hstgroup.it/
301 Moved Permanently 228 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 32466f6f51f9b5400dc010ec2aa52687
9553d7ff1ddab2fc9e665f63460a5e806adc367a
a032bdb24961a5b8effe986ba0b7dcf5f6e35dfd3abac409746df897d5320345
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: hstgroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 14 Sep 2022 17:31:40 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 228
Connection: keep-alive
Location: https://hstgroup.it/
X-Cache-Status: MISS
X-Powered-By: PleskLin
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5140
Expires: Wed, 14 Sep 2022 18:57:20 GMT
Date: Wed, 14 Sep 2022 17:31:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 17:09:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: g8PqnlhbXeTv0Sx4WmvgdEQmtGeUsoiROiwde-tNeBYcbp956IZirA==
Age: 1322
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rb-D-i4Yn-09NnomuYgRGWypToUbbIZdl-s7IgYUQnEhYauY3WZF6A==
age: 46585
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 17:31:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1cf17a7ef6d88c116489d672147b36bc
11792b6edca938c27ada8fa0c5686cb64976cca3
e92a640f242198ac3eadf72a17c66c553f2410f6cdf02e820d21c9b69bf422ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E92A640F242198AC3EADF72A17C66C553F2410F6CDF02E820D21C9B69BF422CE"
Last-Modified: Wed, 14 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Wed, 14 Sep 2022 23:31:40 GMT
Date: Wed, 14 Sep 2022 17:31:41 GMT
Connection: keep-alive
cdn.iubenda.com/cs/iubenda_cs.js
200 OK 429 B URL HTTP/2 cdn.iubenda.com/cs/iubenda_cs.js
IP
File type ASCII text, with very long lines (596)
Hash e37fc6b7527175ad298d9f519fea73a3
75e6f2e01c323fb50a402116a1ea4e28d0e279ca
03638f80c7bfb310dc126bad5567348c01b218b741d3e6e8c95916ec75bbe57c
GET /cs/iubenda_cs.js HTTP/1.1
Host: cdn.iubenda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hstgroup.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: application/javascript
etag: "631ae48f-1ad"
last-modified: Fri, 09 Sep 2022 07:00:31 GMT
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
content-length: 429
cache-control: public, must-revalidate, proxy-revalidate, max-age=10800
expires: Wed, 14 Sep 2022 20:31:41 GMT
date: Wed, 14 Sep 2022 17:31:41 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.iubenda.com/cs/ccpa/stub.js
200 OK 1.5 kB URL HTTP/2 cdn.iubenda.com/cs/ccpa/stub.js
IP
File type ASCII text, with very long lines (4106), with no line terminators
Hash 91b6124cb2a3ad299202f19c85f860e8
193cc7f0c63d238adaa60e9a9f13834151a070e6
31a447a17b035b7ed13a5a0f706276fc6200f3032b264e0bc9e79a8a64fa3ef1
GET /cs/ccpa/stub.js HTTP/1.1
Host: cdn.iubenda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hstgroup.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: br
content-type: application/javascript
etag: "631ae48f-5f7"
last-modified: Fri, 09 Sep 2022 07:00:31 GMT
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
content-length: 1527
cache-control: public, must-revalidate, proxy-revalidate, max-age=86400
expires: Thu, 15 Sep 2022 17:31:41 GMT
date: Wed, 14 Sep 2022 17:31:41 GMT
X-Firefox-Spdy: h2
consent.cookiebot.com/uc.js
200 OK 31 kB URL HTTP/2 consent.cookiebot.com/uc.js
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499)
Hash bfd5d0da3a9fa6771af0a51a693752ba
89714adfe7ccb0273694a820f1987ea9a64fdac8
25aef9f0356f966fa85489dc0252fc78179bf3900a654f0a2d521a651df1cd4a
GET /uc.js HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hstgroup.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 07:31:36 GMT
accept-ranges: bytes
etag: "aeea9f60c2b6d81:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 31207
cache-control: public, max-age=1056
expires: Wed, 14 Sep 2022 17:49:17 GMT
date: Wed, 14 Sep 2022 17:31:41 GMT
X-Firefox-Spdy: h2
hstgroup.it/img/logo.png
200 OK 705 B IP
File type PNG image data, 166 x 69, 8-bit colormap, non-interlaced\012- data
Hash 5f64af359bc0173d80c45a0bf749298a
4ce4564d4588f50209df599eab841b35a407ca11
e2933938c23a30ea850364aaeb90595b2f3094ec127a526a3cab5dc5ec36fd60
GET /img/logo.png HTTP/1.1
Host: hstgroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hstgroup.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 17:31:41 GMT
content-type: image/png
content-length: 705
vary: User-Agent
x-accel-version: 0.01
last-modified: Thu, 14 Jul 2022 07:32:17 GMT
etag: "2c1-5e3bee6aff790"
cache-control: max-age=2592000
expires: Fri, 14 Oct 2022 17:31:41 GMT
x-cache-status: MISS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 14 Sep 2022 17:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 17:39:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iHujt9YCxAK1PnntK-TOmkU4iugMfYO4IAKbvQKX16xjvguuCYrJNg==
Age: 1699
hstgroup.it/loghi.png
200 OK 18 kB IP
File type PNG image data, 233 x 402, 8-bit/color RGBA, non-interlaced\012- data
Hash 0c91e7b29b1a39a37f3cd7d949e9756d
a4a0a795afe2ef094c9fe83edb2c7c2fe8895d7f
ff195a2f3eace7b2e479cef4b2edef404e322169fe7f8a279950f602d3688110
GET /loghi.png HTTP/1.1
Host: hstgroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hstgroup.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 17:31:41 GMT
content-type: image/png
content-length: 17854
last-modified: Tue, 06 Sep 2022 14:45:02 GMT
cache-control: max-age=2592000
expires: Fri, 14 Oct 2022 17:31:41 GMT
etag: "63175cee-45be"
x-cache-status: MISS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iubenda.com/cookie_solution/iubenda_cs/1.41.0/core-it.js
200 OK 61 kB URL HTTP/2 cdn.iubenda.com/cookie_solution/iubenda_cs/1.41.0/core-it.js
IP
File type Unicode text, UTF-8 text, with very long lines (65288), with no line terminators
Hash 3cf9ededcf84a86cb422a3990e289c4d
6b2b00b0c7d207597e21d3479d0c850075cfb976
190097e0437ce3588cdf80f74529e5612122ab3a5aa46191f37b2bfdf600aa5e
GET /cookie_solution/iubenda_cs/1.41.0/core-it.js HTTP/1.1
Host: cdn.iubenda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hstgroup.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: br
content-type: application/javascript
etag: "631ae48f-edeb"
last-modified: Fri, 09 Sep 2022 07:00:31 GMT
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
content-length: 60907
cache-control: public, must-revalidate, proxy-revalidate, max-age=31536000
expires: Thu, 14 Sep 2023 17:31:41 GMT
date: Wed, 14 Sep 2022 17:31:41 GMT
X-Firefox-Spdy: h2
hstgroup.it/img/mondo.jpg
200 OK 21 kB URL HTTP/2 hstgroup.it/img/mondo.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1124, components 3\012- data
Hash 6632dd357a47c85acb7c6631670d5dc7
ec332a183c9d38ff6047a5616b8d144aef79be60
2ab3f86e2220f4b2abc4da4beaa9596ccd3f912d6f38e66dc9713380dad067c1
GET /img/mondo.jpg HTTP/1.1
Host: hstgroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hstgroup.it/css/frontend/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 17:31:41 GMT
content-type: image/jpeg
content-length: 20704
last-modified: Thu, 14 Jul 2022 07:32:17 GMT
cache-control: max-age=2592000
expires: Fri, 14 Oct 2022 17:31:41 GMT
etag: "62cfc681-50e0"
x-cache-status: MISS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
hstgroup.it/css/frontend/main.css
200 OK 12 kB URL HTTP/2 hstgroup.it/css/frontend/main.css
IP
Hash 59678a55e131c326543e0bc1675b4b70
5603fd8a8527dd0f7f6b2eb8f3ba63d8128f7df5
d821aa18cad237ff5d2c2f0d429d0cd85daeb9aa5f02410a7710fea5a05d258f
GET /css/frontend/main.css HTTP/1.1
Host: hstgroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hstgroup.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 17:31:41 GMT
content-type: text/css
last-modified: Thu, 14 Jul 2022 07:32:18 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Fri, 14 Oct 2022 17:31:41 GMT
etag: W/"62cfc682-11648"
x-cache-status: MISS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
hstgroup.it/img/img.jpg
200 OK 68 kB IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1200x349, components 3\012- data
Hash fac8884624f1be2ea203fb704b3dbbfc
a4eba67e940798fca6d0db81079c3c054f72cbbd
5baf1183ba2c7c0528b145dcbf03a20ccd0819516ba231ef113cc7cab56974a3
GET /img/img.jpg HTTP/1.1
Host: hstgroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hstgroup.it/css/frontend/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 17:31:41 GMT
content-type: image/jpeg
content-length: 67588
last-modified: Thu, 14 Jul 2022 07:32:17 GMT
cache-control: max-age=2592000
expires: Fri, 14 Oct 2022 17:31:41 GMT
etag: "62cfc681-10804"
x-cache-status: MISS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
hstgroup.it/assets/fonts/helveticaneueltstd-lt-webfont.woff
200 OK 24 kB URL HTTP/2 hstgroup.it/assets/fonts/helveticaneueltstd-lt-webfont.woff
IP
File type Web Open Font Format, TrueType, length 24404, version 1.0\012- data
Hash a3bcf6b90c829119b78aa346ccc1a237
8e21434395f3757828c3a811778ad54348c8bd35
8a4b590099429b219ec698240863f0643430cdb8363ccdd196982a62286f1959
Analyzer Verdict Alert fortinet Malware
GET /assets/fonts/helveticaneueltstd-lt-webfont.woff HTTP/1.1
Host: hstgroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://hstgroup.it/css/frontend/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 17:31:41 GMT
content-type: application/font-woff
content-length: 24404
last-modified: Thu, 14 Jul 2022 07:32:18 GMT
cache-control: max-age=2592000
expires: Fri, 14 Oct 2022 17:31:41 GMT
etag: "62cfc682-5f54"
x-cache-status: MISS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
hstgroup.it/assets/fonts/helveticaneueltstd-bd-webfont.woff
200 OK 25 kB URL HTTP/2 hstgroup.it/assets/fonts/helveticaneueltstd-bd-webfont.woff
IP
File type Web Open Font Format, TrueType, length 25284, version 1.0\012- data
Hash 651219d04019dcc494e4144d57761c44
095064077e00ea3c4b9c0934acfd3919a8d297e7
1f568e6c824148cb9e7d75ee4fdb1e7ead8debd97bb4ee3f2083899a64204edb
Analyzer Verdict Alert fortinet Malware
GET /assets/fonts/helveticaneueltstd-bd-webfont.woff HTTP/1.1
Host: hstgroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://hstgroup.it/css/frontend/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 17:31:41 GMT
content-type: application/font-woff
content-length: 25284
last-modified: Thu, 14 Jul 2022 07:32:17 GMT
cache-control: max-age=2592000
expires: Fri, 14 Oct 2022 17:31:41 GMT
etag: "62cfc681-62c4"
x-cache-status: MISS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
hstgroup.it/assets/fonts/helveticaneueltstd-md-webfont.woff
200 OK 25 kB URL HTTP/2 hstgroup.it/assets/fonts/helveticaneueltstd-md-webfont.woff
IP
File type Web Open Font Format, TrueType, length 25368, version 1.0\012- data
Hash c32be64b17bb0612d209ccd4a24b8915
37f9ce43f375bd9c42d6b864693bb3b124081af8
6921d06bfecbc1046f9abe30c5b8db984204d4cf93b44354a167cd599f362736
Analyzer Verdict Alert fortinet Malware
GET /assets/fonts/helveticaneueltstd-md-webfont.woff HTTP/1.1
Host: hstgroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://hstgroup.it/css/frontend/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 17:31:41 GMT
content-type: application/font-woff
content-length: 25368
last-modified: Thu, 14 Jul 2022 07:32:18 GMT
cache-control: max-age=2592000
expires: Fri, 14 Oct 2022 17:31:41 GMT
etag: "62cfc682-6318"
x-cache-status: MISS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d3ac56507d17ffff5e8b486406985d68
17d26336cd8ea65af3f23db166945f1b3fbbfbab
e7e321340eed681c1269f715b0214e1511d5762fffbe930e7c157b800afa9a39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4483
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 17:31:41 GMT
Last-Modified: Wed, 14 Sep 2022 16:16:58 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
consent.cookiebot.com/89f3e9fa-ff58-48c8-b634-23179dfd0fb1/cc.js?renew=false&referer=hstgroup.it&dnt=false&init=false
200 OK 355 B URL HTTP/2 consent.cookiebot.com/89f3e9fa-ff58-48c8-b634-23179dfd0fb1/cc.js?renew=false&referer=hstgroup.it&dnt=false&init=false
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (367), with no line terminators
Hash 0aed1568c5b7b2a5d93208d84a10eaef
cebf55653c7bd1544ee6d7f9540ed63da4086214
8f0888730bff6cc9f53e02eef0846bc728df5ad4b4f8e80109743a640148360a
GET /89f3e9fa-ff58-48c8-b634-23179dfd0fb1/cc.js?renew=false&referer=hstgroup.it&dnt=false&init=false HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hstgroup.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=60
content-type: application/x-javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 355
date: Wed, 14 Sep 2022 17:31:41 GMT
X-Firefox-Spdy: h2
www.iubenda.com/cookie-solution/confs/js/85270180.js
200 OK 90 B URL HTTP/2 www.iubenda.com/cookie-solution/confs/js/85270180.js
IP
Hash 2dbbb6757fe03aa9e58c03fb106d25d6
3c5ec0f644248ffc7baa4a506e70ab0edec5b50c
776f7197f2f7132b9c587cac836276bcffa5a16d544e32c6b640fc5634fc68f2
GET /cookie-solution/confs/js/85270180.js HTTP/1.1
Host: www.iubenda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hstgroup.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Tue, 06 Sep 2022 14:45:05 GMT
etag: "63175cf1-5d"
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=63072000
content-encoding: gzip
content-length: 90
cache-control: max-age=86400
expires: Thu, 15 Sep 2022 17:31:41 GMT
date: Wed, 14 Sep 2022 17:31:41 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: i47RUP+ufZkUVc5wwSFNrg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wXGV0UhWMYGxE0b4nVhI38pZimY=
ocsp.sectigo.com/
200 OK 471 B IP
Hash e24cac68f468ec156aa5a905a7325ca6
0e11f60b0179aa9b8faba920ddb59554cf2e0d39
e47725e123b0a4d2eac18aeaf23b7d643700d8d9f985139c4952303233f47cfc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 17:31:41 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 23:41:07 GMT
Expires: Tue, 20 Sep 2022 23:41:06 GMT
Etag: "0e11f60b0179aa9b8faba920ddb59554cf2e0d39"
Cache-Control: max-age=539964,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74aadb930d46b4e8-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash e24cac68f468ec156aa5a905a7325ca6
0e11f60b0179aa9b8faba920ddb59554cf2e0d39
e47725e123b0a4d2eac18aeaf23b7d643700d8d9f985139c4952303233f47cfc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 17:31:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 23:41:07 GMT
Expires: Tue, 20 Sep 2022 23:41:06 GMT
Etag: "0e11f60b0179aa9b8faba920ddb59554cf2e0d39"
Cache-Control: max-age=539963,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74aadb93086d0b55-OSL
hits-i.iubenda.com/write?db=hits1
204 No Content 0 B URL HTTP/2 hits-i.iubenda.com/write?db=hits1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /write?db=hits1 HTTP/1.1
Host: hits-i.iubenda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Referer: https://hstgroup.it/
Origin: https://hstgroup.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 14 Sep 2022 17:31:42 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *, authorization
access-control-max-age: 1728000
access-control-allow-credentials: true
content-length: 0
content-type: text/plain charset=UTF-8
X-Firefox-Spdy: h2
hits-i.iubenda.com/write?db=hits1
204 No Content 0 B URL HTTP/2 hits-i.iubenda.com/write?db=hits1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /write?db=hits1 HTTP/1.1
Host: hits-i.iubenda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Basic aGl0czFfdTpoaXRzMV91cHdk
Content-Type: text/plain;charset=UTF-8
Content-Length: 39
Origin: https://hstgroup.it
Connection: keep-alive
Referer: https://hstgroup.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 14 Sep 2022 17:31:42 GMT
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Length, Content-Type, X-CSRF-Token, X-HTTP-Method-Override
access-control-allow-methods: DELETE, GET, OPTIONS, POST, PUT
access-control-allow-origin: https://hstgroup.it
access-control-expose-headers: Date, X-InfluxDB-Version, X-InfluxDB-Build
request-id: 18d2cfe4-3453-11ed-a8d0-0242ac110002
x-influxdb-build: OSS
x-influxdb-version: 1.8.2
x-request-id: 18d2cfe4-3453-11ed-a8d0-0242ac110002
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7125
Expires: Wed, 14 Sep 2022 19:30:28 GMT
Date: Wed, 14 Sep 2022 17:31:43 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7125
Expires: Wed, 14 Sep 2022 19:30:28 GMT
Date: Wed, 14 Sep 2022 17:31:43 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7125
Expires: Wed, 14 Sep 2022 19:30:28 GMT
Date: Wed, 14 Sep 2022 17:31:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2157f7cfbdeb607f28ae51eb090f2c3
33d0dcadaa42179b2eae914c8ad16c9c088afbc9
135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ur-HTN2DS8b3ojSQldJOZi6YW2wtCwRfbGqxg49ZUJ_00hC_rFxYEw==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:05:07 GMT
age: 69996
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fef8234ab83f6f8f8b29665f592cbc9f
a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7
569c8c9736026fc310e148d4d74081e96a86245baaa1f784280d44a1cbd25ed0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14151
x-amzn-requestid: d5bc9be4-af3a-40fd-bfc9-1ac4769d2d3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4GhboAMF2dA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-375df72d2d67582635b9e4ae;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CZRpgjU_AxNYoyeSTOwhJhONl2DS4pvCLJ62RgAFp0flw-kPz3GkpQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:06:54 GMT
etag: "a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7"
content-type: image/jpeg
age: 69889
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5befd5bb8e6d5dad2465be69d5a33e4
e5b46c3ca439a09950290cada1af5e27cede10f2
4dc0a3373fb4c1830c4e2420dddbcbe8dceecf10e969cbe8d02368e41207832c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5988
x-amzn-requestid: a0d81c7a-14e3-443d-8fb7-19241f06d3c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yaux0H77IAMF2_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f80b-0fe6fbbe75e891b925f88dc2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3PbHWkNMa0XkuY_FcTO22i9YwMdqlJPCho7FlBwdbuUnbWrOv0w5Hg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:59:03 GMT
age: 70360
etag: "e5b46c3ca439a09950290cada1af5e27cede10f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d97e56f75165efcc71ae54952ded405
28d47359e70789115b2954b6c94711bb783b3c8c
564eac2ae99724e5f43aa1ae0afe4dec03697f888f51774e70e1b9c273c2d9d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8764
x-amzn-requestid: 48f44e2c-3d91-46cf-8701-3c5028e0a86d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-gLG4_oAMFn-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184467-46abfc77601bd90f39a2c840;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:12:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tE5GZDktiELwfFRC_IEAqoat6cN7vb_TA17d-zRO6saTLEGRqB94Pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 13:36:51 GMT
age: 14092
etag: "28d47359e70789115b2954b6c94711bb783b3c8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0789404fdbe3613d465d8fa89a63d7b8
0617d2e513097ca415a1d07cd39b1cb64d832ecf
80e55e383f354113c3694bbcc00fd1c544a97079bd3c462f1b90e952c0634bac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10138
x-amzn-requestid: bdf798d9-6729-4363-a900-f32c4041d0c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YU5qsGZ-oAMFQ1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ea311-7b146c0620a83d5c00446f87;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 03:10:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OM9K72ukk0cuyR1ZcV5xWXnEd8U9OgeQi7bkCe0Pzn3BfdLMvSdSXg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 03:09:32 GMT
age: 51731
etag: "0617d2e513097ca415a1d07cd39b1cb64d832ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56811a1a20a467464e1f3da171ef8b14
366b2090d409d694b72b4b4131df46dd65d69c5a
4c208fb88884166adf4ecc5882f75948b4a87d85c76ad6e7137e8edbd125c996
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15547
x-amzn-requestid: a78f7d90-84c3-4198-88bf-1d722c37f09f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4EUDoAMF13A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-49535e5525606250306488ba;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CWzE6n2U7hSFcSIHX5z76DPIid9pvbOqM6ikOlegBxzbuRThMeLKZA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:46:14 GMT
etag: "366b2090d409d694b72b4b4131df46dd65d69c5a"
content-type: image/jpeg
age: 71129
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hstgroup.it/img/logo.js
200 OK 0 B IP
Analyzer Verdict Alert fortinet Malware
GET /img/logo.js HTTP/1.1
Host: hstgroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hstgroup.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 17:31:41 GMT
content-type: application/javascript
vary: Accept-Encoding, User-Agent
x-accel-version: 0.01
last-modified: Thu, 14 Jul 2022 07:32:17 GMT
etag: W/"3db-5e3bee6adffa2"
cache-control: max-age=2592000
expires: Fri, 14 Oct 2022 17:31:41 GMT
x-cache-status: MISS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
hstgroup.it/js/newsfade.js
200 OK 0 B URL HTTP/2 hstgroup.it/js/newsfade.js
IP
Analyzer Verdict Alert fortinet Malware
GET /js/newsfade.js HTTP/1.1
Host: hstgroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hstgroup.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 17:31:41 GMT
content-type: application/javascript
vary: Accept-Encoding, User-Agent
x-accel-version: 0.01
last-modified: Thu, 14 Jul 2022 07:32:17 GMT
etag: W/"34e-5e3bee6b260c7"
cache-control: max-age=2592000
expires: Fri, 14 Oct 2022 17:31:41 GMT
x-cache-status: MISS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
hstgroup.it/img/credits.png
404 Not Found 0 B URL HTTP/2 hstgroup.it/img/credits.png
IP
GET /img/credits.png HTTP/1.1
Host: hstgroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hstgroup.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 14 Sep 2022 17:31:41 GMT
content-type: text/html
vary: Accept-Encoding, User-Agent
last-modified: Fri, 12 Apr 2019 10:12:45 GMT
etag: W/"412-586528b443c16"
content-encoding: br
X-Firefox-Spdy: h2
hstgroup.it/favicon.ico
404 Not Found 0 B IP
GET /favicon.ico HTTP/1.1
Host: hstgroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hstgroup.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 14 Sep 2022 17:31:41 GMT
content-type: text/html
vary: Accept-Encoding, User-Agent
last-modified: Fri, 12 Apr 2019 10:12:45 GMT
etag: W/"412-586528b443c16"
content-encoding: br
X-Firefox-Spdy: h2
hstgroup.it/
200 OK 0 B IP
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: hstgroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 17:31:41 GMT
content-type: text/html
last-modified: Tue, 06 Sep 2022 14:45:01 GMT
vary: Accept-Encoding
etag: W/"63175ced-32ea"
x-cache-status: MISS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
hstgroup.it/js/jquery-1.5.1.min.js
200 OK 0 B URL HTTP/2 hstgroup.it/js/jquery-1.5.1.min.js
IP
Analyzer Verdict Alert fortinet Malware
GET /js/jquery-1.5.1.min.js HTTP/1.1
Host: hstgroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hstgroup.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 17:31:41 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 07:32:17 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Fri, 14 Oct 2022 17:31:41 GMT
etag: W/"62cfc681-14d0c"
x-cache-status: MISS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
hstgroup.it/js/jquery.easing.1.2.js
200 OK 0 B URL HTTP/2 hstgroup.it/js/jquery.easing.1.2.js
IP
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.easing.1.2.js HTTP/1.1
Host: hstgroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hstgroup.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 17:31:41 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 07:32:17 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Fri, 14 Oct 2022 17:31:41 GMT
etag: W/"62cfc681-1295"
x-cache-status: MISS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
hstgroup.it/img/credits.png
404 Not Found 0 B URL HTTP/2 hstgroup.it/img/credits.png
IP
GET /img/credits.png HTTP/1.1
Host: hstgroup.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hstgroup.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 14 Sep 2022 17:31:41 GMT
content-type: text/html
vary: Accept-Encoding, User-Agent
last-modified: Fri, 12 Apr 2019 10:12:45 GMT
etag: W/"412-586528b443c16"
content-encoding: br
X-Firefox-Spdy: h2
80.88.87.135
34.117.237.239
93.184.220.29
104.18.32.68
23.36.76.226
104.66.117.233