Report - 188.219.128.165/sit/index.php

Report Overview

Submitted URL
188.219.128.165/sit/index.php
IP
188.219.128.165
ASN
#30722 Vodafone Italia S.p.A.
Submitted
2023-01-26 15:00:19
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
26

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.33.66.202
188.219.128.165	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.8 kB	734 kB	188.219.128.165
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	61 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-26	medium	188.219.128.165	Sinkholed
2023-01-26	medium	188.219.128.165	Sinkholed
2023-01-26	medium	188.219.128.165	Sinkholed
2023-01-26	medium	188.219.128.165	Sinkholed
2023-01-26	medium	188.219.128.165	Sinkholed
2023-01-26	medium	188.219.128.165	Sinkholed
2023-01-26	medium	188.219.128.165	Sinkholed
2023-01-26	medium	188.219.128.165	Sinkholed
2023-01-26	medium	188.219.128.165	Sinkholed
2023-01-26	medium	188.219.128.165	Sinkholed
2023-01-26	medium	188.219.128.165	Sinkholed
2023-01-26	medium	188.219.128.165	Sinkholed
2023-01-26	medium	188.219.128.165	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	188.219.128.165/sit/index.php	368 B	2023-03-13	2024-01-05
Pretty URL 188.219.128.165/sit/index.php IP 188.219.128.165 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:33:04 Last Seen2024-01-05 12:52:09 Times Seen3 Hash a31cb309e92713e5e82281fd7c33a3bf 06230014feb1fc7763df3ae29394f56161aed6f4 d224e7f9bd20fdaa2d3afba514cddaa3c6c51cbd19a2b3a5ac1e93682085d872 Loading...

	188.219.128.165/sit/kendo/js/jquery.min.js	93 kB	2023-03-07	2024-04-19
Pretty URL 188.219.128.165/sit/kendo/js/jquery.min.js IP 188.219.128.165 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-19 19:16:40 Times Seen23220 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

	188.219.128.165/sit/kendo/js/messages/kendo.messages.it-IT.min.js	8.3 kB	2023-03-09	2024-01-05
Pretty URL 188.219.128.165/sit/kendo/js/messages/kendo.messages.it-IT.min.js IP 188.219.128.165 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:38:33 Last Seen2024-01-05 12:52:10 Times Seen7 Hash 7e45e21572b9237532b1bb8fcb2caf05 b297b15c138f7faa5af821ad0bd011d26ccc5d30 2e0aa71f2b3c3e5637bc2c9da66081bcb6b7e7e6905c9ded6ed1892bb5763fd9 Loading...

	188.219.128.165/sit/kendo/js/kendo.all.min.js	2.1 MB	2023-03-13	2024-01-05
Pretty URL 188.219.128.165/sit/kendo/js/kendo.all.min.js IP 188.219.128.165 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:49:25 Last Seen2024-01-05 12:52:10 Times Seen7 Hash e404f9829830bae567d65247fd318123 9f975adf5c547df56a1264f09b0784efcd9011b4 ad63878035964c68b974d1718e61b55a9720e2e2bb52bca404c6b71a28a41aa8 Loading...

	188.219.128.165/sit/kendo/js/cultures/kendo.culture.it-IT.min.js	1.5 kB	2023-03-09	2024-01-05
Pretty URL 188.219.128.165/sit/kendo/js/cultures/kendo.culture.it-IT.min.js IP 188.219.128.165 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:38:34 Last Seen2024-01-05 12:52:10 Times Seen7 Hash 2a0abf72c00eff936ad91f00efb34038 2d306c7a10bd5aeba6ced3b38bbdc589241c3da8 f8205365a708202cb1349823c853654825019eb6d2860316c5b0e248ca7b4813 Loading...

	188.219.128.165/sit/index.php	3.2 kB	2023-03-13	2023-03-13
Pretty URL 188.219.128.165/sit/index.php IP 188.219.128.165 ASN #30722 Vodafone Italia S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:33:04 Last Seen2023-03-13 07:33:04 Times Seen1 Hash 1d9b0450ea844a45b287454f6023768e bc8c7bc4f9760497a9f26608dfd3dfe42dd95e80 913339b64ba8c613bb18330a0801be64389031453af5da789c50ec920a2adaa1 Loading...

HTTP Transactions (32)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6707
Expires: Thu, 26 Jan 2023 16:51:55 GMT
Date: Thu, 26 Jan 2023 15:00:08 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11752
Expires: Thu, 26 Jan 2023 18:16:00 GMT
Date: Thu, 26 Jan 2023 15:00:08 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2547
Expires: Thu, 26 Jan 2023 15:42:35 GMT
Date: Thu, 26 Jan 2023 15:00:08 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 14:35:16 GMT
content-type: application/json
age: 1492
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: r2+JW3ZYA66BYaYCIHKOgUUkdSGW15zEHAIq9QPj13P0MvtlNQkcA0yysx2FBlBBzHRjePpN9hvuz+n+xWqxtQ==
x-amz-request-id: 8Z7ASJ8AJ408NMHF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 14:49:00 GMT
age: 668
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 15:00:08 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5423
Expires: Thu, 26 Jan 2023 16:30:32 GMT
Date: Thu, 26 Jan 2023 15:00:09 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 14:49:01 GMT
age: 668
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.33.66.202

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.33.66.202:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: S85TjZUrYMu0/zCucU7QxQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JvtlqUIe7X2uSWJR5FnkXsYkcWY=

188.219.128.165/sit/styles/stile_scoped.css

188.219.128.165

200 OK

2.3 kB

URL HTTP/1.1
188.219.128.165/sit/styles/stile_scoped.css
IP
188.219.128.165:0
ASN
#30722 Vodafone Italia S.p.A.

File type
HTML document, ASCII text
Size
2.3 kB (2313 bytes)
Hash
ca67f08493d1280042dbe799235d91a4
a8895e8c1241cdaf1f4b472c7647506eeb019f1c
db5a7643a33ff046f3e50963e8b2f0c1e40491ef59d40973822db9f5a1c5138a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sit/styles/stile_scoped.css HTTP/1.1
Host: 188.219.128.165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://188.219.128.165/sit/index.php
Cookie: PHPSESSID=pkdtvc4k18pscj4g5vpmfnr7d3

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 15:00:54 GMT
Server: Apache
Last-Modified: Sat, 11 Feb 2017 20:38:15 GMT
ETag: "2e5b-548473190bbc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 2313
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

188.219.128.165/sit/styles/examples-offline.css

188.219.128.165

200 OK

1.6 kB

URL HTTP/1.1
188.219.128.165/sit/styles/examples-offline.css
IP
188.219.128.165:0
ASN
#30722 Vodafone Italia S.p.A.

File type
ASCII text
Size
1.6 kB (1605 bytes)
Hash
806cbd8f1ddc549e5799e95f724ab619
378b6e68a0905e47ecf94cb76a8ff5ef7888f8c9
f4323ca06f486c7c138359e35a406800fc0051137c0e66f6920dce503127177a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sit/styles/examples-offline.css HTTP/1.1
Host: 188.219.128.165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://188.219.128.165/sit/index.php
Cookie: PHPSESSID=pkdtvc4k18pscj4g5vpmfnr7d3

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 15:00:54 GMT
Server: Apache
Last-Modified: Sat, 11 Feb 2017 20:36:17 GMT
ETag: "1410-548472a883240-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 1605
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

188.219.128.165/sit/kendo/js/jquery.min.js

188.219.128.165

200 OK

33 kB

URL HTTP/1.1
188.219.128.165/sit/kendo/js/jquery.min.js
IP
188.219.128.165:0
ASN
#30722 Vodafone Italia S.p.A.

File type
ASCII text, with very long lines (32089)
Size
33 kB (32775 bytes)
Hash
fcf0a7201168a979dd4b222a54471e0f
9056c50ea859db10d2d959654d0f8dde367360ee
c40969745be3d2181fd5d40425f9080ac2c62e63d298c1de8bb4bbda5e4ea0f7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sit/kendo/js/jquery.min.js HTTP/1.1
Host: 188.219.128.165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://188.219.128.165/sit/index.php
Cookie: PHPSESSID=pkdtvc4k18pscj4g5vpmfnr7d3

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 15:00:54 GMT
Server: Apache
Last-Modified: Wed, 29 Apr 2015 10:24:20 GMT
ETag: "169d5-514da61cffd00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 32775
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

188.219.128.165/sit/kendo/js/cultures/kendo.culture.it-IT.min.js

188.219.128.165

200 OK

780 B

URL HTTP/1.1
188.219.128.165/sit/kendo/js/cultures/kendo.culture.it-IT.min.js
IP
188.219.128.165:0
ASN
#30722 Vodafone Italia S.p.A.

File type
Unicode text, UTF-8 text, with very long lines (1201)
Size
780 B (780 bytes)
Hash
e2117b2179244cbbc1987b8ace972cc8
efc8254a81c38ff979b7b127b76bd8997cf374f8
a54bb469158c977fe22a02c77ef7f40ff5fea6fc5ff62d6558d529d60d4c774c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sit/kendo/js/cultures/kendo.culture.it-IT.min.js HTTP/1.1
Host: 188.219.128.165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://188.219.128.165/sit/index.php
Cookie: PHPSESSID=pkdtvc4k18pscj4g5vpmfnr7d3

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 15:00:54 GMT
Server: Apache
Last-Modified: Wed, 29 Apr 2015 10:24:20 GMT
ETag: "605-514da61cffd00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 780
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

188.219.128.165/sit/kendo/styles/kendo.common.min.css

188.219.128.165

200 OK

32 kB

URL HTTP/1.1
188.219.128.165/sit/kendo/styles/kendo.common.min.css
IP
188.219.128.165:0
ASN
#30722 Vodafone Italia S.p.A.

File type
ASCII text, with very long lines (65203)
Size
32 kB (31931 bytes)
Hash
dc9bee9a7e5b192a510783ec58263e2d
139f9cc0b04b80bcd07b3eb908de9755939face1
50905748a16526e360ff5272434f6d3cde5439a6ffd67aac768d7ac7ceaa092a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sit/kendo/styles/kendo.common.min.css HTTP/1.1
Host: 188.219.128.165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://188.219.128.165/sit/index.php
Cookie: PHPSESSID=pkdtvc4k18pscj4g5vpmfnr7d3

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 15:00:54 GMT
Server: Apache
Last-Modified: Wed, 29 Apr 2015 10:24:20 GMT
ETag: "34236-514da61cffd00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 31931
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

188.219.128.165/sit/index.php

188.219.128.165

200 OK

3.2 kB

URL HTTP/1.1
188.219.128.165/sit/index.php
IP
188.219.128.165:0
ASN
#30722 Vodafone Italia S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (438), with CRLF, LF line terminators
Size
3.2 kB (3166 bytes)
Hash
03f94c893b75ea436a3eac7076a319e3
96e862d2358360a09c9ca079630a8a37f59defd7
48b746da608c460088cbbc4b2202d811c5f27cae827d3fd1b1a71593984d8372

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sit/index.php HTTP/1.1
Host: 188.219.128.165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 15:00:53 GMT
Server: Apache
X-Powered-By: PHP/5.5.9-1ubuntu4.21
Set-Cookie: PHPSESSID=pkdtvc4k18pscj4g5vpmfnr7d3; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 3166
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16872
Expires: Thu, 26 Jan 2023 19:41:23 GMT
Date: Thu, 26 Jan 2023 15:00:11 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16872
Expires: Thu, 26 Jan 2023 19:41:23 GMT
Date: Thu, 26 Jan 2023 15:00:11 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16872
Expires: Thu, 26 Jan 2023 19:41:23 GMT
Date: Thu, 26 Jan 2023 15:00:11 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16872
Expires: Thu, 26 Jan 2023 19:41:23 GMT
Date: Thu, 26 Jan 2023 15:00:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5943 bytes)
Hash
ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VATQ0SjZfM_btXwR4M5keLmd-EE6717EHEiXrF2zpHNrli93EhN6Rw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:48:42 GMT
age: 61889
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9595 bytes)
Hash
f62e9b7bdca82d18c945851912d8fea8
a7ca44d337c43bc5c6145b26778661c71cc50484
5da02cc405c1cada55813ffe376844375f1d6ad222cbb63405348b1f5132a0b1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9595
x-amzn-requestid: c257bfbe-1bd7-4540-bbfa-e4c49a2624a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXwfGigoAMFvBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a002-226c08656eeefbfa3c2dddb6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k9njnQmggD7UkVJzZqSzo90HJJjTjGK0QIoPU0HWYKrSstjM6s1rOw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:57:18 GMT
age: 61373
etag: "a7ca44d337c43bc5c6145b26778661c71cc50484"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12758 bytes)
Hash
7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mjK4GJ3UCEuHk4XqmXdZCWHTVvJeX8Z2HFaem2GYzqfqlPSd_h6DfA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:33:59 GMT
age: 26772
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10379 bytes)
Hash
653bf5a34e9f99c9eef73a21d98d792f
c70d46aa2210c4f7c397fa20e1225b7d0734ac35
9f928ec6f194340e5543a4bf757aac31d545def67a56ae804a2039a3effd3fe0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10379
x-amzn-requestid: 419e5a80-cb6d-4904-9545-a0f815149701
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYMREwmIAMFhQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0b4-64c49f7d49687d9e5324ec64;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:35:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rZHSgPIPZyea2griEvL-3semlrUDichGSL8Rin4YeYKN909f9e0lyQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:41:09 GMT
age: 62342
etag: "c70d46aa2210c4f7c397fa20e1225b7d0734ac35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6609 bytes)
Hash
b242645f0cc22e3b12c132e6d03722ac
dec70f83182de58e03bfcb95fc240b7c33f20674
59a2d8c972d27598dfe38637197f90053186c4f68b80a5a90283cb11ddaf8a31

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6609
x-amzn-requestid: 129067f4-c79b-493d-8863-2eb6c1565ee6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSZABF4IIAMFsig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d533-4908ab6e5c751213084de3c6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:07:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hUp-Y119Uly8FlGe1Wr8b-_pNoyg_iV-KaNaC7Fo44iN_sDU3BnCbA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:35:29 GMT
age: 26682
etag: "dec70f83182de58e03bfcb95fc240b7c33f20674"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9285 bytes)
Hash
17e1b6f3caa98b0e0972802408dd3f93
07e48bf3565e00d093d72dd4ada606f5d39a4838
7094ef64e04573bea7a81bbcc8ab59d721c5ef433e3fa9203e5861040ced549c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9285
x-amzn-requestid: 526bd945-31d8-490e-af9d-5e6fc6ea3561
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYT2HzvoAMFYYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0e5-6812fe4354bbdac4472e7e81;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QEH9CmjfV8QZFNxFz_tEk06i_ELUSNC2QjdTF4K3xc3vS651BZ3NlQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:52:28 GMT
age: 61663
etag: "07e48bf3565e00d093d72dd4ada606f5d39a4838"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

188.219.128.165/sit/kendo/styles/kendo.blueopal.min.css

188.219.128.165

200 OK

7.2 kB

URL HTTP/1.1
188.219.128.165/sit/kendo/styles/kendo.blueopal.min.css
IP
188.219.128.165:0
ASN
#30722 Vodafone Italia S.p.A.

File type
ASCII text, with very long lines (47644)
Size
7.2 kB (7176 bytes)
Hash
39e5c711a9ad611a930c29ad9147340d
89830808ab76bd58c607b8afbdcc7aaff9a9eef4
b627dc529b81ad78c5ee94329ce24037cb44ff798877819c9138b7beacd8a8d4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sit/kendo/styles/kendo.blueopal.min.css HTTP/1.1
Host: 188.219.128.165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://188.219.128.165/sit/index.php
Cookie: PHPSESSID=pkdtvc4k18pscj4g5vpmfnr7d3

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 15:00:54 GMT
Server: Apache
Last-Modified: Wed, 29 Apr 2015 10:24:20 GMT
ETag: "bb69-514da61cffd00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 7176
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

188.219.128.165/sit/kendo/js/messages/kendo.messages.it-IT.min.js

188.219.128.165

200 OK

2.9 kB

URL HTTP/1.1
188.219.128.165/sit/kendo/js/messages/kendo.messages.it-IT.min.js
IP
188.219.128.165:0
ASN
#30722 Vodafone Italia S.p.A.

File type
Unicode text, UTF-8 text, with very long lines (7963)
Size
2.9 kB (2862 bytes)
Hash
435dea648d7f4e18501246e9c2186533
4f39847adcbd9c47544691408f188b11c1bf7cf3
bf6f9801f981b86315aafb6cf970a5e4a6e916633a3dc5ef2b56ef0d3745089b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sit/kendo/js/messages/kendo.messages.it-IT.min.js HTTP/1.1
Host: 188.219.128.165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://188.219.128.165/sit/index.php
Cookie: PHPSESSID=pkdtvc4k18pscj4g5vpmfnr7d3

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 15:00:55 GMT
Server: Apache
Last-Modified: Wed, 29 Apr 2015 10:24:20 GMT
ETag: "2097-514da61cffd00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 2862
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

188.219.128.165/sit/kendo/js/kendo.all.min.js

188.219.128.165

200 OK

623 kB

URL HTTP/1.1
188.219.128.165/sit/kendo/js/kendo.all.min.js
IP
188.219.128.165:0
ASN
#30722 Vodafone Italia S.p.A.

File type
ASCII text, with very long lines (32138)
Size
623 kB (623302 bytes)
Hash
c1d2a50c6714cae38d98a17553ec6925
90b410bf5f478c335c206461213885d1d6fe21b3
d6b925793ca4223faeab52e0ed76e250478e15d1d012ac02ca3fcd8bfaa4e74a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sit/kendo/js/kendo.all.min.js HTTP/1.1
Host: 188.219.128.165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://188.219.128.165/sit/index.php
Cookie: PHPSESSID=pkdtvc4k18pscj4g5vpmfnr7d3

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 15:00:54 GMT
Server: Apache
Last-Modified: Wed, 29 Apr 2015 10:24:20 GMT
ETag: "1ffc43-514da61cffd00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

188.219.128.165/sit/icons/spinner.gif

188.219.128.165

200 OK

19 kB

URL HTTP/1.1
188.219.128.165/sit/icons/spinner.gif
IP
188.219.128.165:0
ASN
#30722 Vodafone Italia S.p.A.

File type
GIF image data, version 89a, 140 x 140\012- data
Size
19 kB (18689 bytes)
Hash
981f95e5e8204ee0413a23f7cef5deff
241837ba932feb6384f93748dbe14251df05357e
b761cc51e1a35a37ea7ba419fe2d55331e716f75290c7514ee4405f17c087aeb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sit/icons/spinner.gif HTTP/1.1
Host: 188.219.128.165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://188.219.128.165/sit/index.php
Cookie: PHPSESSID=pkdtvc4k18pscj4g5vpmfnr7d3

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 15:00:59 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2016 10:29:00 GMT
ETag: "4901-53b5b90be3300"
Accept-Ranges: bytes
Content-Length: 18689
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif

188.219.128.165/favicon.ico

188.219.128.165

404 Not Found

209 B

URL HTTP/1.1
188.219.128.165/favicon.ico
IP
188.219.128.165:0
ASN
#30722 Vodafone Italia S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
209 B (209 bytes)
Hash
18ffb59b61525f781cf9251045be575d
bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 188.219.128.165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://188.219.128.165/sit/index.php
Cookie: PHPSESSID=pkdtvc4k18pscj4g5vpmfnr7d3

HTTP/1.1 404 Not Found
Date: Thu, 26 Jan 2023 15:01:00 GMT
Server: Apache
Content-Length: 209
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

188.219.128.165/sit/img/sangro_logo.jpg

188.219.128.165

200 OK

4.8 kB

URL HTTP/1.1
188.219.128.165/sit/img/sangro_logo.jpg
IP
188.219.128.165:0
ASN
#30722 Vodafone Italia S.p.A.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 96x91, components 3\012- data
Size
4.8 kB (4784 bytes)
Hash
237b00aa7bc3ec9f4969bf4c681e313e
2e356e41e398f688b8524246d9f75d7d789c9fb9
552375e85c47491ec06f78eb2479f7869df4101a24c92bc2e9965b444e9adcdf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sit/img/sangro_logo.jpg HTTP/1.1
Host: 188.219.128.165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://188.219.128.165/sit/index.php
Cookie: PHPSESSID=pkdtvc4k18pscj4g5vpmfnr7d3

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 15:01:00 GMT
Server: Apache
Last-Modified: Wed, 12 Apr 2017 13:26:24 GMT
ETag: "12b0-54cf827a0c000"
Accept-Ranges: bytes
Content-Length: 4784
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

188.219.128.165/sit/kendo/styles/BlueOpal/sprite.png

188.219.128.165

200 OK

0 B

URL HTTP/1.1
188.219.128.165/sit/kendo/styles/BlueOpal/sprite.png
IP
188.219.128.165:0
ASN
#30722 Vodafone Italia S.p.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sit/kendo/styles/BlueOpal/sprite.png HTTP/1.1
Host: 188.219.128.165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://188.219.128.165/sit/kendo/styles/kendo.blueopal.min.css
Cookie: PHPSESSID=pkdtvc4k18pscj4g5vpmfnr7d3

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 15:01:00 GMT
Server: Apache
Last-Modified: Wed, 29 Apr 2015 10:24:20 GMT
ETag: "5b80-514da61cffd00"
Accept-Ranges: bytes
Content-Length: 23424
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (32)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type