid.com%2F&v2=b1.54-238-172-83.cprapid.com%2F&v32=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&v46=DEFAULT&v198=2022-12-07T14%3A10%3A18Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1

15.188.95.229

302 Found

0 B

URL HTTP/1.1
posteitalianespa.sc.omtrdc.net/b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s67404672634570?AQB=1&ndh=1&pf=1&t=8%2F11%2F2022%2014%3A33%3A5%204%200&fid=6EBF899216286540-012E6139B2D1D69C&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b1.54-238-172-83.cprapid.com%2F&c2=b1.54-238-172-83.cprapid.com%2F&v2=b1.54-238-172-83.cprapid.com%2F&v32=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&v46=DEFAULT&v198=2022-12-07T14%3A10%3A18Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
IP
15.188.95.229:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s67404672634570?AQB=1&ndh=1&pf=1&t=8%2F11%2F2022%2014%3A33%3A5%204%200&fid=6EBF899216286540-012E6139B2D1D69C&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b1.54-238-172-83.cprapid.com%2F&c2=b1.54-238-172-83.cprapid.com%2F&v2=b1.54-238-172-83.cprapid.com%2F&v32=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&v46=DEFAULT&v198=2022-12-07T14%3A10%3A18Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: posteitalianespa.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/

HTTP/1.1 302 Found
access-control-allow-origin: *
vary: Origin
date: Thu, 08 Dec 2022 14:33:06 GMT
content-type: text/plain;charset=utf-8
expires: Wed, 07 Dec 2022 14:33:06 GMT
last-modified: Fri, 09 Dec 2022 14:33:06 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi_oplkzx7Eoo1pizmx7Ess1oplkz1vkx7Esvx7Eqz=[CS]v4|0-0|6391F5A2[CE]; Path=/; Domain=omtrdc.net; Max-Age=63072000; Expires=Sat, 07 Dec 2024 14:33:33 GMT; SameSite=None;
location: http://posteitalianespa.sc.omtrdc.net/b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s67404672634570?AQB=1&pccr=true&ndh=1&pf=1&t=8%2F11%2F2022%2014%3A33%3A5%204%200&fid=6EBF899216286540-012E6139B2D1D69C&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b1.54-238-172-83.cprapid.com%2F&c2=b1.54-238-172-83.cprapid.com%2F&v2=b1.54-238-172-83.cprapid.com%2F&v32=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&v46=DEFAULT&v198=2022-12-07T14%3A10%3A18Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
content-length: 0
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

posteitalianespa.sc.omtrdc.net/b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s67404672634570?AQB=1&pccr=true&ndh=1&pf=1&t=8%2F11%2F2022%2014%3A33%3A5%204%200&fid=6EBF899216286540-012E6139B2D1D69C&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b1.54-238-172-83.cprapid.com%2F&c2=b1.54-238-172-83.cprapid.com%2F&v2=b1.54-238-172-83.cprapid.com%2F&v32=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&v46=DEFAULT&v198=2022-12-07T14%3A10%3A18Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1

15.188.95.229

200 OK

43 B

URL HTTP/1.1
posteitalianespa.sc.omtrdc.net/b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s67404672634570?AQB=1&pccr=true&ndh=1&pf=1&t=8%2F11%2F2022%2014%3A33%3A5%204%200&fid=6EBF899216286540-012E6139B2D1D69C&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b1.54-238-172-83.cprapid.com%2F&c2=b1.54-238-172-83.cprapid.com%2F&v2=b1.54-238-172-83.cprapid.com%2F&v32=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&v46=DEFAULT&v198=2022-12-07T14%3A10%3A18Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
IP
15.188.95.229:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 2 x 2\012- data
Size
43 B (43 bytes)
Hash
ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

HTTP Headers

GET /b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s67404672634570?AQB=1&pccr=true&ndh=1&pf=1&t=8%2F11%2F2022%2014%3A33%3A5%204%200&fid=6EBF899216286540-012E6139B2D1D69C&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b1.54-238-172-83.cprapid.com%2F&c2=b1.54-238-172-83.cprapid.com%2F&v2=b1.54-238-172-83.cprapid.com%2F&v32=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&v46=DEFAULT&v198=2022-12-07T14%3A10%3A18Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: posteitalianespa.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://b1.54-238-172-83.cprapid.com/
Connection: keep-alive

HTTP/1.1 200 OK
access-control-allow-origin: *
date: Thu, 08 Dec 2022 14:33:06 GMT
expires: Wed, 07 Dec 2022 14:33:06 GMT
last-modified: Fri, 09 Dec 2022 14:33:06 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi_oplkzx7Eoo1pizmx7Ess1oplkz1vkx7Esvx7Eqz=[CS]v4|6EBF899216286540-12E6139B2D1D69C|0[CE]; Path=/; Domain=omtrdc.net; Max-Age=63072000; Expires=Sat, 07 Dec 2024 14:33:33 GMT; SameSite=None;
etag: 3587392878875017216-4619726265136862440
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

widget.poste.it/json/widgetLabels.json

62.241.5.94

200 OK

7.1 kB

URL HTTP/1.1
widget.poste.it/json/widgetLabels.json
IP
62.241.5.94:0
ASN
#15720 Poste Italiane S.p.A.

File type
JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Size
7.1 kB (7125 bytes)
Hash
f6bcc872c62240d4339b14acdb952341
2a14c8c5c5513ba23351a67ae1a6f23f95626a23
5dee78278049e1a73e771b2ea7b4d3cbf89f71a2e6c535e07e45ff392cb89fa4

HTTP Headers

POST /json/widgetLabels.json HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://b1.54-238-172-83.cprapid.com
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:06 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "1bd5-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 7125
Access-Control-Allow-Origin: http://b1.54-238-172-83.cprapid.com
Keep-Alive: timeout=278, max=30
Connection: Keep-Alive
Content-Type: application/json

b1.54-238-172-83.cprapid.com/favicon.ico

54.238.172.83

404 Not Found

315 B

URL HTTP/1.1
b1.54-238-172-83.cprapid.com/favicon.ico
IP
54.238.172.83:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
openphish	Poste Italiane S.p.A

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a; s_fid=6EBF899216286540-012E6139B2D1D69C; s_cc=true

HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:06 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
6843a440973513608762559abd15fa3c
eb957b6b49adfe3db485cc714d506b630a01903a
70cdcf6f80d32a1f105fc1bd33cf5419f9e7d1368fa5d5703b86e65de417d23c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 21:46:11 GMT
Expires: Wed, 14 Dec 2022 21:46:10 GMT
Etag: "eb957b6b49adfe3db485cc714d506b630a01903a"
Cache-Control: max-age=543783,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776636d9aae51c06-OSL

api.ipify.org/

54.91.59.199

200 OK

12 B

URL HTTP/1.1
api.ipify.org/
IP
54.91.59.199:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d

HTTP Headers

GET / HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://b1.54-238-172-83.cprapid.com
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: http://b1.54-238-172-83.cprapid.com
Content-Type: text/plain
Vary: Origin
Date: Thu, 08 Dec 2022 14:33:07 GMT
Content-Length: 12
Via: 1.1 vegur

widget.poste.it/fonts/Texta-Black.woff

62.241.5.94

200 OK

33 kB

URL HTTP/1.1
widget.poste.it/fonts/Texta-Black.woff
IP
62.241.5.94:0
ASN
#15720 Poste Italiane S.p.A.

File type
Web Open Font Format, TrueType, length 33140, version 1.0\012- data
Size
33 kB (33140 bytes)
Hash
bb38c2004fb8284b41ab208428f57e57
eede479ce3535e6dd33934e677de0b7224ce31c4
3d4a9402bef6028217f3f4279e7f6c4bb9af9bfce7786eac52d3a5d0065a27af

HTTP Headers

POST /fonts/Texta-Black.woff HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://b1.54-238-172-83.cprapid.com
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:07 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "8174-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 33140
Access-Control-Allow-Origin: http://b1.54-238-172-83.cprapid.com
Keep-Alive: timeout=278, max=26
Connection: Keep-Alive
Content-Type: application/font-woff

widget.poste.it/fonts/Texta-LightItalic.woff

62.241.5.94

200 OK

32 kB

URL HTTP/1.1
widget.poste.it/fonts/Texta-LightItalic.woff
IP
62.241.5.94:0
ASN
#15720 Poste Italiane S.p.A.

File type
Web Open Font Format, TrueType, length 32084, version 1.0\012- data
Size
32 kB (32084 bytes)
Hash
50ff911beaeaea06a186cbe72898ea42
610aa069b2987d6fbbf46c456f177ced1aa49a57
91509bd0e2ed20655b4cbbf585f5587a1a1cc282291dd56d7821881699757971

HTTP Headers

POST /fonts/Texta-LightItalic.woff HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://b1.54-238-172-83.cprapid.com
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:07 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "7d54-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 32084
Access-Control-Allow-Origin: http://b1.54-238-172-83.cprapid.com
Keep-Alive: timeout=278, max=24
Connection: Keep-Alive
Content-Type: application/font-woff

widget.poste.it/fonts/Texta-Regular.woff

62.241.5.94

200 OK

32 kB

URL HTTP/1.1
widget.poste.it/fonts/Texta-Regular.woff
IP
62.241.5.94:0
ASN
#15720 Poste Italiane S.p.A.

File type
Web Open Font Format, TrueType, length 32376, version 1.0\012- data
Size
32 kB (32376 bytes)
Hash
8d611853ca1853f21ea4d768306f965e
b189a033f6a69180f2f705557021861ee89af975
4563e60af72ef8d0cc8b7c64716d81610d2f6595c7f76c8069b2015a89d623e2

HTTP Headers

POST /fonts/Texta-Regular.woff HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://b1.54-238-172-83.cprapid.com
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:07 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "7e78-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 32376
Access-Control-Allow-Origin: http://b1.54-238-172-83.cprapid.com
Keep-Alive: timeout=278, max=87
Connection: Keep-Alive
Content-Type: application/font-woff

t.dtscout.com/i/?l=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&j=

141.101.120.11

200 OK

1.2 kB

URL HTTP/2
t.dtscout.com/i/?l=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&j=
IP
141.101.120.11:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2077)
Size
1.2 kB (1172 bytes)
Hash
d1e1b961609e5292ec3fa5d5480133a4
fb17d4bccd62c6564c147df2f030ed8699600798
483bc4354d594749d59c03ba1ff93d61ec76ce97fd36ea679bb381c36a07e679

HTTP Headers

GET /i/?l=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Dec 2022 14:33:06 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=1; Domain=dtscout.com; Expires=Thu, 08-Dec-2022 15:56:26 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Thu, 08-Dec-2022 18:33:06 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1670509986; Domain=dtscout.com; Expires=Sat, 18-Mar-2023 14:33:06 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 4.702
expires: Thu, 08 Dec 2022 14:33:05 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCbbad8e1CYsyfViqhOA17isMqUNL4J%2BFo6ruQOWLpWKiSOh%2FRPEJmF68G8cvBP0juQs2h37SsQnW8vOR6ZzQ%2Bo4671FYaL4HuVbRWCQgt4inLD8mMxUm4IPesnfuSg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776636d37a7d0a41-ARN
content-encoding: br
X-Firefox-Spdy: h2

widget.poste.it/css/chat_custom.css

62.241.5.94

200 OK

1.8 kB

URL HTTP/1.1
widget.poste.it/css/chat_custom.css
IP
62.241.5.94:0
ASN
#15720 Poste Italiane S.p.A.

File type
ASCII text, with CRLF line terminators
Size
1.8 kB (1813 bytes)
Hash
b5630f2b6ef609755051582891d6f95f
ff9df70fc8ca0653c0fade1e7e062813785d5cec
0c4b8459c2b949886ae64971a9d3f2555b680dd1c1fa36a0b42dbca2a21bd053

HTTP Headers

GET /css/chat_custom.css HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:07 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:03 GMT
ETag: "715-5ee8af13170c0"
Accept-Ranges: bytes
Content-Length: 1813
Access-Control-Allow-Origin: 
Keep-Alive: timeout=278, max=20
Connection: Keep-Alive
Content-Type: text/css

widget.poste.it/css/chat_common.css

62.241.5.94

200 OK

12 kB

URL HTTP/1.1
widget.poste.it/css/chat_common.css
IP
62.241.5.94:0
ASN
#15720 Poste Italiane S.p.A.

File type
ASCII text, with CRLF line terminators
Size
12 kB (11516 bytes)
Hash
76f9060cb105221022b473277418b467
e2bfcc835a6c8bcf4ceb9e1da7b731591cf6b723
b6343a0f5e0b6b1955a69ca6fb1ef749bbeb18c633e08cff39689d773a0fa53f

HTTP Headers

GET /css/chat_common.css HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:07 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "2cfc-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 11516
Access-Control-Allow-Origin: 
Keep-Alive: timeout=278, max=86
Connection: Keep-Alive
Content-Type: text/css

widget.poste.it/css/widgets.min.css

62.241.5.94

200 OK

118 kB

URL HTTP/1.1
widget.poste.it/css/widgets.min.css
IP
62.241.5.94:0
ASN
#15720 Poste Italiane S.p.A.

File type
ASCII text, with very long lines (64898), with CRLF line terminators
Size
118 kB (118490 bytes)
Hash
8a02a55585ef2630988a32645ce68be2
00d11de0e5150cf3d35629f2bc52af00bfce4ee0
f0cf34169482d5d1aa31c2910fea9ad33979b7bf52a1202ab83d3de29843d8a3

HTTP Headers

GET /css/widgets.min.css HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:07 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "1ceda-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 118490
Access-Control-Allow-Origin: 
Keep-Alive: timeout=278, max=19
Connection: Keep-Alive
Content-Type: text/css

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
041ee7bbd80e836023d3c1109d2979de
0bbaad731238f365695a432792b4c6b6199a830c
fcc16dfe49146995d9828166eb169a90664dedee131e3f01c2576a8160ea908d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 23:33:45 GMT
Expires: Wed, 14 Dec 2022 23:33:44 GMT
Etag: "0bbaad731238f365695a432792b4c6b6199a830c"
Cache-Control: max-age=550235,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776636e0f9a01c06-OSL

widget.poste.it/js/lib/widgets.min.js

62.241.5.94

200 OK

839 kB

URL HTTP/1.1
widget.poste.it/js/lib/widgets.min.js
IP
62.241.5.94:0
ASN
#15720 Poste Italiane S.p.A.

File type
ASCII text, with very long lines (64898), with CRLF line terminators
Size
839 kB (839332 bytes)
Hash
82374b6c20855319bda55472e83e82b4
9067439be48ff638c5ff5ef790ce12bc08b21414
18fc4c844d845b1c289d1d1d324ff6e7abf51785619c9a60d9e245b2100c256a

HTTP Headers

GET /js/lib/widgets.min.js HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:07 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "ccea4-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 839332
Access-Control-Allow-Origin: 
Keep-Alive: timeout=278, max=17
Connection: Keep-Alive
Content-Type: application/javascript

widget.poste.it/img/button_openChat.png

62.241.5.94

200 OK

20 kB

URL HTTP/1.1
widget.poste.it/img/button_openChat.png
IP
62.241.5.94:0
ASN
#15720 Poste Italiane S.p.A.

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (20107 bytes)
Hash
7305cd2f12691ddda291fb1b21bd4347
5b3f944fc435c3ad74f138942aaf50ff159cbee0
25fbb9e5014408868cbd5d87ac48192ddddcb3b32ca3cdfb8e3efa0ebba2e251

HTTP Headers

GET /img/button_openChat.png HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.poste.it/css/chat_custom.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:08 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "4e8b-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 20107
Access-Control-Allow-Origin: 
Keep-Alive: timeout=278, max=82
Connection: Keep-Alive
Content-Type: image/png

widget.poste.it/fonts/Texta-Regular.woff

62.241.5.94

200 OK

32 kB

URL HTTP/1.1
widget.poste.it/fonts/Texta-Regular.woff
IP
62.241.5.94:0
ASN
#15720 Poste Italiane S.p.A.

File type
Web Open Font Format, TrueType, length 32376, version 1.0\012- data
Size
32 kB (32376 bytes)
Hash
8d611853ca1853f21ea4d768306f965e
b189a033f6a69180f2f705557021861ee89af975
4563e60af72ef8d0cc8b7c64716d81610d2f6595c7f76c8069b2015a89d623e2

HTTP Headers

GET /fonts/Texta-Regular.woff HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://b1.54-238-172-83.cprapid.com
Connection: keep-alive
Referer: https://widget.poste.it/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:08 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "7e78-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 32376
Access-Control-Allow-Origin: http://b1.54-238-172-83.cprapid.com
Keep-Alive: timeout=278, max=12
Connection: Keep-Alive
Content-Type: application/font-woff

ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0&t=Accedi%20o%20Registrati

67.202.105.32

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0&t=Accedi%20o%20Registrati
IP
67.202.105.32:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0&t=Accedi%20o%20Registrati HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 08 Dec 2022 14:33:08 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0&t=Accedi%20o%20Registrati

67.202.105.32

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0&t=Accedi%20o%20Registrati
IP
67.202.105.32:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0&t=Accedi%20o%20Registrati HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 08 Dec 2022 14:33:08 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

de.tynt.com/deb/v2?id=w!ur8gie9n2u&dn=TC&cc=1&r=

67.202.105.32

200 OK

4 B

URL HTTP/2
de.tynt.com/deb/v2?id=w!ur8gie9n2u&dn=TC&cc=1&r=
IP
67.202.105.32:0
ASN
#32748 STEADFAST

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

HTTP Headers

GET /deb/v2?id=w!ur8gie9n2u&dn=TC&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=86400
expires: Fri, 09 Dec 2022 14:33:08 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Thu, 08 Dec 2022 14:33:08 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0&t=Accedi%20o%20Registrati

67.202.105.32

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0&t=Accedi%20o%20Registrati
IP
67.202.105.32:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0&t=Accedi%20o%20Registrati HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 08 Dec 2022 14:33:08 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0

67.202.105.32

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0
IP
67.202.105.32:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 08 Dec 2022 14:33:08 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0

67.202.105.32

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0
IP
67.202.105.32:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 08 Dec 2022 14:33:09 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0

67.202.105.32

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0
IP
67.202.105.32:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 08 Dec 2022 14:33:09 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0

67.202.105.32

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0
IP
67.202.105.32:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 08 Dec 2022 14:33:09 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

cdn.tynt.com/tc.js

172.64.151.83

200 OK

0 B

URL HTTP/2
cdn.tynt.com/tc.js
IP
172.64.151.83:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Dec 2022 14:33:08 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:29 GMT
vary: Accept-Encoding
etag: W/"62d96959-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 169624
expires: Sun, 11 Dec 2022 14:33:08 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 776636e28d5d1c12-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (49)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations