r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16837
Expires: Thu, 08 Dec 2022 19:13:37 GMT
Date: Thu, 08 Dec 2022 14:33:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3503
Expires: Thu, 08 Dec 2022 15:31:23 GMT
Date: Thu, 08 Dec 2022 14:33:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4180
Expires: Thu, 08 Dec 2022 15:42:40 GMT
Date: Thu, 08 Dec 2022 14:33:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 14:08:13 GMT
content-type: application/json
age: 1487
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: obgkVwKx49c4Tw+gs17Dq+fM3/YEFF3UWRfLxep6Lr6ERCZblWdseu0NKhEe6e9jmdbDqYlk/OM=
x-amz-request-id: WVYGRGFGQD6MTB9Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 13:47:56 GMT
age: 2704
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 14:33:00 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 14:07:58 GMT
age: 1502
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1840
Cache-Control: max-age=155071
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:33:01 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 09:37:32 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.13.173.34101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.173.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MlMEOv39kfl1cwpdsOtWxw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 29oRybv7oZH9YIKUV4JVIXI9x7k=
assets.adobedtm.com/launch-EN592261e36dc14b10a9936e854a4b30db.min.js
23.38.200.237200 OK 70 kB URL HTTP/2 assets.adobedtm.com/launch-EN592261e36dc14b10a9936e854a4b30db.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32715)
Hash 90d68cc6ff01ebc2d7aafe6cdd835441
ae0533cab4a8a742f8708dbf658e377f350637a2
12911addf568eef0e482edb529414db1e74c202c97f0656d6aa5212ebe00365a
GET /launch-EN592261e36dc14b10a9936e854a4b30db.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "6148b6cd417bc890b625627a4c69c173:1670422306.891072"
last-modified: Wed, 07 Dec 2022 14:11:46 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 69487
cache-control: max-age=3600
expires: Thu, 08 Dec 2022 15:33:01 GMT
date: Thu, 08 Dec 2022 14:33:01 GMT
access-control-allow-origin: http://b1.54-238-172-83.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2
b1.54-238-172-83.cprapid.com/
54.238.172.83200 OK 29 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/
IP 54.238.172.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash e5a0d84bfe06ceae824fcaac7e87d3e7
24ea14ed8eec8da6d521fd4bd5ae3e1c7ea8b191
ab920cb0aa918222337d3a5c000c19d37cb5fee90c57863f6c95332f2f98220d
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET / HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:00 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
waust.at/d.js
104.26.4.7200 OK 7.6 kB IP 104.26.4.7:0
File type ASCII text, with very long lines (14706), with no line terminators
Hash e23c073a2e43c9ae75c8f1663778db21
c04fe83eb4953920b1fe567f54e44e5ca5a15777
9c896e04f689d594d35c2d0319598ccbf9e618296bdd63e5d4063a7702d0230b
GET /d.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:01 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 01 Dec 2022 21:21:07 GMT
etag: W/"63891ac3-3972"
expires: Fri, 09 Dec 2022 14:27:09 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
CF-Cache-Status: HIT
Age: 352
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=789SyZoe6SKz89mQ4c%2Bhspdn0iprF6tkoExa3bKYwxyAEK%2BwoWj1FiidbmtmM4cIbdbtPaTzZFSA41i6S1jPPV%2BLBXt6JFYF2sYCuFOinMiwZUXysBif%2F5Pu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776636b9dbfa1bfa-OSL
alt-svc: h2=":443"; ma=60
www.poste.it/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-small.png
13.107.246.53200 OK 4.0 kB URL HTTP/2 www.poste.it/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-small.png
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 158 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash 342591a0ea31e0fbe1e856d20e2c60dc
622e857e83951258f5ac71c4e51a8af9fc8df257
72464ecfdcec15e6f0e76157f45936021dc706b262b6d3ab7115ee92d47d73cc
GET /risorse_dt/condivise/immagini/loghi/logo-poste-italiane-small.png HTTP/1.1
Host: www.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600,public
pragma: public
content-length: 3981
content-type: image/png
expires: Thu, 08 Dec 2022 15:33:01 GMT
last-modified: Tue, 12 Jul 2022 08:10:12 GMT
accept-ranges: bytes
etag: "62cd2c64-f8d"
x-cache: CONFIG_NOCACHE
x-azure-ref: 0nfWRYwAAAACCzyeqecbVQpmcDmv7mn9qU1ZHMjBFREdFMDUwOABiZWE0YWQ2MS1kNWI2LTRmYmYtOWYyMC04NzJlNzI1N2U1NmE=
date: Thu, 08 Dec 2022 14:33:01 GMT
X-Firefox-Spdy: h2
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/start-script.js
54.238.172.83200 OK 23 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/start-script.js
IP 54.238.172.83:0
File type Unicode text, UTF-8 text, with very long lines (306)
Hash ed56f6a18269e8a0626db5de25f3f657
c850fa6c06893edb1926db33bf7d13971f6e2ad5
4d43fc9cc16f5907f1a85777ae1e40d4e520a10302c424c505325723b64ea160
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /risorse_dt/condivise/javascript/start-script.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:01 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:46 GMT
Accept-Ranges: bytes
Content-Length: 22866
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.poste.it/bowser.js
13.107.246.53200 OK 17 kB IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 971b649748eb819a7f4c8cdc4805376c
f520540daa055e999dd6599e6e7e9f977899a8f6
61e2728bce5b153ccca7fd7ffe0a98a29dbfb0218300a39dd0cf0535635683f2
GET /bowser.js HTTP/1.1
Host: www.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600,public
pragma: public
content-length: 16647
content-type: application/javascript
expires: Thu, 08 Dec 2022 15:33:01 GMT
last-modified: Wed, 20 Oct 2021 13:58:32 GMT
accept-ranges: bytes
etag: "61702088-4107"
x-cache: CONFIG_NOCACHE
x-azure-ref: 0nfWRYwAAAACXDiSnfzW3RYFLB8ITwPFTU1ZHMjBFREdFMDUwOABiZWE0YWQ2MS1kNWI2LTRmYmYtOWYyMC04NzJlNzI1N2U1NmE=
date: Thu, 08 Dec 2022 14:33:01 GMT
X-Firefox-Spdy: h2
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/retina.css
54.238.172.83200 OK 115 B URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/retina.css
IP 54.238.172.83:0
Hash ee5d2b27eb8a486f46909f007cd2c3bc
f1b58d02621607b7cbe1c775a5c04572fd2859ce
63ae9fac5779ea8db4b2bf9adebfb54f5651b105e4a935b3f4c42308e3ab8557
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt/condivise/stili/trasversali/retina.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:02 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 23:21:36 GMT
Accept-Ranges: bytes
Content-Length: 115
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/utilita.js
54.238.172.83200 OK 14 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/utilita.js
IP 54.238.172.83:0
File type ASCII text, with very long lines (534)
Hash 15e270138da3a46ed6a82f192fa0cf5c
86f7a03b47e1d63a8b5aecdb15be546aa7ec057a
ca9c7a3760bf9bf10d8386938fdce15b4327a4158bd836a446c2d4af3aa2d88d
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /risorse_dt/condivise/javascript/utilita.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:02 GMT
Server: Apache
Last-Modified: Sun, 18 Jul 2021 13:26:04 GMT
Accept-Ranges: bytes
Content-Length: 13994
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/megamenu-pi.css
54.238.172.83200 OK 26 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/megamenu-pi.css
IP 54.238.172.83:0
Hash 91a45dd5d6409bb0a5db3104a2f6c543
933b6e5b6acac709ff1e36d52135bf819df48507
89c0e53575ae03072f5b2a9d587c1611bad7a22090382318c391756dcf6e812c
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt/condivise/stili/trasversali/megamenu-pi.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:01 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:02 GMT
Accept-Ranges: bytes
Content-Length: 26357
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/poste-it.js
54.238.172.83200 OK 5.6 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/poste-it.js
IP 54.238.172.83:0
File type ASCII text, with very long lines (326)
Hash 11ed8d787ab28bb7faad321627cbf050
a82e0d6e34c4c166a1d0eb05907cbca2db830886
ee466faaa33a9e0c8786659f3a54c09fb056815dac6059867937a31797fa7929
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /risorse_dt/condivise/javascript/poste-it.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:02 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:40 GMT
Accept-Ranges: bytes
Content-Length: 5588
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/scroll-pi.js
54.238.172.83200 OK 7.5 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/scroll-pi.js
IP 54.238.172.83:0
Hash 1019dc04b5f21a58f899ef6a5c0391d3
b39e7c8581a6b06a46911b64dbd1e81472971b62
e40c7597c5edee3bddede5398bfa7a3a25acd5e081138da68da133eb4ea8b822
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /risorse_dt/condivise/javascript/scroll-pi.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:02 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:42 GMT
Accept-Ranges: bytes
Content-Length: 7538
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4196
Expires: Thu, 08 Dec 2022 15:42:58 GMT
Date: Thu, 08 Dec 2022 14:33:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4196
Expires: Thu, 08 Dec 2022 15:42:58 GMT
Date: Thu, 08 Dec 2022 14:33:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4196
Expires: Thu, 08 Dec 2022 15:42:58 GMT
Date: Thu, 08 Dec 2022 14:33:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4196
Expires: Thu, 08 Dec 2022 15:42:58 GMT
Date: Thu, 08 Dec 2022 14:33:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:33:19 GMT
age: 53983
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c408efaa98ac2ce63bb1618368d10c15
a51bbb49ebd862d04eaee465d0a35b22dcd21391
077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FsbiyZG0110CEANduIIWuLcxFOxfrV0YPvOSy-ScXFIX1qM6qaOdCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:21:22 GMT
age: 58300
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d0219e6bee2a28f003f396f872eecf0
b3d22d146c6094cb539de40a72b9c5a140802ee5
41c1b037e8e654c19f36b74cceccd1fc841cc9fb7de39ac552ab5089dc3e82db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7609
x-amzn-requestid: 02299a39-6804-49ae-b415-313b6e06b2ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfj24G39oAMF25Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63894cf8-5f578e3f211063bd125b645a;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 00:55:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EmQGdW6eDQGTNSY5o0bGb7rS5i9FBeV29pEQMPui8P9XOpgZHW8leA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:58:23 GMT
age: 59679
etag: "b3d22d146c6094cb539de40a72b9c5a140802ee5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d89b69ba37bf23c5d576aff4063caf
3d46a21b4da571d7e4962e335c18a28ca5f81ecf
09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QSv756DvAzOQnKae5wVg75wrQS6oDGPkfIZka86FNQ2vizBnZ7sIDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:12:45 GMT
age: 55217
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: etWGqF-8tXSwaeZVTPK4g9CV5ZbdYv5ZDjF5Yx2PSNnTsreewpbhdA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 08:48:08 GMT
age: 20694
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c94003641bb5a7595e7004f80f95d22
3446450df60d732f9021d5bfd5f5f7c6c870d9ec
4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:16:35 GMT
age: 54987
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
b1.54-238-172-83.cprapid.com/risorse_dt/bootstrap/css/bootstrap.min.css
54.238.172.83200 OK 122 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/bootstrap/css/bootstrap.min.css
IP 54.238.172.83:0
File type ASCII text, with very long lines (64985)
Size 122 kB (122291 bytes)
Hash 6181a38a601eb664522623bae7db95c9
9671b5fc92e27a915769b59bc60bf26fde343d7e
8b922a249c9f81562d99eee24407bf38c7feac74a10dfe712292c0b032144dfa
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:01 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:47:50 GMT
Accept-Ranges: bytes
Content-Length: 122291
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.hc-sticky.min.js
54.238.172.83200 OK 8.9 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.hc-sticky.min.js
IP 54.238.172.83:0
File type exported SGML document, ASCII text, with very long lines (8423)
Hash 0cef027039bf8251fa53f22336981780
02f550f2117d54683191a964e0b54f3c253bb1b3
ce237a2bc80dd06901d9d66d3d6fd1a634157389d2daeabb377caab879ce3a02
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /risorse_dt/condivise/javascript/jquery.hc-sticky.min.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:02 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:32 GMT
Accept-Ranges: bytes
Content-Length: 8885
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.mobile.custom.min.js
54.238.172.83200 OK 7.8 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.mobile.custom.min.js
IP 54.238.172.83:0
File type ASCII text, with very long lines (7687)
Hash 74ee4c679b03074b55a1da9bbbe29cf5
745701d8ab39733f989313a5747c54cf3248eb5b
5c2f6c5d5cd0fe0ecfa24b844f841c8a73d8baaafb827ec413afa41335aa1c47
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /risorse_dt/condivise/javascript/jquery.mobile.custom.min.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:02 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:36 GMT
Accept-Ranges: bytes
Content-Length: 7784
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/slick.min.js
54.238.172.83200 OK 42 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/slick.min.js
IP 54.238.172.83:0
File type ASCII text, with very long lines (32076)
Hash 14c2e83236ae603c42164f30103634c6
1b2bad348d7fb92022c2218882242ee6223b46b6
6fa18ab0db86897ea250d65eda6233b1533fdf7f94c9d44a6af2ee16af8242ab
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /risorse_dt/condivise/javascript/slick.min.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:02 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:44 GMT
Accept-Ranges: bytes
Content-Length: 41953
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/javascript/custom-form-element.js
54.238.172.83200 OK 6.8 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/javascript/custom-form-element.js
IP 54.238.172.83:0
File type ASCII text, with very long lines (338)
Hash 0db4764d4e4e66899267d79703fe99ce
816c19ddfe3088858714d0ba55a646f5df09321a
aa3b054914a360287080d0bf7946f5fc59aab7ed99e2299ba2fc94c16f29f075
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /risorse_dt/applicazioni/trasversali/javascript/custom-form-element.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:02 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:46:48 GMT
Accept-Ranges: bytes
Content-Length: 6831
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/javascript/utilita-app.js
54.238.172.83200 OK 3.0 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/javascript/utilita-app.js
IP 54.238.172.83:0
Hash 9aa07ea97efef38c156c5065ec6b040e
3d25ced0d2bbac415a0f583f54bc270b7b051a45
9bdd42402354335825af6f1b45bb83f645c16199d4bc7ee5f428efb3dbfef811
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /risorse_dt/applicazioni/trasversali/javascript/utilita-app.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:46:52 GMT
Accept-Ranges: bytes
Content-Length: 2983
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
b1.54-238-172-83.cprapid.com/jod-fcc/posteID/x-jod-poste-id.js
54.238.172.83200 OK 3.8 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/jod-fcc/posteID/x-jod-poste-id.js
IP 54.238.172.83:0
File type ASCII text, with CRLF line terminators
Hash fec7eb85618cb63c3fb5b3efee61d2b2
9c120ed394fa9ddf75062361fc00c073d3ace5aa
12359170db0ece19b214a4f15092e82199ca7b179bc8ef4ffa722918f4623b46
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /jod-fcc/posteID/x-jod-poste-id.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:43:24 GMT
Accept-Ranges: bytes
Content-Length: 3812
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/hashtable.js
54.238.172.83200 OK 14 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/hashtable.js
IP 54.238.172.83:0
File type ASCII text, with CRLF line terminators
Hash f47c9a2aad50eddc384597280522f86a
73500eb3a7b9c96d0b6f075bc7a742dfe014a2a1
138143108101149f64bcda5fe38cdd2f3f2139cc957b45949e71fac33ea94482
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /jod-fcc/resources/portal/js-rsa-2/hashtable.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:44:12 GMT
Accept-Ranges: bytes
Content-Length: 14081
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/stili/custom-form-element.css
54.238.172.83200 OK 18 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/stili/custom-form-element.css
IP 54.238.172.83:0
File type ASCII text, with very long lines (376)
Hash eb65c2ea5d0082591243aee8425d4eff
a5adf6ce96c015f865a93d54b930cdfd5c6c669a
2213c377877c722511173afad5794c4ca2fce629c79d26a4df200fc4ab3f06f3
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt/applicazioni/trasversali/stili/custom-form-element.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:47:00 GMT
Accept-Ranges: bytes
Content-Length: 18280
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/rsa.js
54.238.172.83200 OK 39 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/rsa.js
IP 54.238.172.83:0
File type ASCII text, with very long lines (2059), with CRLF line terminators
Hash 5791e2f173300646df45d5698867dc27
b28280fcfccd6891e88d912834062ee18e9f7333
a8e90848cdc80b7134da128a50574ec9f913f947ce72a769d392177eb8647377
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /jod-fcc/resources/portal/js-rsa-2/rsa.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:44:20 GMT
Accept-Ranges: bytes
Content-Length: 39372
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/pbase-css-poste.js
54.238.172.83200 OK 2.9 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-rsa-2/pbase-css-poste.js
IP 54.238.172.83:0
File type ASCII text, with very long lines (597), with CRLF line terminators
Hash 03aea05809bf32353408cb78cdf40f08
5bfe199b18c64b584d8bc98308c769c8e32b331a
9b8d058f857c6ca7f7d4c0ef2e800c6884d6a89bb52cb294774505d1d3c7283b
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /jod-fcc/resources/portal/js-rsa-2/pbase-css-poste.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:44:16 GMT
Accept-Ranges: bytes
Content-Length: 2915
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-polling/jdpolling.js
54.238.172.83404 Not Found 315 B URL HTTP/1.1 b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-polling/jdpolling.js
IP 54.238.172.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /jod-fcc/resources/portal/js-polling/jdpolling.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/owl.carousel.css
54.238.172.83200 OK 4.6 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/owl.carousel.css
IP 54.238.172.83:0
Hash b51416af9e8adbe3d16f5f2526aba221
097c8d67412f44534449ed4cadc6dd22b025801d
dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt/condivise/stili/trasversali/owl.carousel.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:04 GMT
Accept-Ranges: bytes
Content-Length: 4614
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.min.js
54.238.172.83200 OK 97 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/jquery.min.js
IP 54.238.172.83:0
File type ASCII text, with very long lines (32077)
Hash 4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /risorse_dt/condivise/javascript/jquery.min.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:34 GMT
Accept-Ranges: bytes
Content-Length: 97163
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
54.238.172.83200 OK 416 B URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
IP 54.238.172.83:0
Hash a00dda3f91b12b16ef9736f89c1d5042
0ad4a038ed350f7a4bbb738849f876eeced6c1d3
0da7a1b970b5c8e4c5f781761450c034462288a375d5c189f7e90027207f3524
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt/condivise/stili/trasversali/base.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Sun, 18 Jul 2021 13:01:22 GMT
Accept-Ranges: bytes
Content-Length: 416
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
b1.54-238-172-83.cprapid.com/risorse_dt/bootstrap/js/ie10-viewport-bug-workaround.js
54.238.172.83200 OK 694 B URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/bootstrap/js/ie10-viewport-bug-workaround.js
IP 54.238.172.83:0
Hash b5a0dd7ce1f7c1c6b80b5abe13308dd2
6cc4835430ac4ba8845fd02efdb5688166a5ed8a
ce01c41255d7e61cc44e865184559085737a98cf6911ef67f915692152b88852
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /risorse_dt/bootstrap/js/ie10-viewport-bug-workaround.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:48:00 GMT
Accept-Ranges: bytes
Content-Length: 694
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
b1.54-238-172-83.cprapid.com/risorse_dt/bootstrap/js/bootstrap.js
54.238.172.83200 OK 69 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/bootstrap/js/bootstrap.js
IP 54.238.172.83:0
Hash e3676b6eb90f0f6739c89d56a3efa245
83188f24cfbd8e33b69b23139202c0cf2f390063
31d80f65a2c078aa3ca5051504f29d8986df61f04bc998036527374eef1c286b
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /risorse_dt/bootstrap/js/bootstrap.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:47:58 GMT
Accept-Ranges: bytes
Content-Length: 69214
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/spaces.css
54.238.172.83200 OK 30 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/spaces.css
IP 54.238.172.83:0
Hash a0339ef2039b90034b16e341e508b5e8
dab67a84e5a8228a6f9ed90f05b8a7b983912b3c
9fb634a5bbfbee4fc2503595fa18a98142ca8cf0bb29984d065edfeef0006bdd
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt/condivise/stili/trasversali/spaces.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:08 GMT
Accept-Ranges: bytes
Content-Length: 29954
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/fonts.css
54.238.172.83200 OK 4.5 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/fonts.css
IP 54.238.172.83:0
Hash c26ff7c37210341d690599a8a2310737
3127758f8fcf89472099f6963b90464cbe3b01b9
f4e596fd7ef88f965cc4df8dd6895f65cbdb0d2f49e58bfc5c4832675318ddc0
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt/condivise/stili/trasversali/fonts.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Sun, 18 Jul 2021 13:10:22 GMT
Accept-Ranges: bytes
Content-Length: 4511
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/typography.css
54.238.172.83200 OK 5.1 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/typography.css
IP 54.238.172.83:0
File type assembler source, ASCII text
Hash 9bc1f2ccabef97230a29e52bb7d71e2e
c2cc92960a2674ffa0c8d32b2133e596b3613630
2a96cd832563fdde56f4c71a663dd68bd9202eeed6a4c2c525e3275e4e68be06
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt/condivise/stili/trasversali/typography.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:03 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:10 GMT
Accept-Ranges: bytes
Content-Length: 5123
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/extra.css
54.238.172.83200 OK 5.0 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/extra.css
IP 54.238.172.83:0
Hash 6845e4602367a2454bf3a8aa15d014a6
841e011124cb8f568f3c2d8bfcb3013ea6f042fd
dc4a581b65b22475fbb99580954525d488986dc35b37b19310d30a0598a32fde
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt/condivise/stili/trasversali/extra.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:04 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:48:58 GMT
Accept-Ranges: bytes
Content-Length: 4991
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/alignment.css
54.238.172.83200 OK 2.7 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/alignment.css
IP 54.238.172.83:0
File type assembler source, ASCII text
Hash 2b774691bee7183287e841ed3287c1c1
bb03284b1ee77d718adee2286f8ce20e42f0e9c6
8d4821ff1de6348bb012672849a8205eb9833edde9b1e417f2fa5365261c08bf
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt/condivise/stili/trasversali/alignment.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:04 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:48:50 GMT
Accept-Ranges: bytes
Content-Length: 2731
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/megamenu-pi.js
54.238.172.83200 OK 14 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/javascript/megamenu-pi.js
IP 54.238.172.83:0
Hash 250bfa1bdb9cc3ed6b8a48a5f2281784
092938daea2f1352513f18a21e27d4a9860bc31f
c5d5b2ba0288caa7178d3999dd5478ab6c9d2f6528ee421fa0af724cb8c94035
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /risorse_dt/condivise/javascript/megamenu-pi.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:04 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:38 GMT
Accept-Ranges: bytes
Content-Length: 14476
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base-element.css
54.238.172.83200 OK 214 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base-element.css
IP 54.238.172.83:0
Size 214 kB (213450 bytes)
Hash f938de6880813c3c7b2a30b28a6c0da8
19d93950a34345d83dfc8096214d6082c2d6706a
1f615511776a12840fb4cccea90ef49bc3c6bc0d430932bd6f219e82e13c025b
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt/condivise/stili/trasversali/base-element.css HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:04 GMT
Server: Apache
Last-Modified: Sun, 18 Jul 2021 13:01:52 GMT
Accept-Ranges: bytes
Content-Length: 213450
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
23.38.200.237200 OK 12 kB URL HTTP/2 assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32717)
Hash 9edbefe8919a34cc9ec5343e49caf90d
9e8f2b92a35df8e01814e558d10248a928ea2504
c276e66ee697edfb8fbe70a13d6cb8498b21fb998d10d6faaf3999f34f5525cc
GET /extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 12384
expires: Thu, 08 Dec 2022 15:33:05 GMT
date: Thu, 08 Dec 2022 14:33:05 GMT
cache-control: no-cache
access-control-allow-origin: http://b1.54-238-172-83.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
23.38.200.237200 OK 1.6 kB URL HTTP/2 assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (3138)
Hash dbb5211703cf7696d634360cc8874fa7
9231e7ebe8096b629c9ac522e41f8c2a8013db99
535a218392da01549f9fd640908f59c213e809c2db778c36094e3a84959106df
GET /extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1598
expires: Thu, 08 Dec 2022 15:33:05 GMT
date: Thu, 08 Dec 2022 14:33:05 GMT
cache-control: no-cache
access-control-allow-origin: http://b1.54-238-172-83.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2
b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/empty-profile.png
54.238.172.83404 Not Found 315 B URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/empty-profile.png
IP 54.238.172.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt_ext/icone/empty-profile.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/small-modal-ico-bp-pp.png
54.238.172.83200 OK 13 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/small-modal-ico-bp-pp.png
IP 54.238.172.83:0
File type PNG image data, 132 x 132, 8-bit/color RGBA, non-interlaced\012- data
Hash 22e37aed1a37a4d10a2c011e969a1337
05d054f563899fffd3ffd4f5cba486c5273d17d9
d4a66d846de1a39c49b3d03f1c4c4d21cd9f5436f362b7a72fd2eb773f6cfaca
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt_ext/icone/small-modal-ico-bp-pp.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Last-Modified: Tue, 21 Jul 2020 12:31:20 GMT
Accept-Ranges: bytes
Content-Length: 12995
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/ico-bp.png
54.238.172.83200 OK 3.5 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/ico-bp.png
IP 54.238.172.83:0
File type PNG image data, 45 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 8d96bc9b08477815ed8655ced98af0ac
04b6fa972775456746a7cfeba72f3878cf904183
d7f9c88c4f19de13e5ef1040c08cd72970808301de221e2ea7acfc71bf802cc1
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt_ext/icone/ico-bp.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Last-Modified: Tue, 21 Jul 2020 12:31:12 GMT
Accept-Ranges: bytes
Content-Length: 3511
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png
54.238.172.83404 Not Found 315 B URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png
IP 54.238.172.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
b1.54-238-172-83.cprapid.com/.jod-fcc/qrr.png
54.238.172.83404 Not Found 315 B URL HTTP/1.1 b1.54-238-172-83.cprapid.com/.jod-fcc/qrr.png
IP 54.238.172.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /.jod-fcc/qrr.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/ico-pp.png
54.238.172.83200 OK 3.0 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/ico-pp.png
IP 54.238.172.83:0
File type PNG image data, 45 x 44, 8-bit/color RGB, non-interlaced\012- data
Hash b58f05ef3e25628af63aca1f633afef2
ed29c9437597aed2c13291305a262d03684d8910
068347897472440f46e706b2d61c77ec861e2facb34b567e2e2c851ae1bc4dea
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt_ext/icone/ico-pp.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Last-Modified: Tue, 21 Jul 2020 12:31:16 GMT
Accept-Ranges: bytes
Content-Length: 2957
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-polling/jdpolling.js
54.238.172.83404 Not Found 315 B URL HTTP/1.1 b1.54-238-172-83.cprapid.com/jod-fcc/resources/portal/js-polling/jdpolling.js
IP 54.238.172.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /jod-fcc/resources/portal/js-polling/jdpolling.js HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
assets.adobedtm.com/4d622ce80bd2/66013fe91d66/6de93c1092bc/RCce78d2ba79364101b982bf481cca240c-source.min.js
23.38.200.237200 OK 1.1 kB URL HTTP/2 assets.adobedtm.com/4d622ce80bd2/66013fe91d66/6de93c1092bc/RCce78d2ba79364101b982bf481cca240c-source.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (3366)
Hash 098b6403c55675ec04c839dc51d1a248
ed277b7e4de2f9d48261cde8692dacf2d3a5e215
2d3d458db2ec2e72632654a5dfead492d07ebef0ed8e34ca3c01560fd8844b0c
GET /4d622ce80bd2/66013fe91d66/6de93c1092bc/RCce78d2ba79364101b982bf481cca240c-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "372bbd46f902d47edb073f81f931af4e:1670422307.780628"
last-modified: Wed, 07 Dec 2022 14:11:47 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1103
cache-control: max-age=3600
expires: Thu, 08 Dec 2022 15:33:05 GMT
date: Thu, 08 Dec 2022 14:33:05 GMT
access-control-allow-origin: http://b1.54-238-172-83.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/4d622ce80bd2/66013fe91d66/6de93c1092bc/RC0571d095fad64781ad9ad87fc8a7eda3-source.min.js
23.38.200.237200 OK 1.2 kB URL HTTP/2 assets.adobedtm.com/4d622ce80bd2/66013fe91d66/6de93c1092bc/RC0571d095fad64781ad9ad87fc8a7eda3-source.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (2795)
Hash c3a2b0fabcac4486e78ce7b0eda24501
3279004718359ac8b0da9db206030e1a8ef4dc0a
02346a05f82af2895882a65f8d00bdaf5defdbdb3727ee61d142edc26cf3f83a
GET /4d622ce80bd2/66013fe91d66/6de93c1092bc/RC0571d095fad64781ad9ad87fc8a7eda3-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "372bbd46f902d47edb073f81f931af4e:1670422307.780628"
last-modified: Wed, 07 Dec 2022 14:11:47 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1210
cache-control: max-age=3600
expires: Thu, 08 Dec 2022 15:33:05 GMT
date: Thu, 08 Dec 2022 14:33:05 GMT
access-control-allow-origin: http://b1.54-238-172-83.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/4d622ce80bd2/66013fe91d66/6de93c1092bc/RCace12870bc974581b26b193857913875-source.min.js
23.38.200.237200 OK 1.1 kB URL HTTP/2 assets.adobedtm.com/4d622ce80bd2/66013fe91d66/6de93c1092bc/RCace12870bc974581b26b193857913875-source.min.js
IP 23.38.200.237:0
File type HTML document, ASCII text, with very long lines (3225)
Hash e9a24cdaa8c4f58aafc184dc12662897
4bdfddafb98bce9619c68e2308c07f04a34bfe46
61199b090ef23337435d241c48d5b8f29a0bda356337edf69ff1ab68d1b2e14e
GET /4d622ce80bd2/66013fe91d66/6de93c1092bc/RCace12870bc974581b26b193857913875-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "372bbd46f902d47edb073f81f931af4e:1670422307.780628"
last-modified: Wed, 07 Dec 2022 14:11:47 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1072
cache-control: max-age=3600
expires: Thu, 08 Dec 2022 15:33:05 GMT
date: Thu, 08 Dec 2022 14:33:05 GMT
access-control-allow-origin: http://b1.54-238-172-83.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/JNJj-Xek6-M
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/JNJj-Xek6-M
IP 142.250.74.131:0
Hash 0574554eeced9a54b5af9af033c7a085
0535f701d8d4823e26cf8d5d19859b5ec43d5fb8
29688d8cf321fca783808603849bfd935529be2ce66fb62b65b4aff6d6defe90
POST /s/gts1p5/JNJj-Xek6-M HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:33:05 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/empty-profile.png
54.238.172.83404 Not Found 315 B URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/empty-profile.png
IP 54.238.172.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt_ext/icone/empty-profile.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
b1.54-238-172-83.cprapid.com/.jod-fcc/qrr.png
54.238.172.83404 Not Found 315 B URL HTTP/1.1 b1.54-238-172-83.cprapid.com/.jod-fcc/qrr.png
IP 54.238.172.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /.jod-fcc/qrr.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png
54.238.172.83404 Not Found 315 B URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png
IP 54.238.172.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/risorse_dt/condivise/immagini/icone/icone-default-on/ico-torna-indietro.png
54.238.172.83404 Not Found 315 B URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/risorse_dt/condivise/immagini/icone/icone-default-on/ico-torna-indietro.png
IP 54.238.172.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt/condivise/stili/trasversali/risorse_dt/condivise/immagini/icone/icone-default-on/ico-torna-indietro.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/base-element.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/bg-qrcode.png
54.238.172.83200 OK 5.3 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt_ext/icone/bg-qrcode.png
IP 54.238.172.83:0
File type PNG image data, 624 x 210, 8-bit/color RGBA, non-interlaced\012- data
Hash 4ed242012ee510aca41b30408eb02cc7
957fd32bcb5bc79b1f6e7795e2c6a6444dc462f0
bf6bcbcf84ff0f18c4110fa868c29ff14aef2458be49afd0ffe37e5f9cd74950
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt_ext/icone/bg-qrcode.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Last-Modified: Tue, 21 Jul 2020 12:31:04 GMT
Accept-Ranges: bytes
Content-Length: 5348
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/immagini/eye.png
54.238.172.83200 OK 645 B URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/applicazioni/trasversali/immagini/eye.png
IP 54.238.172.83:0
File type PNG image data, 24 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 5dfd11f759177ca66df6bfb649fa131c
8151b051d99d5988a9761adcc40089bfb20f5576
5931ba755c44c364f074f95a904536fb4076da4e44c811a1934c5fff735c39c4
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt/applicazioni/trasversali/immagini/eye.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:46:32 GMT
Accept-Ranges: bytes
Content-Length: 645
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 80c581cd6bb967abe1fe51827007d04a
f53f99352bdf80126b9703287ea70c91465445e6
3879dfa691b7c1214faab89d35ba9eb903bece733497b1180410fced5292fbed
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 12 Dec 2022 13:35:38 GMT
ETag: "f53f99352bdf80126b9703287ea70c91465445e6"
Last-Modified: Thu, 08 Dec 2022 13:35:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776636d3fcb8b50b-OSL
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Book/Texta-Book.woff
54.238.172.83200 OK 32 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Book/Texta-Book.woff
IP 54.238.172.83:0
File type Web Open Font Format, TrueType, length 32412, version 1.0\012- data
Hash e49b4a99e99a162382c9135468cdff61
6fe7b52d7195d20e9d8ad05d4068dd87ddaeff76
0fa4aee030662ed700dc5cb2e13e52b85fb1254a195d9ab0a1a10d79e645c8f8
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /risorse_dt/condivise/fonts/texta/Texta-Book/Texta-Book.woff HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/fonts.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:53:54 GMT
Accept-Ranges: bytes
Content-Length: 32412
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/immagini/generiche/spinner_giallo.gif
54.238.172.83200 OK 34 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/immagini/generiche/spinner_giallo.gif
IP 54.238.172.83:0
File type GIF image data, version 89a, 150 x 150\012- data
Hash 442d51dab3205cf4c81de67e4bafdbda
52726f8f87116bd1fd03e9d99c0bb22afd168937
ea638c8244c7a5cc50e617807b1fc35637430f976e8210ef3d560a5eb059e5f5
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt/condivise/immagini/generiche/spinner_giallo.gif HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:06 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:50:40 GMT
Accept-Ranges: bytes
Content-Length: 33869
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/immagini/loghi/logo-poste-italiane.png
54.238.172.83200 OK 7.3 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/immagini/loghi/logo-poste-italiane.png
IP 54.238.172.83:0
File type PNG image data, 388 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 5f334889f79c8a60aca123b6f0e77cd6
b24faf71ad0f3fdb6228e8c101190aafa12b9216
f73f55b1729c6267bf5137b3de7a4e3a842780a87d7a918e878ff63437bb6a87
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /risorse_dt/condivise/immagini/loghi/logo-poste-italiane.png HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:06 GMT
Server: Apache
Last-Modified: Fri, 11 Dec 2020 02:33:04 GMT
Accept-Ranges: bytes
Content-Length: 7296
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Light/Texta-Light.woff
54.238.172.83200 OK 32 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Light/Texta-Light.woff
IP 54.238.172.83:0
File type Web Open Font Format, TrueType, length 31976, version 1.0\012- data
Hash dcdd69e7910e57b0adc381e0fcf93e3e
21fd668706b3cd97f1b5df0c61ac4b05ab0bdf29
e3e914fafd966522cc6e0db2355a72202ece3052e768b0e34d05bdc4d26bf489
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /risorse_dt/condivise/fonts/texta/Texta-Light/Texta-Light.woff HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/fonts.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:06 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:54:02 GMT
Accept-Ranges: bytes
Content-Length: 31976
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Regular/Texta-Regular.woff
54.238.172.83200 OK 32 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Regular/Texta-Regular.woff
IP 54.238.172.83:0
File type Web Open Font Format, TrueType, length 32376, version 1.0\012- data
Hash 8d611853ca1853f21ea4d768306f965e
b189a033f6a69180f2f705557021861ee89af975
4563e60af72ef8d0cc8b7c64716d81610d2f6595c7f76c8069b2015a89d623e2
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /risorse_dt/condivise/fonts/texta/Texta-Regular/Texta-Regular.woff HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/fonts.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:54:16 GMT
Accept-Ranges: bytes
Content-Length: 32376
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff
b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Medium/Texta-Medium.woff
54.238.172.83200 OK 33 kB URL HTTP/1.1 b1.54-238-172-83.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Medium/Texta-Medium.woff
IP 54.238.172.83:0
File type Web Open Font Format, TrueType, length 32756, version 1.0\012- data
Hash ddcb123ab58089ce07fa2d0e767decc4
b6bdcb18d6e6c3a28a40a041324001c794375c85
98a9f23066501d2b1676f72a2feb355caa114d4dffce7bae927083af92ccd6c9
Analyzer Verdict Alert openphish Poste Italiane S.p.A
fortinet Phishing
GET /risorse_dt/condivise/fonts/texta/Texta-Medium/Texta-Medium.woff HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/risorse_dt/condivise/stili/trasversali/fonts.css
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:05 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:54:10 GMT
Accept-Ranges: bytes
Content-Length: 32756
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff
widget.poste.it/js/custom.js
62.241.5.94200 OK 31 kB URL HTTP/1.1 widget.poste.it/js/custom.js
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type HTML document, Unicode text, UTF-8 text, with very long lines (306)
Hash e84988c180eec87621660bfd18da9af3
043326fe6385ac741d5c44f765dbe5bc9490d83d
05f5bac65a4da7b2658711f9ca44cfa9d17311287dad65f928c0922b4b8f16c2
GET /js/custom.js HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:06 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:05 GMT
ETag: "7808-5ee8af14ff540"
Accept-Ranges: bytes
Content-Length: 30728
Access-Control-Allow-Origin:
Keep-Alive: timeout=278, max=54
Connection: Keep-Alive
Content-Type: application/javascript
posteitalianespa.sc.omtrdc.net/b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s67404672634570?AQB=1&ndh=1&pf=1&t=8%2F11%2F2022%2014%3A33%3A5%204%200&fid=6EBF899216286540-012E6139B2D1D69C&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b1.54-238-172-83.cprapid.com%2F&c2=b1.54-238-172-83.cprapid.com%2F&v2=b1.54-238-172-83.cprapid.com%2F&v32=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&v46=DEFAULT&v198=2022-12-07T14%3A10%3A18Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
15.188.95.229302 Found 0 B URL HTTP/1.1 posteitalianespa.sc.omtrdc.net/b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s67404672634570?AQB=1&ndh=1&pf=1&t=8%2F11%2F2022%2014%3A33%3A5%204%200&fid=6EBF899216286540-012E6139B2D1D69C&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b1.54-238-172-83.cprapid.com%2F&c2=b1.54-238-172-83.cprapid.com%2F&v2=b1.54-238-172-83.cprapid.com%2F&v32=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&v46=DEFAULT&v198=2022-12-07T14%3A10%3A18Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
IP 15.188.95.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s67404672634570?AQB=1&ndh=1&pf=1&t=8%2F11%2F2022%2014%3A33%3A5%204%200&fid=6EBF899216286540-012E6139B2D1D69C&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b1.54-238-172-83.cprapid.com%2F&c2=b1.54-238-172-83.cprapid.com%2F&v2=b1.54-238-172-83.cprapid.com%2F&v32=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&v46=DEFAULT&v198=2022-12-07T14%3A10%3A18Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: posteitalianespa.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
HTTP/1.1 302 Found
access-control-allow-origin: *
vary: Origin
date: Thu, 08 Dec 2022 14:33:06 GMT
content-type: text/plain;charset=utf-8
expires: Wed, 07 Dec 2022 14:33:06 GMT
last-modified: Fri, 09 Dec 2022 14:33:06 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi_oplkzx7Eoo1pizmx7Ess1oplkz1vkx7Esvx7Eqz=[CS]v4|0-0|6391F5A2[CE]; Path=/; Domain=omtrdc.net; Max-Age=63072000; Expires=Sat, 07 Dec 2024 14:33:33 GMT; SameSite=None;
location: http://posteitalianespa.sc.omtrdc.net/b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s67404672634570?AQB=1&pccr=true&ndh=1&pf=1&t=8%2F11%2F2022%2014%3A33%3A5%204%200&fid=6EBF899216286540-012E6139B2D1D69C&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b1.54-238-172-83.cprapid.com%2F&c2=b1.54-238-172-83.cprapid.com%2F&v2=b1.54-238-172-83.cprapid.com%2F&v32=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&v46=DEFAULT&v198=2022-12-07T14%3A10%3A18Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
content-length: 0
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
posteitalianespa.sc.omtrdc.net/b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s67404672634570?AQB=1&pccr=true&ndh=1&pf=1&t=8%2F11%2F2022%2014%3A33%3A5%204%200&fid=6EBF899216286540-012E6139B2D1D69C&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b1.54-238-172-83.cprapid.com%2F&c2=b1.54-238-172-83.cprapid.com%2F&v2=b1.54-238-172-83.cprapid.com%2F&v32=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&v46=DEFAULT&v198=2022-12-07T14%3A10%3A18Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
15.188.95.229200 OK 43 B URL HTTP/1.1 posteitalianespa.sc.omtrdc.net/b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s67404672634570?AQB=1&pccr=true&ndh=1&pf=1&t=8%2F11%2F2022%2014%3A33%3A5%204%200&fid=6EBF899216286540-012E6139B2D1D69C&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b1.54-238-172-83.cprapid.com%2F&c2=b1.54-238-172-83.cprapid.com%2F&v2=b1.54-238-172-83.cprapid.com%2F&v32=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&v46=DEFAULT&v198=2022-12-07T14%3A10%3A18Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
IP 15.188.95.229:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s67404672634570?AQB=1&pccr=true&ndh=1&pf=1&t=8%2F11%2F2022%2014%3A33%3A5%204%200&fid=6EBF899216286540-012E6139B2D1D69C&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b1.54-238-172-83.cprapid.com%2F&c2=b1.54-238-172-83.cprapid.com%2F&v2=b1.54-238-172-83.cprapid.com%2F&v32=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&v46=DEFAULT&v198=2022-12-07T14%3A10%3A18Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: posteitalianespa.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://b1.54-238-172-83.cprapid.com/
Connection: keep-alive
HTTP/1.1 200 OK
access-control-allow-origin: *
date: Thu, 08 Dec 2022 14:33:06 GMT
expires: Wed, 07 Dec 2022 14:33:06 GMT
last-modified: Fri, 09 Dec 2022 14:33:06 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi_oplkzx7Eoo1pizmx7Ess1oplkz1vkx7Esvx7Eqz=[CS]v4|6EBF899216286540-12E6139B2D1D69C|0[CE]; Path=/; Domain=omtrdc.net; Max-Age=63072000; Expires=Sat, 07 Dec 2024 14:33:33 GMT; SameSite=None;
etag: 3587392878875017216-4619726265136862440
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
widget.poste.it/json/widgetLabels.json
62.241.5.94200 OK 7.1 kB URL HTTP/1.1 widget.poste.it/json/widgetLabels.json
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash f6bcc872c62240d4339b14acdb952341
2a14c8c5c5513ba23351a67ae1a6f23f95626a23
5dee78278049e1a73e771b2ea7b4d3cbf89f71a2e6c535e07e45ff392cb89fa4
POST /json/widgetLabels.json HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://b1.54-238-172-83.cprapid.com
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:06 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "1bd5-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 7125
Access-Control-Allow-Origin: http://b1.54-238-172-83.cprapid.com
Keep-Alive: timeout=278, max=30
Connection: Keep-Alive
Content-Type: application/json
b1.54-238-172-83.cprapid.com/favicon.ico
54.238.172.83404 Not Found 315 B URL HTTP/1.1 b1.54-238-172-83.cprapid.com/favicon.ico
IP 54.238.172.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish Poste Italiane S.p.A
GET /favicon.ico HTTP/1.1
Host: b1.54-238-172-83.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Cookie: PHPSESSID=5a58b11ca627af0a227c35fd4df3ce1a; s_fid=6EBF899216286540-012E6139B2D1D69C; s_cc=true
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 14:33:06 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6843a440973513608762559abd15fa3c
eb957b6b49adfe3db485cc714d506b630a01903a
70cdcf6f80d32a1f105fc1bd33cf5419f9e7d1368fa5d5703b86e65de417d23c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 21:46:11 GMT
Expires: Wed, 14 Dec 2022 21:46:10 GMT
Etag: "eb957b6b49adfe3db485cc714d506b630a01903a"
Cache-Control: max-age=543783,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776636d9aae51c06-OSL
api.ipify.org/
54.91.59.199200 OK 12 B IP 54.91.59.199:0
File type ASCII text, with no line terminators
Hash 35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
GET / HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://b1.54-238-172-83.cprapid.com
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: http://b1.54-238-172-83.cprapid.com
Content-Type: text/plain
Vary: Origin
Date: Thu, 08 Dec 2022 14:33:07 GMT
Content-Length: 12
Via: 1.1 vegur
widget.poste.it/fonts/Texta-Black.woff
62.241.5.94200 OK 33 kB URL HTTP/1.1 widget.poste.it/fonts/Texta-Black.woff
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type Web Open Font Format, TrueType, length 33140, version 1.0\012- data
Hash bb38c2004fb8284b41ab208428f57e57
eede479ce3535e6dd33934e677de0b7224ce31c4
3d4a9402bef6028217f3f4279e7f6c4bb9af9bfce7786eac52d3a5d0065a27af
POST /fonts/Texta-Black.woff HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://b1.54-238-172-83.cprapid.com
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:07 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "8174-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 33140
Access-Control-Allow-Origin: http://b1.54-238-172-83.cprapid.com
Keep-Alive: timeout=278, max=26
Connection: Keep-Alive
Content-Type: application/font-woff
widget.poste.it/fonts/Texta-LightItalic.woff
62.241.5.94200 OK 32 kB URL HTTP/1.1 widget.poste.it/fonts/Texta-LightItalic.woff
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type Web Open Font Format, TrueType, length 32084, version 1.0\012- data
Hash 50ff911beaeaea06a186cbe72898ea42
610aa069b2987d6fbbf46c456f177ced1aa49a57
91509bd0e2ed20655b4cbbf585f5587a1a1cc282291dd56d7821881699757971
POST /fonts/Texta-LightItalic.woff HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://b1.54-238-172-83.cprapid.com
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:07 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "7d54-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 32084
Access-Control-Allow-Origin: http://b1.54-238-172-83.cprapid.com
Keep-Alive: timeout=278, max=24
Connection: Keep-Alive
Content-Type: application/font-woff
widget.poste.it/fonts/Texta-Regular.woff
62.241.5.94200 OK 32 kB URL HTTP/1.1 widget.poste.it/fonts/Texta-Regular.woff
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type Web Open Font Format, TrueType, length 32376, version 1.0\012- data
Hash 8d611853ca1853f21ea4d768306f965e
b189a033f6a69180f2f705557021861ee89af975
4563e60af72ef8d0cc8b7c64716d81610d2f6595c7f76c8069b2015a89d623e2
POST /fonts/Texta-Regular.woff HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://b1.54-238-172-83.cprapid.com
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:07 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "7e78-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 32376
Access-Control-Allow-Origin: http://b1.54-238-172-83.cprapid.com
Keep-Alive: timeout=278, max=87
Connection: Keep-Alive
Content-Type: application/font-woff
t.dtscout.com/i/?l=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&j=
141.101.120.11200 OK 1.2 kB URL HTTP/2 t.dtscout.com/i/?l=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&j=
IP 141.101.120.11:0
File type ASCII text, with very long lines (2077)
Hash d1e1b961609e5292ec3fa5d5480133a4
fb17d4bccd62c6564c147df2f030ed8699600798
483bc4354d594749d59c03ba1ff93d61ec76ce97fd36ea679bb381c36a07e679
GET /i/?l=http%3A%2F%2Fb1.54-238-172-83.cprapid.com%2F&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 14:33:06 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=1; Domain=dtscout.com; Expires=Thu, 08-Dec-2022 15:56:26 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Thu, 08-Dec-2022 18:33:06 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1670509986; Domain=dtscout.com; Expires=Sat, 18-Mar-2023 14:33:06 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 4.702
expires: Thu, 08 Dec 2022 14:33:05 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCbbad8e1CYsyfViqhOA17isMqUNL4J%2BFo6ruQOWLpWKiSOh%2FRPEJmF68G8cvBP0juQs2h37SsQnW8vOR6ZzQ%2Bo4671FYaL4HuVbRWCQgt4inLD8mMxUm4IPesnfuSg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776636d37a7d0a41-ARN
content-encoding: br
X-Firefox-Spdy: h2
widget.poste.it/css/chat_custom.css
62.241.5.94200 OK 1.8 kB URL HTTP/1.1 widget.poste.it/css/chat_custom.css
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type ASCII text, with CRLF line terminators
Hash b5630f2b6ef609755051582891d6f95f
ff9df70fc8ca0653c0fade1e7e062813785d5cec
0c4b8459c2b949886ae64971a9d3f2555b680dd1c1fa36a0b42dbca2a21bd053
GET /css/chat_custom.css HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:07 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:03 GMT
ETag: "715-5ee8af13170c0"
Accept-Ranges: bytes
Content-Length: 1813
Access-Control-Allow-Origin:
Keep-Alive: timeout=278, max=20
Connection: Keep-Alive
Content-Type: text/css
widget.poste.it/css/chat_common.css
62.241.5.94200 OK 12 kB URL HTTP/1.1 widget.poste.it/css/chat_common.css
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type ASCII text, with CRLF line terminators
Hash 76f9060cb105221022b473277418b467
e2bfcc835a6c8bcf4ceb9e1da7b731591cf6b723
b6343a0f5e0b6b1955a69ca6fb1ef749bbeb18c633e08cff39689d773a0fa53f
GET /css/chat_common.css HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:07 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "2cfc-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 11516
Access-Control-Allow-Origin:
Keep-Alive: timeout=278, max=86
Connection: Keep-Alive
Content-Type: text/css
widget.poste.it/css/widgets.min.css
62.241.5.94200 OK 118 kB URL HTTP/1.1 widget.poste.it/css/widgets.min.css
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type ASCII text, with very long lines (64898), with CRLF line terminators
Size 118 kB (118490 bytes)
Hash 8a02a55585ef2630988a32645ce68be2
00d11de0e5150cf3d35629f2bc52af00bfce4ee0
f0cf34169482d5d1aa31c2910fea9ad33979b7bf52a1202ab83d3de29843d8a3
GET /css/widgets.min.css HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:07 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "1ceda-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 118490
Access-Control-Allow-Origin:
Keep-Alive: timeout=278, max=19
Connection: Keep-Alive
Content-Type: text/css
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 041ee7bbd80e836023d3c1109d2979de
0bbaad731238f365695a432792b4c6b6199a830c
fcc16dfe49146995d9828166eb169a90664dedee131e3f01c2576a8160ea908d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 23:33:45 GMT
Expires: Wed, 14 Dec 2022 23:33:44 GMT
Etag: "0bbaad731238f365695a432792b4c6b6199a830c"
Cache-Control: max-age=550235,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776636e0f9a01c06-OSL
widget.poste.it/js/lib/widgets.min.js
62.241.5.94200 OK 839 kB URL HTTP/1.1 widget.poste.it/js/lib/widgets.min.js
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type ASCII text, with very long lines (64898), with CRLF line terminators
Size 839 kB (839332 bytes)
Hash 82374b6c20855319bda55472e83e82b4
9067439be48ff638c5ff5ef790ce12bc08b21414
18fc4c844d845b1c289d1d1d324ff6e7abf51785619c9a60d9e245b2100c256a
GET /js/lib/widgets.min.js HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:07 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "ccea4-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 839332
Access-Control-Allow-Origin:
Keep-Alive: timeout=278, max=17
Connection: Keep-Alive
Content-Type: application/javascript
widget.poste.it/img/button_openChat.png
62.241.5.94200 OK 20 kB URL HTTP/1.1 widget.poste.it/img/button_openChat.png
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 7305cd2f12691ddda291fb1b21bd4347
5b3f944fc435c3ad74f138942aaf50ff159cbee0
25fbb9e5014408868cbd5d87ac48192ddddcb3b32ca3cdfb8e3efa0ebba2e251
GET /img/button_openChat.png HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.poste.it/css/chat_custom.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:08 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "4e8b-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 20107
Access-Control-Allow-Origin:
Keep-Alive: timeout=278, max=82
Connection: Keep-Alive
Content-Type: image/png
widget.poste.it/fonts/Texta-Regular.woff
62.241.5.94200 OK 32 kB URL HTTP/1.1 widget.poste.it/fonts/Texta-Regular.woff
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type Web Open Font Format, TrueType, length 32376, version 1.0\012- data
Hash 8d611853ca1853f21ea4d768306f965e
b189a033f6a69180f2f705557021861ee89af975
4563e60af72ef8d0cc8b7c64716d81610d2f6595c7f76c8069b2015a89d623e2
GET /fonts/Texta-Regular.woff HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://b1.54-238-172-83.cprapid.com
Connection: keep-alive
Referer: https://widget.poste.it/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:33:08 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "7e78-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 32376
Access-Control-Allow-Origin: http://b1.54-238-172-83.cprapid.com
Keep-Alive: timeout=278, max=12
Connection: Keep-Alive
Content-Type: application/font-woff
ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0&t=Accedi%20o%20Registrati
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0&t=Accedi%20o%20Registrati
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0&t=Accedi%20o%20Registrati HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 08 Dec 2022 14:33:08 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0&t=Accedi%20o%20Registrati
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0&t=Accedi%20o%20Registrati
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0&t=Accedi%20o%20Registrati HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 08 Dec 2022 14:33:08 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!ur8gie9n2u&dn=TC&cc=1&r=
67.202.105.32200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!ur8gie9n2u&dn=TC&cc=1&r=
IP 67.202.105.32:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!ur8gie9n2u&dn=TC&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
expires: Fri, 09 Dec 2022 14:33:08 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Thu, 08 Dec 2022 14:33:08 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0&t=Accedi%20o%20Registrati
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0&t=Accedi%20o%20Registrati
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0&t=Accedi%20o%20Registrati HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 08 Dec 2022 14:33:08 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 08 Dec 2022 14:33:08 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 08 Dec 2022 14:33:09 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 08 Dec 2022 14:33:09 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ur8gie9n2u&lm=0&ts=1670509987606&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 08 Dec 2022 14:33:09 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
cdn.tynt.com/tc.js
172.64.151.83200 OK 0 B IP 172.64.151.83:0
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://b1.54-238-172-83.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 14:33:08 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:29 GMT
vary: Accept-Encoding
etag: W/"62d96959-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 169624
expires: Sun, 11 Dec 2022 14:33:08 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 776636e28d5d1c12-OSL
X-Firefox-Spdy: h2