Report - 80.88.88.181/index.php

Report Overview

Visited public
2023-12-04 12:00:06
Tags
URL
80.88.88.181/index.php
Finishing URL
80.88.88.181/index.php
IP / ASN
80.88.88.181
#31034 Aruba S.p.A.
Title
Home - Gps Viaggi

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
	unknown				4.0 kB	1.9 MB	80.88.88.181
maps.gstatic.com	unknown	2008-02-11	2016-01-11 17:55:17	2023-12-04 10:09:04	456 B	1.3 kB	142.250.74.3
80.88.88.181	unknown	unknown	No data	No data	22 kB	1.4 MB	80.88.88.181
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-04 07:58:24	893 B	150 kB	142.250.74.168
maps.googleapis.com	33876	2005-01-25	2019-10-17 17:56:16	2023-12-04 09:59:38	3.3 kB	244 kB	142.250.74.170

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed
2023-12-04	medium	80.88.88.181	Sinkholed

ThreatFox

No alerts detected

JavaScript (35)

	URL	From	Size	First Seen	Last Seen
	80.88.88.181/media/jui/js/bootstrap.min.js	ScriptElement	29 kB	2023-03-07	2025-05-09
Pretty URL 80.88.88.181/media/jui/js/bootstrap.min.js IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-05-09 07:28 Times Seen499 Hash 94935933a620fef61d4b0c15c664f8b3 e879415d9cdda4ae99767995f49560440025ad74 6ebe64de8e1c2f92400a03a97250c8b2f7443025d53fa42df90cb0589350c233 Loading...

	80.88.88.181/index.php	ScriptElement	2.5 kB	2024-08-20	2024-08-20
Pretty URL 80.88.88.181/index.php IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:49 Last Seen2024-08-20 16:49 Times Seen1 Hash 63a3575f5b16449c7b58cf99f5782b62 0e692263d4fc311ba67361ed9fd6f387a77474ba 1545907f2d4a688d545f231c936f2435007b9d0eb3d826fd1188bc5a45d9a1d4 Loading...

	80.88.88.181/index.php	ScriptElement	584 B	2024-08-20	2024-08-20
Pretty URL 80.88.88.181/index.php IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:49 Last Seen2024-08-20 16:49 Times Seen1 Hash 4b4afc395b4cbf0a9b322a50a70f7a0f 7eb06c26f7a5dd5eda48023f5b1cefe9767115f0 0cd9024541d2604464fca4111dcfe309e470bee513e68dc8c280a0008c99c35e Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/3/common.js	ScriptElement	261 kB	2023-11-30	2023-12-06
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/3/common.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 01:03 Last Seen2023-12-06 19:49 Times Seen784 Hash 9b44e2e564f70b079e48e73680228d50 21cbe8228939cccbe04d618cc62592abe8168292 862626d7f047d662ba009df71a153f10d6e807f7ef17d0d5127f0bef16e215d7 Loading...

	www.googletagmanager.com/gtag/js?id=UA-118888495-1	ScriptElement	192 kB	2023-12-04	2023-12-04
Pretty URL www.googletagmanager.com/gtag/js?id=UA-118888495-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 13:00 Last Seen2023-12-04 13:00 Times Seen1 Hash ff2fb3c3905a079b640359a9bbf5329a 8dedb1c3b5646cd4cc4e1c37309062617d6a8cbf 32530e982442c07078ce318a30e3dea02f25bcae5124961088cefe65b0a4c2b2 Loading...

	moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/lib/shim_messaging_helper.js		1.7 kB	2023-05-05	2025-05-11
Pretty URL moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/lib/shim_messaging_helper.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 22:33 Last Seen2025-05-11 17:49 Times Seen54817 Hash 865f01cbb34eb505834e826380d7dc2e c239ccc37191f1be78dfaa6bb3f1da5d314fdf9e 30ed6392b8de4590bd974a4a797ee0b12b382f2141738115bfd2d692cfa6ec17 Loading...

	80.88.88.181/templates/gpsviaggi/js/xtcMenu.js	ScriptElement	5.9 kB	2023-03-10	2024-09-19
Pretty URL 80.88.88.181/templates/gpsviaggi/js/xtcMenu.js IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:40 Last Seen2024-09-19 20:51 Times Seen6 Hash 9a66c7e539f3276da0ae8c3a443bdc35 3e311decd58dd779eaedf3a853b25133ca41a436 fc73c34ad00bf5fc6d52a05cd41ce4c97428d9f2997df59f8d812f60a73a24a9 Loading...

	80.88.88.181/index.php	ScriptElement	317 B	2024-08-20	2024-08-20
Pretty URL 80.88.88.181/index.php IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:49 Last Seen2024-08-20 16:49 Times Seen1 Hash 11fefb3039fcf3cd657334332f79d0a7 c258b573e0680a75af4b1ccde9d54c56345de899 cc1c66ddec66f4010aa5e79fc18363d0b30c2bcce8478c8c46cf731eadfe4c3e Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/3/map.js	ScriptElement	73 kB	2023-11-30	2023-12-06
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/3/map.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 04:32 Last Seen2023-12-06 19:49 Times Seen317 Hash 243bb45c4744cbda04a2be95db1b16dd 883795e8de2b2c4ee9dabc3193e4a20639306843 8e89cf5feaf942492d02ab197eab24ecae57af44afa54c5a19f32b80e2395740 Loading...

	80.88.88.181/media/system/js/mootools-core.js	ScriptElement	84 kB	2023-03-07	2025-05-10
Pretty URL 80.88.88.181/media/system/js/mootools-core.js IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-10 00:40 Times Seen660 Hash dae9bedb881e4fa30a39d88aae444a0d c7b66b70133c005c8283f3e1843db92769f71d38 b0fc8a4f81d13b1f3bc1843a6f2d43f46e5c9128837096b8d53f2360b8daec18 Loading...

	80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.tools.min.js	ScriptElement	100 kB	2023-03-07	2025-03-27
Pretty URL 80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.tools.min.js IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:01 Last Seen2025-03-27 07:24 Times Seen29 Hash d285d14d777643369f6691899bac49d9 c8e59ec0805ebfa1d5015aaaa705cbdcb9519ce4 bc4167870364383537b76a35af54fcb3146a0a9757e1ab89571ee1a32d43ea43 Loading...

	80.88.88.181/media/jui/js/jquery.ui.core.min.js	ScriptElement	21 kB	2023-03-07	2025-05-09
Pretty URL 80.88.88.181/media/jui/js/jquery.ui.core.min.js IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:07 Last Seen2025-05-09 07:28 Times Seen139 Hash 9356f6f9ce5aa7dd0e8a31c305839d06 7aa54ceb8525d86cfc22177156d16f3bf2853ee5 4d1feda979ec3b8a0952f18e6346cd4b51ef5bea614f328216b3bae504573bf3 Loading...

	80.88.88.181/index.php	ScriptElement	4.2 kB	2024-08-20	2024-08-20
Pretty URL 80.88.88.181/index.php IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:49 Last Seen2024-08-20 16:49 Times Seen1 Hash ed9a5b964712e6c8ddf3fc7a8ade201f 5081b4bfce6d1135068857751dd9f9c3b39b42f3 9ab94cd4d7cb412c404c4a8fccc42895be7178f1313bffaf8a24569e53ddb669 Loading...

	80.88.88.181/index.php	ScriptElement	748 B	2024-08-20	2024-08-20
Pretty URL 80.88.88.181/index.php IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:49 Last Seen2024-08-20 16:49 Times Seen1 Hash f6843704718fef8726563d7d499db09b 692b10ff13a0da7f9565177be354b62249422144 b6fd31a8b5ca33d6121be1686f1919400067f89ab9c97e36e36d3295b90f2585 Loading...

	maps.googleapis.com/maps/api/js?key=AIzaSyC-1yOl0Hx1BPsQ9TR6KeX8hVgES5AJW8E&callback=initMap	ScriptElement	180 kB	2023-12-04	2023-12-04
Pretty URL maps.googleapis.com/maps/api/js?key=AIzaSyC-1yOl0Hx1BPsQ9TR6KeX8hVgES5AJW8E&callback=initMap IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 13:00 Last Seen2023-12-04 13:00 Times Seen1 Hash f7ae70047aa0421001aba71c3cf79b94 4c81cecf70531cd28001760668627b962c51fba1 e4f6ac93f32f62033ebd4d60fb3a6dfd2970e5e9666daf5009f8775232a6bb3b Loading...

	80.88.88.181/index.php	ScriptElement	730 B	2024-08-20	2024-08-20
Pretty URL 80.88.88.181/index.php IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:49 Last Seen2024-08-20 16:49 Times Seen1 Hash 1efd58c8e0a5c5429643a31d0ed5282c 0401110be8822b845440a57fbe0fc1135f533965 7f5505d93ed4cd4a4759f0307388a6d838f4ea767b09a1e12134245f4400298f Loading...

	80.88.88.181/index.php	ScriptElement	732 B	2024-08-20	2024-08-20
Pretty URL 80.88.88.181/index.php IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:49 Last Seen2024-08-20 16:49 Times Seen1 Hash ce123c116c94dd2afa8a7f6ab7b20599 c07a5b17a818efb254dba18e2399059cfd15b178 567265628e4a75448df0cb55efa8d047ad0222005d2fb1676976410d645ed41b Loading...

	connect.facebook.net/it_IT/sdk.js#xfbml=1&version=v2.8&appId=295674717434272	ScriptElement	17 kB	2023-05-05	2025-05-11
Pretty URL connect.facebook.net/it_IT/sdk.js#xfbml=1&version=v2.8&appId=295674717434272 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 22:33 Last Seen2025-05-11 17:49 Times Seen54217 Hash b938e0b835c600209bdaae9d8ccda6d7 d5ee79d277057e05f002a18381722b5eb75d3883 d1b95aeb57c3285042e1e24c00cc56a8560d16daf7ee5cdfd5c75296b21ac91b Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/3/infowindow.js	ScriptElement	8.3 kB	2023-11-30	2024-08-20
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/3/infowindow.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 04:32 Last Seen2024-08-20 17:23 Times Seen29 Hash eacd3820804976270e367aa32789c1c1 34f4e5b647ba4581b7b4114f033a2380c1879545 3166c1a4e341e1e68f750aae16f93700891e0d22e9c3e9e58b15ed4f1c664705 Loading...

	80.88.88.181/media/jui/js/jquery.min.js	ScriptElement	97 kB	2023-03-07	2025-05-11
Pretty URL 80.88.88.181/media/jui/js/jquery.min.js IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 17:40 Times Seen29048 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	80.88.88.181/modules/mod_maximenuck/assets/fancymenuck.js	ScriptElement	3.0 kB	2023-03-10	2024-09-28
Pretty URL 80.88.88.181/modules/mod_maximenuck/assets/fancymenuck.js IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:37 Last Seen2024-09-28 08:19 Times Seen4 Hash a1248c93b4033695d9df0abc42d6fabd 73e8f773287e7280045f4d0b2b246f1cb80e894d e69c88ea418aef3b641e2b42c46ecb7dc89b3994260ba905b1132ec03ecee684 Loading...

	www.googletagmanager.com/gtag/js?id=G-1QYY60N302&l=dataLayer&cx=c	ScriptElement	223 kB	2023-12-04	2023-12-04
Pretty URL www.googletagmanager.com/gtag/js?id=G-1QYY60N302&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 13:00 Last Seen2023-12-04 13:00 Times Seen1 Hash 44502e9b43f5119e273c2092714a6e66 d28c9c69eddb846cb9cd53c1724bc4e03a7303b5 cbea7d7af64bb89b065bcc9a3eb2ec9d430a78c6aeab3f5cc551d5084ad60e6c Loading...

	80.88.88.181/media/jui/js/jquery-migrate.min.js	ScriptElement	10 kB	2023-03-07	2025-05-11
Pretty URL 80.88.88.181/media/jui/js/jquery-migrate.min.js IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 17:49 Times Seen15160 Hash 7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Loading...

	80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.revolution.min.js	ScriptElement	110 kB	2023-03-07	2025-04-28
Pretty URL 80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.revolution.min.js IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55 Last Seen2025-04-28 00:27 Times Seen91 Hash db62dbac48e8fc07c32fae02f5e91a48 66e85d16444a8e0da7a25a187ca5a16b0ddcff18 d6ed5c37cc4aecffbd16cf4e57b893a4ef13b76c33e4ad4f08b2c702d5cf2360 Loading...

	80.88.88.181/index.php	ScriptElement	1.3 kB	2024-08-20	2024-08-20
Pretty URL 80.88.88.181/index.php IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:49 Last Seen2024-08-20 16:49 Times Seen1 Hash 3ca2e3f51e5a4bb6f81920c474441e3f fbd8acea7b195fbcee8844cb7cbe7307ca4eb45a f61db8103c501b8a1829f28fd2598f6dd8675b490983dad1b0f1f673fabccf7b Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/3/marker.js	ScriptElement	70 kB	2023-11-30	2023-12-06
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/3/marker.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 05:40 Last Seen2023-12-06 18:06 Times Seen59 Hash 1694d91bbdd9f656d5b2762f9b149a8d 4d86abaf274d024a784786798ac73ed3e8b971f4 aac568ea11f934e6a9308fc3455b86278592d744bed6e85de144d61e4ee50dc3 Loading...

	80.88.88.181/media/jui/js/jquery-noconflict.js	ScriptElement	21 B	2023-03-07	2025-05-10
Pretty URL 80.88.88.181/media/jui/js/jquery-noconflict.js IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 21:06 Times Seen2371 Hash e2060c4e5e5955c824723b13a212d3ec 18420ce484978f8ba3d7371febf1638828bb7a67 5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6 Loading...

	80.88.88.181/media/system/js/core.js	ScriptElement	5.7 kB	2023-03-07	2024-12-22
Pretty URL 80.88.88.181/media/system/js/core.js IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:49 Last Seen2024-12-22 11:00 Times Seen20 Hash a32889dc9186e95a44fe0bd73a6ff5c1 5693a611c8801b9d86c18212d0c6187bedefdaca 40ce33e05603d4dd57e70a5dd5be839b1779dbd1997bc0b84613eabca077f016 Loading...

	80.88.88.181/modules/mod_maximenuck/assets/maximenuck.js	ScriptElement	22 kB	2023-03-10	2024-08-20
Pretty URL 80.88.88.181/modules/mod_maximenuck/assets/maximenuck.js IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:37 Last Seen2024-08-20 16:49 Times Seen5 Hash 71f9132753c6fcb9b80f29d0d45d6bca f44134f1c2c0fb2bb92d7690e0d1bcbe48a2f79f 7d81f8e667db7a83c894a3800b1ed67c9a0f918de885bb663d9fcc58e29d19dc Loading...

	80.88.88.181/templates/gpsviaggi/js/scrollReveal.js	ScriptElement	11 kB	2023-03-07	2025-03-03
Pretty URL 80.88.88.181/templates/gpsviaggi/js/scrollReveal.js IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:13 Last Seen2025-03-03 17:35 Times Seen11 Hash e9e29ad9936ef2034f8579da63c8abfa 06e0393a735e24e1e80357fa3d4400b445536bd2 6675de979a07767dafb42d1112c6fc27890bef18816448aa81979b0fc5d8eb2a Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/3/util.js	ScriptElement	177 kB	2023-11-30	2023-12-06
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/3/util.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 01:03 Last Seen2023-12-06 19:49 Times Seen783 Hash 90e04afddd95ef43014450cadb771307 84382d86cb0b94bebef21276b757402c80a49950 416d94f82831298c634952e55392f6a187d52da70fe49083b99af1755bde4615 Loading...

	80.88.88.181/sandbox%20eval%20code		147 B	2023-04-11	2025-05-11
Pretty URL 80.88.88.181/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 17:49 Times Seen341970 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-11
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 17:49 Times Seen341169 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	80.88.88.181/index.php	ScriptElement	181 B	2024-08-20	2024-08-20
Pretty URL 80.88.88.181/index.php IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:49 Last Seen2024-08-20 16:49 Times Seen1 Hash ec32329a4e3523e05f250c87777185b3 3413817e508fd9639d94aa05afd1c5405271f1d2 b7aa0375accf83f3cd2cb52813db4832d47829721c644a304e6897991b329c32 Loading...

	80.88.88.181/index.php	ScriptElement	16 B	2023-03-12	2024-08-20
Pretty URL 80.88.88.181/index.php IP 80.88.88.181 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 20:08 Last Seen2024-08-20 16:49 Times Seen2 Hash 67eb6a7b022652d3ccc07ca5ee1d4adf fbb78c46359e5e0461c093a5a0b462711b26be79 5e213771061b571c32e8554128d441724fa9595ca8b56dfcd3d8b293d27115c4 Loading...

HTTP Transactions (68)

URL IP Response Size

80.88.88.181/index.php

80.88.88.181

200 OK

9.9 kB

URL User Request GET HTTP/1.1
80.88.88.181/index.php
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7861), with CRLF, CR, LF line terminators
Size
9.9 kB (9875 bytes)
Hash
6a4c170581b6d31aac9a19f2561c8d30
7625a3c07e7cc38dc5a9c98f35d803d75221dd53
9682410f41851fe4c26d66a8d0304e40b59f34b4258d711ee23261850efcbf49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index.php HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:53 GMT
Server: Apache/2.4.10 (Debian)
Set-Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6; path=/; HttpOnly
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Encoding: gzip
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Last-Modified: Mon, 04 Dec 2023 10:38:54 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

80.88.88.181/media/jui/css/bootstrap.min.css

80.88.88.181

200 OK

17 kB

URL GET HTTP/1.1
80.88.88.181/media/jui/css/bootstrap.min.css
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text, with very long lines (65307)
Size
17 kB (17143 bytes)
Hash
b55f601eaa282fd2fb5373aeec9b0753
dfd6d5562fd5f995e9565042cfcbc198677a3476
8c2034182d8adb53aa9f43e93efbca41003b7ec616549aa36222173253e61342

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/jui/css/bootstrap.min.css HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:33:34 GMT
ETag: "19f02-545f90ad87e3b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 17143
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

80.88.88.181/media/jui/css/bootstrap-extended.css

80.88.88.181

200 OK

2.2 kB

URL GET HTTP/1.1
80.88.88.181/media/jui/css/bootstrap-extended.css
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text
Size
2.2 kB (2201 bytes)
Hash
e46ea38e5761697137f909e5528b50ad
cb89ce484d0f4ea4069b145e24ec48178f186c40
c3b40eecf56584ab53c284f4a360588f6b095383beb20987193a34200410b034

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/jui/css/bootstrap-extended.css HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:33:30 GMT
ETag: "23ac-545f90a9654bb-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 2201
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

80.88.88.181/media/jui/css/bootstrap-responsive.min.css

80.88.88.181

200 OK

3.9 kB

URL GET HTTP/1.1
80.88.88.181/media/jui/css/bootstrap-responsive.min.css
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text, with very long lines (16452)
Size
3.9 kB (3947 bytes)
Hash
9bdc6723fcb7d44cc3353a662fa33bde
cb836de0db480e4562d90e7f5453d969aed5a26c
eef7b3fb8ceb63aff0c881abf54be72d4a7de4b9f0764b0f8d642edad24c8bff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/jui/css/bootstrap-responsive.min.css HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:33:32 GMT
ETag: "4135-545f90ab4b9fb-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 3947
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

80.88.88.181/templates/gpsviaggi/XTC/css.php?id=48&group=grid

80.88.88.181

200 OK

3.6 kB

URL GET HTTP/1.1
80.88.88.181/templates/gpsviaggi/XTC/css.php?id=48&group=grid
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
assembler source, ASCII text, with very long lines (641)
Size
3.6 kB (3550 bytes)
Hash
8f4ab650dee352da5ca9f2c3bb3580ff
304c282076d34c49302517cc55778afcf1322e1e
f16f9042990f61d3334c651495a40909b708500e2adeb28866db8a3ddbe3af43

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/gpsviaggi/XTC/css.php?id=48&group=grid HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 3550
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8

80.88.88.181/templates/gpsviaggi/XTC/css.php?id=48&group=style6

80.88.88.181

200 OK

13 kB

URL GET HTTP/1.1
80.88.88.181/templates/gpsviaggi/XTC/css.php?id=48&group=style6
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text
Size
13 kB (13117 bytes)
Hash
d4a3a43526ccb99bb6fd9875456f72fe
2bc3f8848aa6e3698d080c9f249dbf46fa4bcce3
55968761142f46ff9f389173340b356214b6a8e50abf5261766e8337fbfdacdf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/gpsviaggi/XTC/css.php?id=48&group=style6 HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 13117
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8

80.88.88.181/templates/gpsviaggi/XTC/css.php?id=48&file=default

80.88.88.181

200 OK

7.9 kB

URL GET HTTP/1.1
80.88.88.181/templates/gpsviaggi/XTC/css.php?id=48&file=default
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text, with very long lines (905)
Size
7.9 kB (7889 bytes)
Hash
7aa2261b48af50837dc725526c7ee6b4
9c5f84d9714b7b51ecd035d5233d20413584bda9
db50b9467c540bb147a25d7771aa152ee55c4bfa598ea359cbaf7d05d1a7e688

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/gpsviaggi/XTC/css.php?id=48&file=default HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 7889
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8

80.88.88.181/templates/gpsviaggi/XTC/css.php?id=48&group=typo

80.88.88.181

200 OK

11 kB

URL GET HTTP/1.1
80.88.88.181/templates/gpsviaggi/XTC/css.php?id=48&group=typo
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text, with very long lines (987)
Size
11 kB (11020 bytes)
Hash
33e40083acb63082d11914884938d04b
f26ace9e5b0181bfcaef9d3ac2c92d2582e8e0ee
ec883a38590e0bf8ec97f1ab95c6e141239ebf850f7f0bac5adf978a0b764121

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/gpsviaggi/XTC/css.php?id=48&group=typo HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 11020
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8

www.googletagmanager.com/gtag/js?id=UA-118888495-1

142.250.74.168

200 OK

69 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-118888495-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://80.88.88.181/index.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (4179)
Size
69 kB (69099 bytes)
Hash
ff2fb3c3905a079b640359a9bbf5329a
8dedb1c3b5646cd4cc4e1c37309062617d6a8cbf
32530e982442c07078ce318a30e3dea02f25bcae5124961088cefe65b0a4c2b2

HTTP Headers

GET /gtag/js?id=UA-118888495-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 11:59:45 GMT
expires: Mon, 04 Dec 2023 11:59:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69099
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

80.88.88.181/templates/system/css/system.css

80.88.88.181

200 OK

423 B

URL GET HTTP/1.1
80.88.88.181/templates/system/css/system.css
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text
Size
423 B (423 bytes)
Hash
9eb78ff0520e63ea7739578be4f60497
99189be2be62ad7422bb07b9bb988d7b5df5bea2
26c1eceaa632a4a9d5e7b5aecfee722c4d37eff0d4c32877673caa345db2f766

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/system/css/system.css HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:52:16 GMT
ETag: "380-545f94dbb2c58-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 423
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

80.88.88.181/templates/gpsviaggi/XTC/css.php?id=48&group=css3effects

80.88.88.181

200 OK

3.6 kB

URL GET HTTP/1.1
80.88.88.181/templates/gpsviaggi/XTC/css.php?id=48&group=css3effects
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
assembler source, ASCII text, with very long lines (1191)
Size
3.6 kB (3587 bytes)
Hash
cbdc7b7500f78fbeed34c65cbdc9c2de
9558c756493b3cc4a2ac6becda439c0c4dc9b69b
f01c95178e830b1b76bb21550bd9061fc56572fc56d13be0f2473c6e2c9c7ff6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/gpsviaggi/XTC/css.php?id=48&group=css3effects HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 3587
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8

80.88.88.181/templates/system/css/general.css

80.88.88.181

200 OK

881 B

URL GET HTTP/1.1
80.88.88.181/templates/system/css/general.css
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text
Size
881 B (881 bytes)
Hash
f34a20729f44488adc6818ed225d75e9
2a4988f1a294054064b8b9957199b77c63ffa459
5a288ca7bb0ee2f1a55d7c8d0cb2b8663c31bf78939f723ab0052a582e2285a6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/system/css/general.css HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:52:16 GMT
ETag: "aaa-545f94db63ab8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 881
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

maps.googleapis.com/maps/api/js?key=AIzaSyC-1yOl0Hx1BPsQ9TR6KeX8hVgES5AJW8E&callback=initMap

142.250.74.170

200 OK

62 kB

URL GET HTTP/2
maps.googleapis.com/maps/api/js?key=AIzaSyC-1yOl0Hx1BPsQ9TR6KeX8hVgES5AJW8E&callback=initMap
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
http://80.88.88.181/index.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (2487)
Size
62 kB (61493 bytes)
Hash
f7ae70047aa0421001aba71c3cf79b94
4c81cecf70531cd28001760668627b962c51fba1
e4f6ac93f32f62033ebd4d60fb3a6dfd2970e5e9666daf5009f8775232a6bb3b

HTTP Headers

GET /maps/api/js?key=AIzaSyC-1yOl0Hx1BPsQ9TR6KeX8hVgES5AJW8E&callback=initMap HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Language, Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 04 Dec 2023 11:59:45 GMT
server: scaffolding on HTTPServer2
content-length: 61493
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/css/dynamic-captions.css

80.88.88.181

200 OK

322 B

URL GET HTTP/1.1
80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/css/dynamic-captions.css
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text, with very long lines (1026)
Size
322 B (322 bytes)
Hash
43c2ded9db56225c127dfd81f7433bb7
acd081e06239c32a19063146fb3db4fd14071415
95d18c994ae1c235d2b0549f95f06322029b1686f468224cf4a583073cfde8b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/com_uniterevolution2/assets/rs-plugin/css/dynamic-captions.css HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:37:19 GMT
ETag: "7e5-545f91845bfb4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 322
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/css/settings.css

80.88.88.181

200 OK

9.1 kB

URL GET HTTP/1.1
80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/css/settings.css
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
Unicode text, UTF-8 text, with very long lines (374)
Size
9.1 kB (9141 bytes)
Hash
ba44ae3ec7faa72c3de109cc7a839870
840b0385332192e3dd93580dc2946c824537faa1
2217ac02bd86aee02692ee45f7af3b038fdb7b37869a8ad0aa43623b3459db64

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/com_uniterevolution2/assets/rs-plugin/css/settings.css HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:37:20 GMT
ETag: "d822-545f918505e74-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 9141
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

80.88.88.181/templates/gpsviaggi/XTC/css.php?id=48&file=template

80.88.88.181

200 OK

200 B

URL GET HTTP/1.1
80.88.88.181/templates/gpsviaggi/XTC/css.php?id=48&file=template
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text
Size
200 B (200 bytes)
Hash
f24efac1b78d3f2237712ecdbbc35a4e
5ad98e7881928358297e92f0c2750e43e409f85f
0a61add0e27e8ab90f1c546549d3f6ca9c84d000442ad55c1213fd5b4eee4388

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/gpsviaggi/XTC/css.php?id=48&file=template HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 200
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8

80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/css/static-captions.css

80.88.88.181

200 OK

138 B

URL GET HTTP/1.1
80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/css/static-captions.css
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text
Size
138 B (138 bytes)
Hash
646f16060c0c13a8333c06ade5890a3d
9f3520989557c5839df73bb662927942e0807842
b9c0dfe4a8de889f58f88caf28cc2c111d4d336be91107c827641afc3c23a69e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/com_uniterevolution2/assets/rs-plugin/css/static-captions.css HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:37:20 GMT
ETag: "1cd-545f91848bd54-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 138
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

80.88.88.181/modules/mod_maximenuck/assets/maximenuresponsiveck.css

80.88.88.181

200 OK

552 B

URL GET HTTP/1.1
80.88.88.181/modules/mod_maximenuck/assets/maximenuresponsiveck.css
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text
Size
552 B (552 bytes)
Hash
21338f44707c67487aa46be5bc75bf48
497324e6978bd90873d8e77c95d60e39eb2578d2
1d0a7c57d01850e22dd6cd2a33aed6a3c61608458ee35da71089a9e6516ba82c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_maximenuck/assets/maximenuresponsiveck.css HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:41:46 GMT
ETag: "d5e-545f928272dab-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 552
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

80.88.88.181/modules/mod_maximenuck/themes/css3megamenu_giusto/css/maximenuck.php?monid=maximenuck923

80.88.88.181

200 OK

3.4 kB

URL GET HTTP/1.1
80.88.88.181/modules/mod_maximenuck/themes/css3megamenu_giusto/css/maximenuck.php?monid=maximenuck923
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text, with very long lines (471)
Size
3.4 kB (3414 bytes)
Hash
c82ca635fc071c74335fbfb0ee782f95
25f84ee2c4fa26d5dbf9ca6501666a99d91bc2a0
9e4e0d65b37ba38e8557664ffdc140fc8ebf167e7c5105aef030809e88e82510

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_maximenuck/themes/css3megamenu_giusto/css/maximenuck.php?monid=maximenuck923 HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 3414
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8

80.88.88.181/media/jui/js/jquery-noconflict.js

80.88.88.181

200 OK

21 B

URL GET HTTP/1.1
80.88.88.181/media/jui/js/jquery-noconflict.js
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text
Size
21 B (21 bytes)
Hash
e2060c4e5e5955c824723b13a212d3ec
18420ce484978f8ba3d7371febf1638828bb7a67
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/jui/js/jquery-noconflict.js HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:33:46 GMT
ETag: "15-545f90b8c6cba"
Accept-Ranges: bytes
Content-Length: 21
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

80.88.88.181/media/jui/js/jquery-migrate.min.js

80.88.88.181

200 OK

4.0 kB

URL GET HTTP/1.1
80.88.88.181/media/jui/js/jquery-migrate.min.js
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text, with very long lines (9959)
Size
4.0 kB (4014 bytes)
Hash
7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/jui/js/jquery-migrate.min.js HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:33:46 GMT
ETag: "2748-545f90b89403a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 4014
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

80.88.88.181/media/system/js/core.js

80.88.88.181

200 OK

2.4 kB

URL GET HTTP/1.1
80.88.88.181/media/system/js/core.js
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
Unicode text, UTF-8 text, with very long lines (5674)
Size
2.4 kB (2391 bytes)
Hash
a32889dc9186e95a44fe0bd73a6ff5c1
5693a611c8801b9d86c18212d0c6187bedefdaca
40ce33e05603d4dd57e70a5dd5be839b1779dbd1997bc0b84613eabca077f016

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/system/js/core.js HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:35:33 GMT
ETag: "1630-545f911f078d7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 2391
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

80.88.88.181/media/jui/js/bootstrap.min.js

80.88.88.181

200 OK

7.7 kB

URL GET HTTP/1.1
80.88.88.181/media/jui/js/bootstrap.min.js
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text, with very long lines (29002)
Size
7.7 kB (7701 bytes)
Hash
94935933a620fef61d4b0c15c664f8b3
e879415d9cdda4ae99767995f49560440025ad74
6ebe64de8e1c2f92400a03a97250c8b2f7443025d53fa42df90cb0589350c233

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/jui/js/bootstrap.min.js HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:33:44 GMT
ETag: "71e4-545f90b6944ba-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 7701
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

80.88.88.181/templates/gpsviaggi/js/xtcMenu.js

80.88.88.181

200 OK

1.8 kB

URL GET HTTP/1.1
80.88.88.181/templates/gpsviaggi/js/xtcMenu.js
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text
Size
1.8 kB (1833 bytes)
Hash
9a66c7e539f3276da0ae8c3a443bdc35
3e311decd58dd779eaedf3a853b25133ca41a436
fc73c34ad00bf5fc6d52a05cd41ce4c97428d9f2997df59f8d812f60a73a24a9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/gpsviaggi/js/xtcMenu.js HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:52:01 GMT
ETag: "16f6-545f94cd68918-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 1833
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

80.88.88.181/media/jui/js/jquery.min.js

80.88.88.181

200 OK

34 kB

URL GET HTTP/1.1
80.88.88.181/media/jui/js/jquery.min.js
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text, with very long lines (32077)
Size
34 kB (33760 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/jui/js/jquery.min.js HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:33:49 GMT
ETag: "17b8b-545f90bb512fa-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 33760
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.tools.min.js

80.88.88.181

200 OK

34 kB

URL GET HTTP/1.1
80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.tools.min.js
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text, with very long lines (25616)
Size
34 kB (34312 bytes)
Hash
d285d14d777643369f6691899bac49d9
c8e59ec0805ebfa1d5015aaaa705cbdcb9519ce4
bc4167870364383537b76a35af54fcb3146a0a9757e1ab89571ee1a32d43ea43

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.tools.min.js HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:37:32 GMT
ETag: "187f8-545f919060273-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 34312
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

80.88.88.181/media/system/js/mootools-core.js

80.88.88.181

200 OK

27 kB

URL GET HTTP/1.1
80.88.88.181/media/system/js/mootools-core.js
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text, with very long lines (785)
Size
27 kB (26915 bytes)
Hash
dae9bedb881e4fa30a39d88aae444a0d
c7b66b70133c005c8283f3e1843db92769f71d38
b0fc8a4f81d13b1f3bc1843a6f2d43f46e5c9128837096b8d53f2360b8daec18

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/system/js/mootools-core.js HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:35:38 GMT
ETag: "147b5-545f91234b597-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 26915
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

80.88.88.181/media/jui/js/jquery.ui.core.min.js

80.88.88.181

200 OK

7.6 kB

URL GET HTTP/1.1
80.88.88.181/media/jui/js/jquery.ui.core.min.js
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text, with very long lines (20988)
Size
7.6 kB (7580 bytes)
Hash
9356f6f9ce5aa7dd0e8a31c305839d06
7aa54ceb8525d86cfc22177156d16f3bf2853ee5
4d1feda979ec3b8a0952f18e6346cd4b51ef5bea614f328216b3bae504573bf3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/jui/js/jquery.ui.core.min.js HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:33:52 GMT
ETag: "52de-545f90be9ee3a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 7580
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

80.88.88.181/modules/mod_maximenuck/assets/maximenuck.js

80.88.88.181

200 OK

3.7 kB

URL GET HTTP/1.1
80.88.88.181/modules/mod_maximenuck/assets/maximenuck.js
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text
Size
3.7 kB (3743 bytes)
Hash
71f9132753c6fcb9b80f29d0d45d6bca
f44134f1c2c0fb2bb92d7690e0d1bcbe48a2f79f
7d81f8e667db7a83c894a3800b1ed67c9a0f918de885bb663d9fcc58e29d19dc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_maximenuck/assets/maximenuck.js HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:41:46 GMT
ETag: "56ec-545f92826a10b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 3743
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

80.88.88.181/modules/mod_maximenuck/assets/fancymenuck.js

80.88.88.181

200 OK

976 B

URL GET HTTP/1.1
80.88.88.181/modules/mod_maximenuck/assets/fancymenuck.js
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text
Size
976 B (976 bytes)
Hash
a1248c93b4033695d9df0abc42d6fabd
73e8f773287e7280045f4d0b2b246f1cb80e894d
e69c88ea418aef3b641e2b42c46ecb7dc89b3994260ba905b1132ec03ecee684

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_maximenuck/assets/fancymenuck.js HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:41:43 GMT
ETag: "bc9-545f927ff528c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 976
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

80.88.88.181/templates/gpsviaggi/js/scrollReveal.js

80.88.88.181

200 OK

2.9 kB

URL GET HTTP/1.1
80.88.88.181/templates/gpsviaggi/js/scrollReveal.js
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
Unicode text, UTF-8 text
Size
2.9 kB (2854 bytes)
Hash
e9e29ad9936ef2034f8579da63c8abfa
06e0393a735e24e1e80357fa3d4400b445536bd2
6675de979a07767dafb42d1112c6fc27890bef18816448aa81979b0fc5d8eb2a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/gpsviaggi/js/scrollReveal.js HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:52:01 GMT
ETag: "2a06-545f94cd65a38-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 2854
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

80.88.88.181/media/system/css/system.css

80.88.88.181

200 OK

549 B

URL GET HTTP/1.1
80.88.88.181/media/system/css/system.css
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text
Size
549 B (549 bytes)
Hash
d25b04064b7ac983eefa2d773fd9190e
42340717cd318ffab5b976925ace2b79717a3110
34da244d1787618ff1a567a56567d61225178645a38e0223cd792a2e55d174db

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/system/css/system.css HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/templates/system/css/system.css
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:35:27 GMT
ETag: "5a6-545f91198f297-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 549
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.revolution.min.js

80.88.88.181

200 OK

26 kB

URL GET HTTP/1.1
80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.revolution.min.js
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
ASCII text, with very long lines (32684)
Size
26 kB (26514 bytes)
Hash
db62dbac48e8fc07c32fae02f5e91a48
66e85d16444a8e0da7a25a187ca5a16b0ddcff18
d6ed5c37cc4aecffbd16cf4e57b893a4ef13b76c33e4ad4f08b2c702d5cf2360

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.revolution.min.js HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:37:26 GMT
ETag: "1aef2-545f918a85214-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=315360000
Expires: Thu, 01 Dec 2033 10:38:54 GMT
Content-Length: 26514
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

80.88.88.181/images/prenota-prima_rosso.svg

80.88.88.181

200 OK

925 B

URL GET HTTP/1.1
80.88.88.181/images/prenota-prima_rosso.svg
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
925 B (925 bytes)
Hash
7e6ce57b595a4fb7571c7edcf326251b
4dd1c24f537c867be5f19d7e43a79a8e7ca8637b
e0aae9614478ca5c7fe0fdc8d50f14b511a4c82b02f261846180e955621c6336

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/prenota-prima_rosso.svg HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:01:42 GMT
ETag: "6bc-545f898df4f16-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 03 Dec 2024 10:38:54 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 925
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml

80.88.88.181/images/regala_rosso.svg

80.88.88.181

200 OK

1.1 kB

URL GET HTTP/1.1
80.88.88.181/images/regala_rosso.svg
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1071 bytes)
Hash
d37337ff883c1dcc578853be647794fa
bb466147b00b51131ccbe599f212bc03c4403625
d972779a1daf9e856b23bd004a5cd9a347d232c507b3bff7ecbb46beaf1bbc7e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/regala_rosso.svg HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:01:57 GMT
ETag: "802-545f899bcbe96-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 03 Dec 2024 10:38:54 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1071
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml

80.88.88.181/images/freccia-down.png

80.88.88.181

200 OK

1.4 kB

URL GET HTTP/1.1
80.88.88.181/images/freccia-down.png
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
PNG image data, 40 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1445 bytes)
Hash
9236168737df0729744d0b41254870bb
19fca636e409f4103f7e608c2049f9c52b1d2d74
52c683de4b585f69b5f756cd55198b087d5f8301d70bd8f1ca5e27613da82a7e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/freccia-down.png HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 22:01:18 GMT
ETag: "5a5-54600f935ea19"
Accept-Ranges: bytes
Content-Length: 1445
Cache-Control: max-age=31536000
Expires: Tue, 03 Dec 2024 10:38:54 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

80.88.88.181/images/flogo-lg.png

80.88.88.181

200 OK

18 kB

URL GET HTTP/1.1
80.88.88.181/images/flogo-lg.png
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
PNG image data, 600 x 167, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (18389 bytes)
Hash
f93accb54c6813b489b4b5b9c353a502
31cb21c3b967f5aa33fd0ce3a296982cff628a35
92cccecc55a5a99759fc43b25de4c3d7ebb388328d06bdb334cdcbd9bcf95df5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/flogo-lg.png HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:00:35 GMT
ETag: "47d5-545f894e6c4b8"
Accept-Ranges: bytes
Content-Length: 18389
Cache-Control: max-age=31536000
Expires: Tue, 03 Dec 2024 10:38:54 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

80.88.88.181/images/newsletter_rosso.svg

80.88.88.181

200 OK

896 B

URL GET HTTP/1.1
80.88.88.181/images/newsletter_rosso.svg
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
896 B (896 bytes)
Hash
b9cb14fae8fbc995120d85ed5588d8ba
29891b579c5ee481db86986b5bd7908b83d8b511
d5bf67d0317945c8bac7fb0e1c1485ee265b011be76d8fd3a9087013ee576f43

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/newsletter_rosso.svg HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:01:30 GMT
ETag: "61a-545f8982bbe57-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 03 Dec 2024 10:38:54 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 896
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/svg+xml

80.88.88.181/images/logo-gps-viaggi_trasparente.png

80.88.88.181

200 OK

24 kB

URL GET HTTP/1.1
80.88.88.181/images/logo-gps-viaggi_trasparente.png
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
PNG image data, 250 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
24 kB (23595 bytes)
Hash
ee92967f2c7eb955507b19bcdb9af6a1
0148758f108e1657f07291ad1434f31558444e5c
9f87f6cc4c6cfe08e2b91353d65c93a413e1e91a36e106dd197ddaabb1b02b1d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/logo-gps-viaggi_trasparente.png HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/templates/gpsviaggi/XTC/css.php?id=48&group=style6
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:01:15 GMT
ETag: "5c2b-545f897485397"
Accept-Ranges: bytes
Content-Length: 23595
Cache-Control: max-age=31536000
Expires: Tue, 03 Dec 2024 10:38:54 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

80.88.88.181/templates/gpsviaggi/images/backgrounds/

80.88.88.181

200 OK

26 B

URL GET HTTP/1.1
80.88.88.181/templates/gpsviaggi/images/backgrounds/
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
HTML document, ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
b256d97fbb697428b7a1286ea33539c0
7e4e54e0434406746420141881f419ac165d3edc
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/gpsviaggi/images/backgrounds/ HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/templates/gpsviaggi/XTC/css.php?id=48&group=style6
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:55 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:59:17 GMT
ETag: "1a-545f966cc1aab"
Accept-Ranges: bytes
Content-Length: 26
Cache-Control: max-age=1
Expires: Mon, 04 Dec 2023 10:38:56 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html

80.88.88.181/templates/gpsviaggi/fonts/montserrat/montserrat-light-webfont.woff2

80.88.88.181

200 OK

19 kB

URL GET HTTP/1.1
80.88.88.181/templates/gpsviaggi/fonts/montserrat/montserrat-light-webfont.woff2
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
Web Open Font Format (Version 2), TrueType, length 18740, version 1.0\012- data
Size
19 kB (18740 bytes)
Hash
0837036935d80db236b37ec640adab25
21b3ece9d73ae9d29bacc0fa62c65349be846a6d
0e83ac9f934b7e2cc1b6516fb811d84220ce0e2b6c9a48251c882d219a200e69

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/gpsviaggi/fonts/montserrat/montserrat-light-webfont.woff2 HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/templates/gpsviaggi/XTC/css.php?id=48&group=grid
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:55 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:57:43 GMT
ETag: "4934-545f96133bb2e"
Accept-Ranges: bytes
Content-Length: 18740
Cache-Control: max-age=1209600
Expires: Mon, 18 Dec 2023 10:38:55 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive

maps.googleapis.com/maps-api-v3/api/js/55/3/common.js

142.250.74.170

200 OK

57 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/3/common.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
http://80.88.88.181/index.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (5883)
Size
57 kB (57129 bytes)
Hash
9b44e2e564f70b079e48e73680228d50
21cbe8228939cccbe04d618cc62592abe8168292
862626d7f047d662ba009df71a153f10d6e807f7ef17d0d5127f0bef16e215d7

HTTP Headers

GET /maps-api-v3/api/js/55/3/common.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 57129
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:34:26 GMT
expires: Thu, 28 Nov 2024 21:34:26 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 397520
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/3/util.js

142.250.74.170

200 OK

55 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/3/util.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
http://80.88.88.181/index.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (562)
Size
55 kB (55134 bytes)
Hash
90e04afddd95ef43014450cadb771307
84382d86cb0b94bebef21276b757402c80a49950
416d94f82831298c634952e55392f6a187d52da70fe49083b99af1755bde4615

HTTP Headers

GET /maps-api-v3/api/js/55/3/util.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 55134
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:34:26 GMT
expires: Thu, 28 Nov 2024 21:34:26 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 397520
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

80.88.88.181/images/slideshow/slide01.jpg

80.88.88.181

200 OK

298 kB

URL GET HTTP/1.1
80.88.88.181/images/slideshow/slide01.jpg
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 2560x980, components 3\012- data
Size
298 kB (297601 bytes)
Hash
9cd93a3ad7858bc507bc6c7018a931bc
616c4dff7ef0306b5fe159c2a70d35fa8b2daed0
a8dfe42a37690541bdda1e3097571d3136063a742cc5ead9e8f2501a965a4138

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slideshow/slide01.jpg HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:03:17 GMT
ETag: "48a81-545f89e8308d3"
Accept-Ranges: bytes
Content-Length: 297601
Cache-Control: max-age=1209600
Expires: Mon, 18 Dec 2023 10:38:54 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

80.88.88.181/templates/gpsviaggi/fonts/fontawesome/fontawesome-webfont.woff2

80.88.88.181

200 OK

72 kB

URL GET HTTP/1.1
80.88.88.181/templates/gpsviaggi/fonts/fontawesome/fontawesome-webfont.woff2
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Size
72 kB (71896 bytes)
Hash
e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/gpsviaggi/fonts/fontawesome/fontawesome-webfont.woff2 HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/templates/gpsviaggi/XTC/css.php?id=48&group=grid
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:55 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:57:26 GMT
ETag: "118d8-545f960315e8e"
Accept-Ranges: bytes
Content-Length: 71896
Cache-Control: max-age=1209600
Expires: Mon, 18 Dec 2023 10:38:55 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive

80.88.88.181/templates/gpsviaggi/fonts/montserrat/montserrat-regular-webfont.woff2

80.88.88.181

200 OK

19 kB

URL GET HTTP/1.1
80.88.88.181/templates/gpsviaggi/fonts/montserrat/montserrat-regular-webfont.woff2
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
Web Open Font Format (Version 2), TrueType, length 18812, version 2.66\012- data
Size
19 kB (18812 bytes)
Hash
038141ff5a9582d4e9a18338d3a94feb
0976b8c93f4559e65fca991b71d82d8acc90fdb0
d24084603d92f401bf4b3a781e2da4d0a3fbd2a2f82934ac734f78542eb5aa5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/gpsviaggi/fonts/montserrat/montserrat-regular-webfont.woff2 HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/templates/gpsviaggi/XTC/css.php?id=48&group=grid
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:55 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:57:45 GMT
ETag: "497c-545f96154146e"
Accept-Ranges: bytes
Content-Length: 18812
Cache-Control: max-age=1209600
Expires: Mon, 18 Dec 2023 10:38:55 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive

maps.googleapis.com/maps-api-v3/api/js/55/3/map.js

142.250.74.170

200 OK

24 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/3/map.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
http://80.88.88.181/index.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (2376)
Size
24 kB (23678 bytes)
Hash
243bb45c4744cbda04a2be95db1b16dd
883795e8de2b2c4ee9dabc3193e4a20639306843
8e89cf5feaf942492d02ab197eab24ecae57af44afa54c5a19f32b80e2395740

HTTP Headers

GET /maps-api-v3/api/js/55/3/map.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 23678
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:34:31 GMT
expires: Thu, 28 Nov 2024 21:34:31 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 397515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

80.88.88.181/images/slideshow/sfondo-02.jpg

80.88.88.181

200 OK

530 kB

URL GET HTTP/1.1
80.88.88.181/images/slideshow/sfondo-02.jpg
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2560x980, components 3\012- data
Size
530 kB (530350 bytes)
Hash
7ab6f5d5d96fe8836fad23ffff3c60cd
ce812aa599c913ab94cbae84096b22353c5235e7
ec1e06e021f6021b31fe40b2956787d2805851ffc1410a5d098d7203a0d5195f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slideshow/sfondo-02.jpg HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:54 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Tue, 17 Jan 2017 17:30:38 GMT
ETag: "817ae-5464da894bd66"
Accept-Ranges: bytes
Content-Length: 530350
Cache-Control: max-age=1209600
Expires: Mon, 18 Dec 2023 10:38:54 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

maps.googleapis.com/maps-api-v3/api/js/55/3/marker.js

142.250.74.170

200 OK

22 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/3/marker.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
http://80.88.88.181/index.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (1456)
Size
22 kB (21866 bytes)
Hash
1694d91bbdd9f656d5b2762f9b149a8d
4d86abaf274d024a784786798ac73ed3e8b971f4
aac568ea11f934e6a9308fc3455b86278592d744bed6e85de144d61e4ee50dc3

HTTP Headers

GET /maps-api-v3/api/js/55/3/marker.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 21866
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:34:31 GMT
expires: Thu, 28 Nov 2024 21:34:31 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 397515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

80.88.88.181/templates/gpsviaggi/fonts/Fira/firasans-book-webfont.woff

80.88.88.181

200 OK

137 kB

URL GET HTTP/1.1
80.88.88.181/templates/gpsviaggi/fonts/Fira/firasans-book-webfont.woff
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
Web Open Font Format, TrueType, length 136772, version 1.0\012- data
Size
137 kB (136772 bytes)
Hash
7b8fde64a35e07b3404c395558919c9a
b7782c81af61c54c5c7140bbbac17885eeecc23e
b62e4c85551b883ceef92d776219bff77fd8282ad468040f6354617bd5b575e9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/gpsviaggi/fonts/Fira/firasans-book-webfont.woff HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/templates/gpsviaggi/XTC/css.php?id=48&group=typo
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:55 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:56:44 GMT
ETag: "21644-545f95daa55f0"
Accept-Ranges: bytes
Content-Length: 136772
Cache-Control: max-age=1209600
Expires: Mon, 18 Dec 2023 10:38:55 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/font-woff

80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/assets/loader.gif

80.88.88.181

200 OK

2.5 kB

URL GET HTTP/1.1
80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/assets/loader.gif
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
GIF image data, version 89a, 24 x 24\012- data
Size
2.5 kB (2545 bytes)
Hash
4b3afb84b2b71ef56df09997a350bd04
accdac8a7abeab0e21c49539aad0a973addb28ef
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/com_uniterevolution2/assets/rs-plugin/assets/loader.gif HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/css/settings.css
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:55 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:37:17 GMT
ETag: "9f1-545f91824ca34"
Accept-Ranges: bytes
Content-Length: 2545
Cache-Control: max-age=31536000
Expires: Tue, 03 Dec 2024 10:38:55 GMT
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif

80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/assets/large_left.png

80.88.88.181

200 OK

1.5 kB

URL GET HTTP/1.1
80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/assets/large_left.png
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
PNG image data, 40 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1517 bytes)
Hash
c7d7eee3ae27c6eea078e5b6c30c8763
a4a4243c5c653a7024d7626911f849a954e8aba8
1e93f3215066083474d73115bbef66b052e2add1e20a5670fbbe509e3679b27a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/com_uniterevolution2/assets/rs-plugin/assets/large_left.png HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/css/settings.css
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:55 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:37:17 GMT
ETag: "5ed-545f9182239f4"
Accept-Ranges: bytes
Content-Length: 1517
Cache-Control: max-age=31536000
Expires: Tue, 03 Dec 2024 10:38:55 GMT
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/assets/large_right.png

80.88.88.181

200 OK

1.6 kB

URL GET HTTP/1.1
80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/assets/large_right.png
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
PNG image data, 40 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1561 bytes)
Hash
21c9f3380e28a14fe7461d3c6ef29f64
b2078ea4889800ef9da8649c11882a6ddc54a169
e043930c7420af53e0685050b8c1b149bb5b012b3449a02d69d1f399a4862834

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/com_uniterevolution2/assets/rs-plugin/assets/large_right.png HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/media/com_uniterevolution2/assets/rs-plugin/css/settings.css
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:55 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:37:17 GMT
ETag: "619-545f918241e54"
Accept-Ranges: bytes
Content-Length: 1561
Cache-Control: max-age=31536000
Expires: Tue, 03 Dec 2024 10:38:55 GMT
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png

www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi

80.88.88.181

301 Moved Permanently

200 B

URL GET HTTP/1.1
www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi
IP
80.88.88.181:8888
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
200 B (200 bytes)
Hash
fac56adf1dddba3b658dc91e4a5053e4
56fed0b51879a77b26166dea2488d9a050a0d1b2
a04a260b8193b7482eaf75dc55530abcdd74360fa0a806f8f8d6d91840fb94ca

HTTP Headers

GET /gpsviaggi/gpsviaggi HTTP/1.1
Host: www.gpsviaggi.com:8888
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition  4.0  Java/Oracle Corporation/1.8)
Location: http://www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi/
Content-Language: it-IT
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 04 Dec 2023 10:38:55 GMT
Content-Length: 200

www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi/packages_photos/827/Transiberiana-Italia-1.jpg

80.88.88.181

200 OK

87 kB

URL GET HTTP/1.1
www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi/packages_photos/827/Transiberiana-Italia-1.jpg
IP
80.88.88.181:8888
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=500, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=960], baseline, precision 8, 960x500, components 3\012- data
Size
87 kB (87386 bytes)
Hash
21ca125d9861a30016de302611372c3f
9b53fa3667195b4188de913027c51ccdaa330141
7225b2f7c5671c706243bf3859e7a76e2eb574e815e73b5c9ac4540754f9f86a

HTTP Headers

GET /gpsviaggi/gpsviaggi/packages_photos/827/Transiberiana-Italia-1.jpg HTTP/1.1
Host: www.gpsviaggi.com:8888
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition  4.0  Java/Oracle Corporation/1.8)
Server: GlassFish Server Open Source Edition  4.0
Accept-Ranges: bytes
ETag: W/"87386-1579251012000"
Last-Modified: Fri, 17 Jan 2020 08:50:12 GMT
Content-Type: image/jpeg
Date: Mon, 04 Dec 2023 10:38:55 GMT
Content-Length: 87386

www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi/packages_photos/734/Manarola-Presepe-1.jpg

80.88.88.181

200 OK

76 kB

URL GET HTTP/1.1
www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi/packages_photos/734/Manarola-Presepe-1.jpg
IP
80.88.88.181:8888
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=500, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=960], baseline, precision 8, 960x500, components 3\012- data
Size
76 kB (75968 bytes)
Hash
8604195bf519fe33ccbbb20545876929
cf45b33d1850a713c8870e03275a85dab956ea00
1bea5dd8017dc1ff7c1b765573897249c80634c68da3af8ba96a277c8b6f5600

HTTP Headers

GET /gpsviaggi/gpsviaggi/packages_photos/734/Manarola-Presepe-1.jpg HTTP/1.1
Host: www.gpsviaggi.com:8888
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition  4.0  Java/Oracle Corporation/1.8)
Server: GlassFish Server Open Source Edition  4.0
Accept-Ranges: bytes
ETag: W/"75968-1579018379000"
Last-Modified: Tue, 14 Jan 2020 16:12:59 GMT
Content-Type: image/jpeg
Date: Mon, 04 Dec 2023 10:38:55 GMT
Content-Length: 75968

www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi/packages_photos/544/Presepi-Napoletani-1.jpg

80.88.88.181

200 OK

186 kB

URL GET HTTP/1.1
www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi/packages_photos/544/Presepi-Napoletani-1.jpg
IP
80.88.88.181:8888
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 960x500, components 3\012- data
Size
186 kB (186259 bytes)
Hash
58934a687b6b9115d7f33b01810d376c
50e4d12636dd36d1e9771a387fd6e70dd6379126
208901e501ab6eadac3846b7e9889a519254ce41531d867ac32be3138848a5ea

HTTP Headers

GET /gpsviaggi/gpsviaggi/packages_photos/544/Presepi-Napoletani-1.jpg HTTP/1.1
Host: www.gpsviaggi.com:8888
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition  4.0  Java/Oracle Corporation/1.8)
Server: GlassFish Server Open Source Edition  4.0
Accept-Ranges: bytes
ETag: W/"186259-1635241747000"
Last-Modified: Tue, 26 Oct 2021 09:49:07 GMT
Content-Type: image/jpeg
Date: Mon, 04 Dec 2023 10:38:55 GMT
Content-Length: 186259

www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi/

80.88.88.181

404 Not Found

1.1 kB

URL GET HTTP/1.1
www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi/
IP
80.88.88.181:8888
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1082), with no line terminators
Size
1.1 kB (1082 bytes)
Hash
f64c1221c4aaaf0396e2bcf3b63a7313
e552d461a805cbefb79aec797f50d9727234db4a
7dd820828727c78314cb43a31ecc30b40f230f3afea35b7352bbd4f9d6b92315

HTTP Headers

GET /gpsviaggi/gpsviaggi/ HTTP/1.1
Host: www.gpsviaggi.com:8888
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://80.88.88.181/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition  4.0  Java/Oracle Corporation/1.8)
Server: GlassFish Server Open Source Edition  4.0
Content-Language: 
Content-Type: text/html
Date: Mon, 04 Dec 2023 10:38:55 GMT
Content-Length: 1082

maps.googleapis.com/maps-api-v3/api/js/55/3/infowindow.js

142.250.74.170

200 OK

2.8 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/3/infowindow.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
http://80.88.88.181/index.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (937)
Size
2.8 kB (2769 bytes)
Hash
eacd3820804976270e367aa32789c1c1
34f4e5b647ba4581b7b4114f033a2380c1879545
3166c1a4e341e1e68f750aae16f93700891e0d22e9c3e9e58b15ed4f1c664705

HTTP Headers

GET /maps-api-v3/api/js/55/3/infowindow.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 2769
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:35:50 GMT
expires: Thu, 28 Nov 2024 21:35:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 397436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi/packages_photos/546/Matera-1.jpg

80.88.88.181

200 OK

218 kB

URL GET HTTP/1.1
www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi/packages_photos/546/Matera-1.jpg
IP
80.88.88.181:8888
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, manufacturer=NIKON CORPORATION, model=NIKON D7100], baseline, precision 8, 960x500, components 3\012- data
Size
218 kB (218344 bytes)
Hash
23f9359f683911f817d4164ba6d06a6d
f54091634aceeb3ebeac8da8474bab853c65d712
8e844b3d385f8db591645d61fde1da51dce4812bc19f14a6193bda5be273a084

HTTP Headers

GET /gpsviaggi/gpsviaggi/packages_photos/546/Matera-1.jpg HTTP/1.1
Host: www.gpsviaggi.com:8888
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition  4.0  Java/Oracle Corporation/1.8)
Server: GlassFish Server Open Source Edition  4.0
Accept-Ranges: bytes
ETag: W/"218344-1602235598000"
Last-Modified: Fri, 09 Oct 2020 09:26:38 GMT
Content-Type: image/jpeg
Date: Mon, 04 Dec 2023 10:38:55 GMT
Content-Length: 218344

www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi/packages_photos/1118/Muses%203.jpg

80.88.88.181

200 OK

109 kB

URL GET HTTP/1.1
www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi/packages_photos/1118/Muses%203.jpg
IP
80.88.88.181:8888
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2], baseline, precision 8, 960x500, components 3\012- data
Size
109 kB (109280 bytes)
Hash
c2643b5a29a75e5297a5fe2d03a4fe34
53dfbd6899779846ed2f06c18f7274c746dce4a5
2964436d39e0d3ed5cd104bd98a417cec9e2c3701a502d34dbdf29b11e90af22

HTTP Headers

GET /gpsviaggi/gpsviaggi/packages_photos/1118/Muses%203.jpg HTTP/1.1
Host: www.gpsviaggi.com:8888
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition  4.0  Java/Oracle Corporation/1.8)
Server: GlassFish Server Open Source Edition  4.0
Accept-Ranges: bytes
ETag: W/"109280-1700734281000"
Last-Modified: Thu, 23 Nov 2023 10:11:21 GMT
Content-Type: image/jpeg
Date: Mon, 04 Dec 2023 10:38:55 GMT
Content-Length: 109280

www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi/packages_photos/543/Spilimbergo-1.jpg

80.88.88.181

200 OK

240 kB

URL GET HTTP/1.1
www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi/packages_photos/543/Spilimbergo-1.jpg
IP
80.88.88.181:8888
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=samsung, model=SM-G950F, orientation=upper-left, xresolution=164, yresolution=172, resolutionunit=2, software=G950FXXU9DTF1, datetime=2020:08:22 16:58:56, GPS-Data], baseline, precision 8, 960x500, components 3\012- data
Size
240 kB (240415 bytes)
Hash
b5c10d8e669c50d2e3af5fb886126314
384cb192f9fa41e96665314b950e60a96f6ce2b3
26c1fc6fee4969a0b80e0fb48f64507d4d08e4bfb2059bb0c85c227142327b97

HTTP Headers

GET /gpsviaggi/gpsviaggi/packages_photos/543/Spilimbergo-1.jpg HTTP/1.1
Host: www.gpsviaggi.com:8888
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition  4.0  Java/Oracle Corporation/1.8)
Server: GlassFish Server Open Source Edition  4.0
Accept-Ranges: bytes
ETag: W/"240415-1602231206000"
Last-Modified: Fri, 09 Oct 2020 08:13:26 GMT
Content-Type: image/jpeg
Date: Mon, 04 Dec 2023 10:38:55 GMT
Content-Length: 240415

www.googletagmanager.com/gtag/js?id=G-1QYY60N302&l=dataLayer&cx=c

142.250.74.168

200 OK

79 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-1QYY60N302&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://80.88.88.181/index.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (4179)
Size
79 kB (79416 bytes)
Hash
44502e9b43f5119e273c2092714a6e66
d28c9c69eddb846cb9cd53c1724bc4e03a7303b5
cbea7d7af64bb89b065bcc9a3eb2ec9d430a78c6aeab3f5cc551d5084ad60e6c

HTTP Headers

GET /gtag/js?id=G-1QYY60N302&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 11:59:46 GMT
expires: Mon, 04 Dec 2023 11:59:46 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79416
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi/packages_photos/506/Trenino-Rosso-del-Bernina-1.jpg

80.88.88.181

200 OK

217 kB

URL GET HTTP/1.1
www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi/packages_photos/506/Trenino-Rosso-del-Bernina-1.jpg
IP
80.88.88.181:8888
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=500, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=960], baseline, precision 8, 960x500, components 3\012- data
Size
217 kB (216737 bytes)
Hash
bcabfa38f79cf47199e947a368bb09d1
a1bbd5fe5481938fb935f6d11efb4ff15e805aba
b31fc8bb3b35074277f199a615b3d9dca51885d55d1edb69877811cccde9aca6

HTTP Headers

GET /gpsviaggi/gpsviaggi/packages_photos/506/Trenino-Rosso-del-Bernina-1.jpg HTTP/1.1
Host: www.gpsviaggi.com:8888
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition  4.0  Java/Oracle Corporation/1.8)
Server: GlassFish Server Open Source Edition  4.0
Accept-Ranges: bytes
ETag: W/"216737-1547123773000"
Last-Modified: Thu, 10 Jan 2019 12:36:13 GMT
Content-Type: image/jpeg
Date: Mon, 04 Dec 2023 10:38:55 GMT
Content-Length: 216737

maps.gstatic.com/mapfiles/api-3/images/icon_error.png

142.250.74.3

200 OK

450 B

URL GET HTTP/2
maps.gstatic.com/mapfiles/api-3/images/icon_error.png
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
http://80.88.88.181/index.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
450 B (450 bytes)
Hash
8a3a1cfb57bacb095ceaa46f87c13dea
2054fb1471a33e55a2ffdec29dd3dfe63508de15
aa5e91d5c81d9f6a51b7eb4f0325ecee1e716275b483a8fe540aab6792bbd9f4

HTTP Headers

GET /mapfiles/api-3/images/icon_error.png HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 450
date: Mon, 04 Dec 2023 11:59:46 GMT
expires: Mon, 04 Dec 2023 11:59:46 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

80.88.88.181/templates/gpsviaggi/favicon.ico

80.88.88.181

200 OK

6.6 kB

URL GET HTTP/1.1
80.88.88.181/templates/gpsviaggi/favicon.ico
IP
80.88.88.181:80
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
MS Windows icon resource - 1 icon, 55x60, 32 bits/pixel\012- data
Size
6.6 kB (6573 bytes)
Hash
ef392fb0f3a16039e3a2041acf8e7ba1
f336bba2366bffc8813606f1c7e7f0cfe7364d2c
457b2f7af2577b945691e7462e8dafc806290c71ee92049f670b17ef841bc950

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/gpsviaggi/favicon.ico HTTP/1.1
Host: 80.88.88.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/index.php
Cookie: 7dd87b45acda661828a3d449066dcc52=5u7lfj7bd33m97d52f9tnap3h6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 10:38:55 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Fri, 13 Jan 2017 12:50:38 GMT
ETag: "35ae-545f947da2b1b-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Mon, 18 Dec 2023 10:38:55 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6573
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon

maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i17487307&2i12059975&2e1&3u17&4m2&1u270&2u254&5m5&1e0&5sen-US&6sus&10b1&12b1&key=AIzaSyC-1yOl0Hx1BPsQ9TR6KeX8hVgES5AJW8E&token=97692

142.250.74.170

200 OK

18 kB

URL GET HTTP/3
maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i17487307&2i12059975&2e1&3u17&4m2&1u270&2u254&5m5&1e0&5sen-US&6sus&10b1&12b1&key=AIzaSyC-1yOl0Hx1BPsQ9TR6KeX8hVgES5AJW8E&token=97692
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
http://80.88.88.181/index.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
PNG image data, 270 x 254, 8-bit colormap, non-interlaced\012- data
Size
18 kB (17532 bytes)
Hash
0863f9da059196d5b710406b97a6b83c
aee6e80f3f73e86c3543a866711a0ef666e1bf71
108ce031325320b0871919e20383f6aa010805b9196ff58a708da84b248936f5

HTTP Headers

GET /maps/api/js/StaticMapService.GetMapImage?1m2&1i17487307&2i12059975&2e1&3u17&4m2&1u270&2u254&5m5&1e0&5sen-US&6sus&10b1&12b1&key=AIzaSyC-1yOl0Hx1BPsQ9TR6KeX8hVgES5AJW8E&token=97692 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/png
date: Mon, 04 Dec 2023 11:59:46 GMT
expires: Tue, 05 Dec 2023 11:59:46 GMT
cache-control: public, max-age=86400
server: scaffolding on HTTPServer2
content-length: 17532
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=94
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi/packages_photos/926/Avvento-1.png

80.88.88.181

200 OK

784 kB

URL GET HTTP/1.1
www.gpsviaggi.com:8888/gpsviaggi/gpsviaggi/packages_photos/926/Avvento-1.png
IP
80.88.88.181:8888
ASN
#31034 Aruba S.p.A.

Requested by
http://80.88.88.181/index.php

File type
PNG image data, 960 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
784 kB (784515 bytes)
Hash
bf3a4ad0eafb86d731b12484694ef09f
8b5197fd2e12f9ea1ecab8650636c4452fdc4073
c7ccb99ab4bbe407463cb0db6a46bff25f9a0a100068b9faa454772cdaed3598

HTTP Headers

GET /gpsviaggi/gpsviaggi/packages_photos/926/Avvento-1.png HTTP/1.1
Host: www.gpsviaggi.com:8888
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://80.88.88.181/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition  4.0  Java/Oracle Corporation/1.8)
Server: GlassFish Server Open Source Edition  4.0
Accept-Ranges: bytes
ETag: W/"784515-1634909484000"
Last-Modified: Fri, 22 Oct 2021 13:31:24 GMT
Content-Type: image/png
Date: Mon, 04 Dec 2023 10:38:55 GMT
Content-Length: 784515

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (35)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by