b.54-234-97-169.cprapid.com/
54.234.97.169301 Moved Permanently 244 B URL HTTP/1.1 b.54-234-97-169.cprapid.com/
IP 54.234.97.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 228d3355e60e3b91483e73b1f96ead6c
bf1bd5c4a495c06f948d2d84e667a2cbc9bdfea7
7d9128e3da75c2c89df1b0906a490ae7b74a6a5d2355d8bf845ecbc14caf8bcd
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 01:18:32 GMT
Server: Apache
Location: https://b.54-234-97-169.cprapid.com/
Content-Length: 244
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6868
Expires: Sun, 05 Feb 2023 03:13:00 GMT
Date: Sun, 05 Feb 2023 01:18:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10411
Expires: Sun, 05 Feb 2023 04:12:03 GMT
Date: Sun, 05 Feb 2023 01:18:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18019
Expires: Sun, 05 Feb 2023 06:18:51 GMT
Date: Sun, 05 Feb 2023 01:18:32 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 00:43:39 GMT
content-type: application/json
age: 2093
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EgHfxq393219/peoeLt86hc5HMtE1vg3mmK0/im45pXcXaxVkgaIIXsoCRvn99iaaSRvSLKe8jU=
x-amz-request-id: Q7VEVFRKJPYG39S2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 00:53:03 GMT
age: 1529
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 01:18:32 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 01:07:20 GMT
age: 672
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7420
Expires: Sun, 05 Feb 2023 03:22:13 GMT
Date: Sun, 05 Feb 2023 01:18:33 GMT
Connection: keep-alive
b.54-234-97-169.cprapid.com/
54.234.97.169200 OK 29 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/
IP 54.234.97.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash f4a0ffe2c94513d929c6b54efcb25dde
db0f73de00bbef3c72016c8e39b1eb9c8a4d7085
a750c9c673c7ce5933030d9a9a8e435c7b1ffa41eed366fc3985bdbec73aad83
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:32 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
assets.adobedtm.com/launch-EN592261e36dc14b10a9936e854a4b30db.min.js
2.18.172.233200 OK 67 kB URL HTTP/2 assets.adobedtm.com/launch-EN592261e36dc14b10a9936e854a4b30db.min.js
IP 2.18.172.233:0
File type ASCII text, with very long lines (32762)
Hash 6718be2aa951f2087607e504ca009399
8079a6d0723ad4094601bfa9d43c008cbdd52c59
b43d95110f3ddde377cdcce689547ed9e1c75b41f7265dadfc5f6cde1ef20b68
GET /launch-EN592261e36dc14b10a9936e854a4b30db.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "a8748c1a3dc6086fb36b7406d543d2b5:1672761833.817218"
last-modified: Tue, 03 Jan 2023 16:03:53 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 66985
cache-control: max-age=3600
expires: Sun, 05 Feb 2023 02:18:33 GMT
date: Sun, 05 Feb 2023 01:18:33 GMT
access-control-allow-origin: https://b.54-234-97-169.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.42.5.177101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.5.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: p2w+ExDYH5qFYzBGTrUDSg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xRnnOkUyap0467dXIoSF+dN+xM8=
b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/owl.carousel.css
54.234.97.169200 OK 4.6 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/owl.carousel.css
IP 54.234.97.169:0
Hash b51416af9e8adbe3d16f5f2526aba221
097c8d67412f44534449ed4cadc6dd22b025801d
dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt/condivise/stili/trasversali/owl.carousel.css HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:04 GMT
Accept-Ranges: bytes
Content-Length: 4614
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
54.234.97.169200 OK 416 B URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
IP 54.234.97.169:0
Hash a00dda3f91b12b16ef9736f89c1d5042
0ad4a038ed350f7a4bbb738849f876eeced6c1d3
0da7a1b970b5c8e4c5f781761450c034462288a375d5c189f7e90027207f3524
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt/condivise/stili/trasversali/base.css HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Sun, 18 Jul 2021 13:01:22 GMT
Accept-Ranges: bytes
Content-Length: 416
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
b.54-234-97-169.cprapid.com/risorse_dt/bootstrap/css/bootstrap.min.css
54.234.97.169200 OK 122 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/bootstrap/css/bootstrap.min.css
IP 54.234.97.169:0
File type ASCII text, with very long lines (64985)
Size 122 kB (122291 bytes)
Hash 6181a38a601eb664522623bae7db95c9
9671b5fc92e27a915769b59bc60bf26fde343d7e
8b922a249c9f81562d99eee24407bf38c7feac74a10dfe712292c0b032144dfa
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:47:50 GMT
Accept-Ranges: bytes
Content-Length: 122291
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/retina.css
54.234.97.169200 OK 115 B URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/retina.css
IP 54.234.97.169:0
Hash ee5d2b27eb8a486f46909f007cd2c3bc
f1b58d02621607b7cbe1c775a5c04572fd2859ce
63ae9fac5779ea8db4b2bf9adebfb54f5651b105e4a935b3f4c42308e3ab8557
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt/condivise/stili/trasversali/retina.css HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Mon, 18 Oct 2021 23:21:36 GMT
Accept-Ranges: bytes
Content-Length: 115
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.poste.it/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-small.png
13.107.238.53200 OK 5.0 kB URL HTTP/2 www.poste.it/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-small.png
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 110 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e9962a2babbe39b3725e2a13d7b233d
e67105271b1076016a630071a3a231e0084e96ed
ccb7ecb1eadb470600c66ed9548f5dd49cfbbbd67eb34f9d4437eeec55c69212
GET /risorse_dt/condivise/immagini/loghi/logo-poste-italiane-small.png HTTP/1.1
Host: www.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600,public
pragma: public
content-length: 4959
content-type: image/png
expires: Sun, 05 Feb 2023 02:18:33 GMT
last-modified: Wed, 21 Dec 2022 14:55:14 GMT
accept-ranges: bytes
etag: "63a31e52-135f"
x-cache: CONFIG_NOCACHE
x-azure-ref: 06QPfYwAAAAAodEqfYSQfTbLDaP+zkB47Q1BIMzBFREdFMDQwOABiZWE0YWQ2MS1kNWI2LTRmYmYtOWYyMC04NzJlNzI1N2U1NmE=
date: Sun, 05 Feb 2023 01:18:33 GMT
X-Firefox-Spdy: h2
www.poste.it/bowser.js
13.107.238.53200 OK 17 kB IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 971b649748eb819a7f4c8cdc4805376c
f520540daa055e999dd6599e6e7e9f977899a8f6
61e2728bce5b153ccca7fd7ffe0a98a29dbfb0218300a39dd0cf0535635683f2
GET /bowser.js HTTP/1.1
Host: www.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600,public
pragma: public
content-length: 16647
content-type: application/javascript
expires: Sun, 05 Feb 2023 02:18:33 GMT
last-modified: Wed, 20 Oct 2021 13:58:32 GMT
accept-ranges: bytes
etag: "61702088-4107"
x-cache: CONFIG_NOCACHE
x-azure-ref: 06QPfYwAAAAB5GogaDVwZQrLP4ietVgcMQ1BIMzBFREdFMDQwOABiZWE0YWQ2MS1kNWI2LTRmYmYtOWYyMC04NzJlNzI1N2U1NmE=
date: Sun, 05 Feb 2023 01:18:33 GMT
X-Firefox-Spdy: h2
b.54-234-97-169.cprapid.com/risorse_dt/condivise/javascript/utilita.js
54.234.97.169200 OK 14 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/javascript/utilita.js
IP 54.234.97.169:0
File type ASCII text, with very long lines (534)
Hash 15e270138da3a46ed6a82f192fa0cf5c
86f7a03b47e1d63a8b5aecdb15be546aa7ec057a
ca9c7a3760bf9bf10d8386938fdce15b4327a4158bd836a446c2d4af3aa2d88d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /risorse_dt/condivise/javascript/utilita.js HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Sun, 18 Jul 2021 13:26:04 GMT
Accept-Ranges: bytes
Content-Length: 13994
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/megamenu-pi.css
54.234.97.169200 OK 26 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/megamenu-pi.css
IP 54.234.97.169:0
Hash 91a45dd5d6409bb0a5db3104a2f6c543
933b6e5b6acac709ff1e36d52135bf819df48507
89c0e53575ae03072f5b2a9d587c1611bad7a22090382318c391756dcf6e812c
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt/condivise/stili/trasversali/megamenu-pi.css HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:02 GMT
Accept-Ranges: bytes
Content-Length: 26357
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
b.54-234-97-169.cprapid.com/risorse_dt/condivise/javascript/poste-it.js
54.234.97.169200 OK 5.6 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/javascript/poste-it.js
IP 54.234.97.169:0
File type ASCII text, with very long lines (326)
Hash 11ed8d787ab28bb7faad321627cbf050
a82e0d6e34c4c166a1d0eb05907cbca2db830886
ee466faaa33a9e0c8786659f3a54c09fb056815dac6059867937a31797fa7929
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /risorse_dt/condivise/javascript/poste-it.js HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:40 GMT
Accept-Ranges: bytes
Content-Length: 5588
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
b.54-234-97-169.cprapid.com/risorse_dt/applicazioni/trasversali/stili/custom-form-element.css
54.234.97.169200 OK 18 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/applicazioni/trasversali/stili/custom-form-element.css
IP 54.234.97.169:0
File type ASCII text, with very long lines (376)
Hash eb65c2ea5d0082591243aee8425d4eff
a5adf6ce96c015f865a93d54b930cdfd5c6c669a
2213c377877c722511173afad5794c4ca2fce629c79d26a4df200fc4ab3f06f3
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt/applicazioni/trasversali/stili/custom-form-element.css HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:47:00 GMT
Accept-Ranges: bytes
Content-Length: 18280
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
b.54-234-97-169.cprapid.com/risorse_dt/condivise/javascript/scroll-pi.js
54.234.97.169200 OK 7.5 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/javascript/scroll-pi.js
IP 54.234.97.169:0
Hash 1019dc04b5f21a58f899ef6a5c0391d3
b39e7c8581a6b06a46911b64dbd1e81472971b62
e40c7597c5edee3bddede5398bfa7a3a25acd5e081138da68da133eb4ea8b822
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /risorse_dt/condivise/javascript/scroll-pi.js HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:42 GMT
Accept-Ranges: bytes
Content-Length: 7538
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
b.54-234-97-169.cprapid.com/risorse_dt/condivise/javascript/slick.min.js
54.234.97.169200 OK 42 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/javascript/slick.min.js
IP 54.234.97.169:0
File type ASCII text, with very long lines (32076)
Hash 14c2e83236ae603c42164f30103634c6
1b2bad348d7fb92022c2218882242ee6223b46b6
6fa18ab0db86897ea250d65eda6233b1533fdf7f94c9d44a6af2ee16af8242ab
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /risorse_dt/condivise/javascript/slick.min.js HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:44 GMT
Accept-Ranges: bytes
Content-Length: 41953
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
b.54-234-97-169.cprapid.com/risorse_dt/condivise/javascript/jquery.hc-sticky.min.js
54.234.97.169200 OK 8.9 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/javascript/jquery.hc-sticky.min.js
IP 54.234.97.169:0
File type exported SGML document, ASCII text, with very long lines (8423)
Hash 0cef027039bf8251fa53f22336981780
02f550f2117d54683191a964e0b54f3c253bb1b3
ce237a2bc80dd06901d9d66d3d6fd1a634157389d2daeabb377caab879ce3a02
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /risorse_dt/condivise/javascript/jquery.hc-sticky.min.js HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:32 GMT
Accept-Ranges: bytes
Content-Length: 8885
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
b.54-234-97-169.cprapid.com/risorse_dt/condivise/javascript/megamenu-pi.js
54.234.97.169200 OK 14 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/javascript/megamenu-pi.js
IP 54.234.97.169:0
Hash 250bfa1bdb9cc3ed6b8a48a5f2281784
092938daea2f1352513f18a21e27d4a9860bc31f
c5d5b2ba0288caa7178d3999dd5478ab6c9d2f6528ee421fa0af724cb8c94035
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /risorse_dt/condivise/javascript/megamenu-pi.js HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:38 GMT
Accept-Ranges: bytes
Content-Length: 14476
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
b.54-234-97-169.cprapid.com/risorse_dt/condivise/javascript/jquery.mobile.custom.min.js
54.234.97.169200 OK 7.8 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/javascript/jquery.mobile.custom.min.js
IP 54.234.97.169:0
File type ASCII text, with very long lines (7687)
Hash 74ee4c679b03074b55a1da9bbbe29cf5
745701d8ab39733f989313a5747c54cf3248eb5b
5c2f6c5d5cd0fe0ecfa24b844f841c8a73d8baaafb827ec413afa41335aa1c47
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /risorse_dt/condivise/javascript/jquery.mobile.custom.min.js HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:36 GMT
Accept-Ranges: bytes
Content-Length: 7784
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
b.54-234-97-169.cprapid.com/risorse_dt/applicazioni/trasversali/javascript/custom-form-element.js
54.234.97.169200 OK 6.8 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/applicazioni/trasversali/javascript/custom-form-element.js
IP 54.234.97.169:0
File type ASCII text, with very long lines (338)
Hash 0db4764d4e4e66899267d79703fe99ce
816c19ddfe3088858714d0ba55a646f5df09321a
aa3b054914a360287080d0bf7946f5fc59aab7ed99e2299ba2fc94c16f29f075
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /risorse_dt/applicazioni/trasversali/javascript/custom-form-element.js HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:46:48 GMT
Accept-Ranges: bytes
Content-Length: 6831
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
b.54-234-97-169.cprapid.com/risorse_dt/applicazioni/trasversali/javascript/utilita-app.js
54.234.97.169200 OK 3.0 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/applicazioni/trasversali/javascript/utilita-app.js
IP 54.234.97.169:0
Hash 9aa07ea97efef38c156c5065ec6b040e
3d25ced0d2bbac415a0f583f54bc270b7b051a45
9bdd42402354335825af6f1b45bb83f645c16199d4bc7ee5f428efb3dbfef811
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /risorse_dt/applicazioni/trasversali/javascript/utilita-app.js HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:46:52 GMT
Accept-Ranges: bytes
Content-Length: 2983
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
b.54-234-97-169.cprapid.com/jod-fcc/posteID/x-jod-poste-id.js
54.234.97.169200 OK 3.8 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/jod-fcc/posteID/x-jod-poste-id.js
IP 54.234.97.169:0
File type ASCII text, with CRLF line terminators
Hash fec7eb85618cb63c3fb5b3efee61d2b2
9c120ed394fa9ddf75062361fc00c073d3ace5aa
12359170db0ece19b214a4f15092e82199ca7b179bc8ef4ffa722918f4623b46
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /jod-fcc/posteID/x-jod-poste-id.js HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:43:24 GMT
Accept-Ranges: bytes
Content-Length: 3812
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
b.54-234-97-169.cprapid.com/jod-fcc/resources/portal/js-rsa-2/hashtable.js
54.234.97.169200 OK 14 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/jod-fcc/resources/portal/js-rsa-2/hashtable.js
IP 54.234.97.169:0
File type ASCII text, with CRLF line terminators
Hash f47c9a2aad50eddc384597280522f86a
73500eb3a7b9c96d0b6f075bc7a742dfe014a2a1
138143108101149f64bcda5fe38cdd2f3f2139cc957b45949e71fac33ea94482
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /jod-fcc/resources/portal/js-rsa-2/hashtable.js HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:44:12 GMT
Accept-Ranges: bytes
Content-Length: 14081
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
b.54-234-97-169.cprapid.com/risorse_dt/condivise/javascript/jquery.min.js
54.234.97.169200 OK 97 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/javascript/jquery.min.js
IP 54.234.97.169:0
File type ASCII text, with very long lines (32077)
Hash 4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /risorse_dt/condivise/javascript/jquery.min.js HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:34 GMT
Accept-Ranges: bytes
Content-Length: 97163
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
b.54-234-97-169.cprapid.com/jod-fcc/resources/portal/js-rsa-2/pbase-css-poste.js
54.234.97.169200 OK 2.9 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/jod-fcc/resources/portal/js-rsa-2/pbase-css-poste.js
IP 54.234.97.169:0
File type ASCII text, with very long lines (597), with CRLF line terminators
Hash 03aea05809bf32353408cb78cdf40f08
5bfe199b18c64b584d8bc98308c769c8e32b331a
9b8d058f857c6ca7f7d4c0ef2e800c6884d6a89bb52cb294774505d1d3c7283b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /jod-fcc/resources/portal/js-rsa-2/pbase-css-poste.js HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:44:16 GMT
Accept-Ranges: bytes
Content-Length: 2915
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
b.54-234-97-169.cprapid.com/jod-fcc/resources/portal/js-polling/jdpolling.js
54.234.97.169404 Not Found 315 B URL HTTP/1.1 b.54-234-97-169.cprapid.com/jod-fcc/resources/portal/js-polling/jdpolling.js
IP 54.234.97.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /jod-fcc/resources/portal/js-polling/jdpolling.js HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
b.54-234-97-169.cprapid.com/risorse_dt/condivise/javascript/start-script.js
54.234.97.169200 OK 23 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/javascript/start-script.js
IP 54.234.97.169:0
File type Unicode text, UTF-8 text, with very long lines (306)
Hash ed56f6a18269e8a0626db5de25f3f657
c850fa6c06893edb1926db33bf7d13971f6e2ad5
4d43fc9cc16f5907f1a85777ae1e40d4e520a10302c424c505325723b64ea160
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /risorse_dt/condivise/javascript/start-script.js HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:46 GMT
Accept-Ranges: bytes
Content-Length: 22866
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
b.54-234-97-169.cprapid.com/jod-fcc/resources/portal/js-rsa-2/rsa.js
54.234.97.169200 OK 39 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/jod-fcc/resources/portal/js-rsa-2/rsa.js
IP 54.234.97.169:0
File type ASCII text, with very long lines (2059), with CRLF line terminators
Hash 5791e2f173300646df45d5698867dc27
b28280fcfccd6891e88d912834062ee18e9f7333
a8e90848cdc80b7134da128a50574ec9f913f947ce72a769d392177eb8647377
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /jod-fcc/resources/portal/js-rsa-2/rsa.js HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:33 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:44:20 GMT
Accept-Ranges: bytes
Content-Length: 39372
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
b.54-234-97-169.cprapid.com/risorse_dt/bootstrap/js/ie10-viewport-bug-workaround.js
54.234.97.169200 OK 694 B URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/bootstrap/js/ie10-viewport-bug-workaround.js
IP 54.234.97.169:0
Hash b5a0dd7ce1f7c1c6b80b5abe13308dd2
6cc4835430ac4ba8845fd02efdb5688166a5ed8a
ce01c41255d7e61cc44e865184559085737a98cf6911ef67f915692152b88852
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /risorse_dt/bootstrap/js/ie10-viewport-bug-workaround.js HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:48:00 GMT
Accept-Ranges: bytes
Content-Length: 694
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/typography.css
54.234.97.169200 OK 5.1 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/typography.css
IP 54.234.97.169:0
File type assembler source, ASCII text
Hash 9bc1f2ccabef97230a29e52bb7d71e2e
c2cc92960a2674ffa0c8d32b2133e596b3613630
2a96cd832563fdde56f4c71a663dd68bd9202eeed6a4c2c525e3275e4e68be06
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt/condivise/stili/trasversali/typography.css HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:10 GMT
Accept-Ranges: bytes
Content-Length: 5123
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/fonts.css
54.234.97.169200 OK 4.5 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/fonts.css
IP 54.234.97.169:0
Hash c26ff7c37210341d690599a8a2310737
3127758f8fcf89472099f6963b90464cbe3b01b9
f4e596fd7ef88f965cc4df8dd6895f65cbdb0d2f49e58bfc5c4832675318ddc0
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt/condivise/stili/trasversali/fonts.css HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Sun, 18 Jul 2021 13:10:22 GMT
Accept-Ranges: bytes
Content-Length: 4511
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/spaces.css
54.234.97.169200 OK 30 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/spaces.css
IP 54.234.97.169:0
Hash a0339ef2039b90034b16e341e508b5e8
dab67a84e5a8228a6f9ed90f05b8a7b983912b3c
9fb634a5bbfbee4fc2503595fa18a98142ca8cf0bb29984d065edfeef0006bdd
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt/condivise/stili/trasversali/spaces.css HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:49:08 GMT
Accept-Ranges: bytes
Content-Length: 29954
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
b.54-234-97-169.cprapid.com/risorse_dt/bootstrap/js/bootstrap.js
54.234.97.169200 OK 69 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/bootstrap/js/bootstrap.js
IP 54.234.97.169:0
Hash e3676b6eb90f0f6739c89d56a3efa245
83188f24cfbd8e33b69b23139202c0cf2f390063
31d80f65a2c078aa3ca5051504f29d8986df61f04bc998036527374eef1c286b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /risorse_dt/bootstrap/js/bootstrap.js HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:47:58 GMT
Accept-Ranges: bytes
Content-Length: 69214
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/alignment.css
54.234.97.169200 OK 2.7 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/alignment.css
IP 54.234.97.169:0
File type assembler source, ASCII text
Hash 2b774691bee7183287e841ed3287c1c1
bb03284b1ee77d718adee2286f8ce20e42f0e9c6
8d4821ff1de6348bb012672849a8205eb9833edde9b1e417f2fa5365261c08bf
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt/condivise/stili/trasversali/alignment.css HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:48:50 GMT
Accept-Ranges: bytes
Content-Length: 2731
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/extra.css
54.234.97.169200 OK 5.0 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/extra.css
IP 54.234.97.169:0
Hash 6845e4602367a2454bf3a8aa15d014a6
841e011124cb8f568f3c2d8bfcb3013ea6f042fd
dc4a581b65b22475fbb99580954525d488986dc35b37b19310d30a0598a32fde
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt/condivise/stili/trasversali/extra.css HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:48:58 GMT
Accept-Ranges: bytes
Content-Length: 4991
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/base-element.css
54.234.97.169200 OK 214 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/base-element.css
IP 54.234.97.169:0
Size 214 kB (213450 bytes)
Hash f938de6880813c3c7b2a30b28a6c0da8
19d93950a34345d83dfc8096214d6082c2d6706a
1f615511776a12840fb4cccea90ef49bc3c6bc0d430932bd6f219e82e13c025b
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt/condivise/stili/trasversali/base-element.css HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/base.css
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Sun, 18 Jul 2021 13:01:52 GMT
Accept-Ranges: bytes
Content-Length: 213450
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
b.54-234-97-169.cprapid.com/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png
54.234.97.169404 Not Found 315 B URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png
IP 54.234.97.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
b.54-234-97-169.cprapid.com/risorse_dt_ext/icone/small-modal-ico-bp-pp.png
54.234.97.169200 OK 13 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt_ext/icone/small-modal-ico-bp-pp.png
IP 54.234.97.169:0
File type PNG image data, 132 x 132, 8-bit/color RGBA, non-interlaced\012- data
Hash 22e37aed1a37a4d10a2c011e969a1337
05d054f563899fffd3ffd4f5cba486c5273d17d9
d4a66d846de1a39c49b3d03f1c4c4d21cd9f5436f362b7a72fd2eb773f6cfaca
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt_ext/icone/small-modal-ico-bp-pp.png HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Tue, 21 Jul 2020 12:31:20 GMT
Accept-Ranges: bytes
Content-Length: 12995
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
b.54-234-97-169.cprapid.com/risorse_dt_ext/icone/empty-profile.png
54.234.97.169404 Not Found 315 B URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt_ext/icone/empty-profile.png
IP 54.234.97.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt_ext/icone/empty-profile.png HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
b.54-234-97-169.cprapid.com/risorse_dt_ext/icone/ico-bp.png
54.234.97.169200 OK 3.5 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt_ext/icone/ico-bp.png
IP 54.234.97.169:0
File type PNG image data, 45 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 8d96bc9b08477815ed8655ced98af0ac
04b6fa972775456746a7cfeba72f3878cf904183
d7f9c88c4f19de13e5ef1040c08cd72970808301de221e2ea7acfc71bf802cc1
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt_ext/icone/ico-bp.png HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Tue, 21 Jul 2020 12:31:12 GMT
Accept-Ranges: bytes
Content-Length: 3511
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
b.54-234-97-169.cprapid.com/risorse_dt_ext/icone/ico-pp.png
54.234.97.169200 OK 3.0 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt_ext/icone/ico-pp.png
IP 54.234.97.169:0
File type PNG image data, 45 x 44, 8-bit/color RGB, non-interlaced\012- data
Hash b58f05ef3e25628af63aca1f633afef2
ed29c9437597aed2c13291305a262d03684d8910
068347897472440f46e706b2d61c77ec861e2facb34b567e2e2c851ae1bc4dea
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt_ext/icone/ico-pp.png HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Tue, 21 Jul 2020 12:31:16 GMT
Accept-Ranges: bytes
Content-Length: 2957
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
b.54-234-97-169.cprapid.com/.jod-fcc/qrr.png
54.234.97.169404 Not Found 315 B URL HTTP/1.1 b.54-234-97-169.cprapid.com/.jod-fcc/qrr.png
IP 54.234.97.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /.jod-fcc/qrr.png HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
2.18.172.233200 OK 12 kB URL HTTP/2 assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
IP 2.18.172.233:0
File type ASCII text, with very long lines (32717)
Hash 9edbefe8919a34cc9ec5343e49caf90d
9e8f2b92a35df8e01814e558d10248a928ea2504
c276e66ee697edfb8fbe70a13d6cb8498b21fb998d10d6faaf3999f34f5525cc
GET /extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 12384
expires: Sun, 05 Feb 2023 02:18:34 GMT
date: Sun, 05 Feb 2023 01:18:34 GMT
cache-control: no-cache
access-control-allow-origin: https://b.54-234-97-169.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
2.18.172.233200 OK 1.6 kB URL HTTP/2 assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
IP 2.18.172.233:0
File type ASCII text, with very long lines (3138)
Hash dbb5211703cf7696d634360cc8874fa7
9231e7ebe8096b629c9ac522e41f8c2a8013db99
535a218392da01549f9fd640908f59c213e809c2db778c36094e3a84959106df
GET /extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1598
expires: Sun, 05 Feb 2023 02:18:34 GMT
date: Sun, 05 Feb 2023 01:18:34 GMT
cache-control: no-cache
access-control-allow-origin: https://b.54-234-97-169.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6330
Expires: Sun, 05 Feb 2023 03:04:04 GMT
Date: Sun, 05 Feb 2023 01:18:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6330
Expires: Sun, 05 Feb 2023 03:04:04 GMT
Date: Sun, 05 Feb 2023 01:18:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6330
Expires: Sun, 05 Feb 2023 03:04:04 GMT
Date: Sun, 05 Feb 2023 01:18:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6330
Expires: Sun, 05 Feb 2023 03:04:04 GMT
Date: Sun, 05 Feb 2023 01:18:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61ef2f28-06d6-4c28-b598-e80a6c49ef77.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61ef2f28-06d6-4c28-b598-e80a6c49ef77.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f4a8749b09484bfc2a8fe4b33c69624
299d7514cf29c2dbd919581883239ef44c0984dd
22a61b6e7b48eeb44339469a353efdef0dc089be670fb490627dd33adc59168b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61ef2f28-06d6-4c28-b598-e80a6c49ef77.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4526
x-amzn-requestid: 0942d90f-c9a6-40e6-9439-5da97a42cd35
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fye2wEngoAMFmGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddab5e-5d3234d519561b4040eff4c3;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:48:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WqipgPOkYYXuD4D0MYHUEn4Gusno3xTQyHrwq-XlF9mwiPP0BtQGWg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 09:56:11 GMT
age: 55343
etag: "299d7514cf29c2dbd919581883239ef44c0984dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94063a59-0665-4d1d-89f4-785b4ab501d8.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94063a59-0665-4d1d-89f4-785b4ab501d8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bee08788da5b88dde69aeb1d4de005c9
537c7a19a9395a60452b6b0b3ae08d47f4705181
02365d88ae9ff3ace3f29509df0e436ab0838d44714ef0f25dea463d665f794a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94063a59-0665-4d1d-89f4-785b4ab501d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6486
x-amzn-requestid: 544d13b9-8d45-4029-88e0-280f27cc0fa3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi4-SHN1IAMFSkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76ec1-3f1ee84f53fe45cc01439a28;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:16:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TtyPO9j12ZpU3XdElRgCrqB4XNERrppavwJZJn5As8mqjjDLyZBmsw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:39 GMT
age: 12895
etag: "537c7a19a9395a60452b6b0b3ae08d47f4705181"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 062e186a259eda97173695240a492c63
9b476a4ec219667f560b88199a3a4e4b0a93b579
d18570d3c4ada689b5c2a99b0783ce41c629bd125e6683cf225e01b7032f14a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12256
x-amzn-requestid: 1b959eb9-cf69-414c-b57b-4a63277d709c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvgx-EhgoAMF2wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc7b3f-2c58e8ac2aee8a8f409a93a0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 03:10:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dvxlk1iSyNfjmNRI_8HcmhG9_xe0ZlaZ0Pzj0H9EBR6wwXKg0L7YVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 05:55:27 GMT
age: 69787
etag: "9b476a4ec219667f560b88199a3a4e4b0a93b579"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 13:05:46 GMT
age: 43968
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3f52758-d976-47aa-a47d-f0d6026514dc.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3f52758-d976-47aa-a47d-f0d6026514dc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f28ffcf384ce958b6302d05b6690c088
e5d4cbfc7482d35ee2ca03a7178426f3e2e97010
725d42a020d496f596074794cc2abdaca8a9b821e1a3502eee26056d0f528506
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3f52758-d976-47aa-a47d-f0d6026514dc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7665
x-amzn-requestid: 001ba86d-ebc8-4819-89f7-1604bc059cd8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGibFeqIAMFqMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8475-076d982b5fccf2b931a05976;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:10:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gnkjykHYcMthJkIb-A1P1rRw9FZieh3TmoTT3qVaceWw03TQNX8qfQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:32:24 GMT
age: 9970
etag: "e5d4cbfc7482d35ee2ca03a7178426f3e2e97010"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7a466d89c75ff3459b7328591db52cf
c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb
e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:58 GMT
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
age: 11256
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
b.54-234-97-169.cprapid.com/jod-fcc/resources/portal/js-polling/jdpolling.js
54.234.97.169404 Not Found 315 B URL HTTP/1.1 b.54-234-97-169.cprapid.com/jod-fcc/resources/portal/js-polling/jdpolling.js
IP 54.234.97.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /jod-fcc/resources/portal/js-polling/jdpolling.js HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
assets.adobedtm.com/4d622ce80bd2/66013fe91d66/9f1c66cb2727/RCce78d2ba79364101b982bf481cca240c-source.min.js
2.18.172.233200 OK 1.1 kB URL HTTP/2 assets.adobedtm.com/4d622ce80bd2/66013fe91d66/9f1c66cb2727/RCce78d2ba79364101b982bf481cca240c-source.min.js
IP 2.18.172.233:0
File type ASCII text, with very long lines (3366)
Hash 7e6264ecc75f3523299c0c87e37142d6
f1ce41e1309db63d9193a6c470cb23937c12911d
6237aae5a11faff19cfbc09cbc47cab5b61014e465c9259a5246c6e42f3ba246
GET /4d622ce80bd2/66013fe91d66/9f1c66cb2727/RCce78d2ba79364101b982bf481cca240c-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "157831d66f312d49aa942950fc941437:1672761834.591696"
last-modified: Tue, 03 Jan 2023 16:03:54 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1104
cache-control: max-age=3600
expires: Sun, 05 Feb 2023 02:18:34 GMT
date: Sun, 05 Feb 2023 01:18:34 GMT
access-control-allow-origin: https://b.54-234-97-169.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/4d622ce80bd2/66013fe91d66/9f1c66cb2727/RCace12870bc974581b26b193857913875-source.min.js
2.18.172.233200 OK 1.1 kB URL HTTP/2 assets.adobedtm.com/4d622ce80bd2/66013fe91d66/9f1c66cb2727/RCace12870bc974581b26b193857913875-source.min.js
IP 2.18.172.233:0
File type HTML document, ASCII text, with very long lines (3225)
Hash 1791176d104c8c0e300eb1a4c5b06bb3
3aeb7fe2c23bf280c2289f13c4372267b651f0e2
cfba455d8f73debc9c5594beaaaebe4fa4ee10216ac9a50757968de9e47a47f3
GET /4d622ce80bd2/66013fe91d66/9f1c66cb2727/RCace12870bc974581b26b193857913875-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "157831d66f312d49aa942950fc941437:1672761834.591696"
last-modified: Tue, 03 Jan 2023 16:03:54 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1073
cache-control: max-age=3600
expires: Sun, 05 Feb 2023 02:18:34 GMT
date: Sun, 05 Feb 2023 01:18:34 GMT
access-control-allow-origin: https://b.54-234-97-169.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/4d622ce80bd2/66013fe91d66/9f1c66cb2727/RC0571d095fad64781ad9ad87fc8a7eda3-source.min.js
2.18.172.233200 OK 1.2 kB URL HTTP/2 assets.adobedtm.com/4d622ce80bd2/66013fe91d66/9f1c66cb2727/RC0571d095fad64781ad9ad87fc8a7eda3-source.min.js
IP 2.18.172.233:0
File type ASCII text, with very long lines (2795)
Hash 7ab934797af682d79b4053afb8e791b5
b8eebb3755b6c7f539169f770a713e114ef5a1e7
9b5c69a34cc80d2b39456ec2425de36cde7e8e8d2c16b94338c562188da996e9
GET /4d622ce80bd2/66013fe91d66/9f1c66cb2727/RC0571d095fad64781ad9ad87fc8a7eda3-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "157831d66f312d49aa942950fc941437:1672761834.591696"
last-modified: Tue, 03 Jan 2023 16:03:54 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1210
cache-control: max-age=3600
expires: Sun, 05 Feb 2023 02:18:34 GMT
date: Sun, 05 Feb 2023 01:18:34 GMT
access-control-allow-origin: https://b.54-234-97-169.cprapid.com
timing-allow-origin: *
X-Firefox-Spdy: h2
b.54-234-97-169.cprapid.com/.jod-fcc/qrr.png
54.234.97.169404 Not Found 315 B URL HTTP/1.1 b.54-234-97-169.cprapid.com/.jod-fcc/qrr.png
IP 54.234.97.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /.jod-fcc/qrr.png HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
b.54-234-97-169.cprapid.com/risorse_dt_ext/icone/empty-profile.png
54.234.97.169404 Not Found 315 B URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt_ext/icone/empty-profile.png
IP 54.234.97.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt_ext/icone/empty-profile.png HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
b.54-234-97-169.cprapid.com/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png
54.234.97.169404 Not Found 315 B URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png
IP 54.234.97.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt/condivise/immagini/loghi/logo-poste-italiane-medium.png HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
b.54-234-97-169.cprapid.com/risorse_dt/applicazioni/trasversali/immagini/eye.png
54.234.97.169200 OK 645 B URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/applicazioni/trasversali/immagini/eye.png
IP 54.234.97.169:0
File type PNG image data, 24 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 5dfd11f759177ca66df6bfb649fa131c
8151b051d99d5988a9761adcc40089bfb20f5576
5931ba755c44c364f074f95a904536fb4076da4e44c811a1934c5fff735c39c4
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt/applicazioni/trasversali/immagini/eye.png HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:46:32 GMT
Accept-Ranges: bytes
Content-Length: 645
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/risorse_dt/condivise/immagini/icone/icone-default-on/ico-torna-indietro.png
54.234.97.169404 Not Found 315 B URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/risorse_dt/condivise/immagini/icone/icone-default-on/ico-torna-indietro.png
IP 54.234.97.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt/condivise/stili/trasversali/risorse_dt/condivise/immagini/icone/icone-default-on/ico-torna-indietro.png HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/base-element.css
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
b.54-234-97-169.cprapid.com/risorse_dt_ext/icone/bg-qrcode.png
54.234.97.169200 OK 5.3 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt_ext/icone/bg-qrcode.png
IP 54.234.97.169:0
File type PNG image data, 624 x 210, 8-bit/color RGBA, non-interlaced\012- data
Hash 4ed242012ee510aca41b30408eb02cc7
957fd32bcb5bc79b1f6e7795e2c6a6444dc462f0
bf6bcbcf84ff0f18c4110fa868c29ff14aef2458be49afd0ffe37e5f9cd74950
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt_ext/icone/bg-qrcode.png HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Tue, 21 Jul 2020 12:31:04 GMT
Accept-Ranges: bytes
Content-Length: 5348
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/s/gts1p5/97q-VzuQ-Mw
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/97q-VzuQ-Mw
IP 142.250.74.163:0
Hash 5a32b157568ccb90902c237b8e94279e
3b25bd8c9a6021eab7780cc9f080851bbcdfdbab
3d4542bd0cf1b748912a495dfd661b68a5cf7b77ccab329396d31ba5bc1a1c3a
POST /s/gts1p5/97q-VzuQ-Mw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 01:18:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
b.54-234-97-169.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Book/Texta-Book.woff
54.234.97.169200 OK 32 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Book/Texta-Book.woff
IP 54.234.97.169:0
File type Web Open Font Format, TrueType, length 32412, version 1.0\012- data
Hash e49b4a99e99a162382c9135468cdff61
6fe7b52d7195d20e9d8ad05d4068dd87ddaeff76
0fa4aee030662ed700dc5cb2e13e52b85fb1254a195d9ab0a1a10d79e645c8f8
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /risorse_dt/condivise/fonts/texta/Texta-Book/Texta-Book.woff HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/fonts.css
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:53:54 GMT
Accept-Ranges: bytes
Content-Length: 32412
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: font/woff
b.54-234-97-169.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Regular/Texta-Regular.woff
54.234.97.169200 OK 32 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Regular/Texta-Regular.woff
IP 54.234.97.169:0
File type Web Open Font Format, TrueType, length 32376, version 1.0\012- data
Hash 8d611853ca1853f21ea4d768306f965e
b189a033f6a69180f2f705557021861ee89af975
4563e60af72ef8d0cc8b7c64716d81610d2f6595c7f76c8069b2015a89d623e2
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /risorse_dt/condivise/fonts/texta/Texta-Regular/Texta-Regular.woff HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/fonts.css
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:54:16 GMT
Accept-Ranges: bytes
Content-Length: 32376
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff
b.54-234-97-169.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Medium/Texta-Medium.woff
54.234.97.169200 OK 33 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Medium/Texta-Medium.woff
IP 54.234.97.169:0
File type Web Open Font Format, TrueType, length 32756, version 1.0\012- data
Hash ddcb123ab58089ce07fa2d0e767decc4
b6bdcb18d6e6c3a28a40a041324001c794375c85
98a9f23066501d2b1676f72a2feb355caa114d4dffce7bae927083af92ccd6c9
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /risorse_dt/condivise/fonts/texta/Texta-Medium/Texta-Medium.woff HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/fonts.css
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:54:10 GMT
Accept-Ranges: bytes
Content-Length: 32756
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: font/woff
b.54-234-97-169.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Light/Texta-Light.woff
54.234.97.169200 OK 32 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/fonts/texta/Texta-Light/Texta-Light.woff
IP 54.234.97.169:0
File type Web Open Font Format, TrueType, length 31976, version 1.0\012- data
Hash dcdd69e7910e57b0adc381e0fcf93e3e
21fd668706b3cd97f1b5df0c61ac4b05ab0bdf29
e3e914fafd966522cc6e0db2355a72202ece3052e768b0e34d05bdc4d26bf489
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /risorse_dt/condivise/fonts/texta/Texta-Light/Texta-Light.woff HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/risorse_dt/condivise/stili/trasversali/fonts.css
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:54:02 GMT
Accept-Ranges: bytes
Content-Length: 31976
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: font/woff
b.54-234-97-169.cprapid.com/risorse_dt/condivise/immagini/generiche/spinner_giallo.gif
54.234.97.169200 OK 34 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/immagini/generiche/spinner_giallo.gif
IP 54.234.97.169:0
File type GIF image data, version 89a, 150 x 150\012- data
Hash 442d51dab3205cf4c81de67e4bafdbda
52726f8f87116bd1fd03e9d99c0bb22afd168937
ea638c8244c7a5cc50e617807b1fc35637430f976e8210ef3d560a5eb059e5f5
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt/condivise/immagini/generiche/spinner_giallo.gif HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Thu, 18 Jun 2020 06:50:40 GMT
Accept-Ranges: bytes
Content-Length: 33869
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
b.54-234-97-169.cprapid.com/risorse_dt/condivise/immagini/loghi/logo-poste-italiane.png
54.234.97.169200 OK 7.3 kB URL HTTP/1.1 b.54-234-97-169.cprapid.com/risorse_dt/condivise/immagini/loghi/logo-poste-italiane.png
IP 54.234.97.169:0
File type PNG image data, 388 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 5f334889f79c8a60aca123b6f0e77cd6
b24faf71ad0f3fdb6228e8c101190aafa12b9216
f73f55b1729c6267bf5137b3de7a4e3a842780a87d7a918e878ff63437bb6a87
Analyzer Verdict Alert quad9 Sinkholed
GET /risorse_dt/condivise/immagini/loghi/logo-poste-italiane.png HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:34 GMT
Server: Apache
Last-Modified: Fri, 11 Dec 2020 02:33:04 GMT
Accept-Ranges: bytes
Content-Length: 7296
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
ocsp.globalsign.com/gsrsaovsslca2018
151.101.66.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.66.133:0
Hash cd22c01043997628850f10bcfe6b305b
446fd94a6cdc612797c30169436fa2a53e255586
1af0e85babb49c7979b1a10c4b11a963a3b9ace3d451d0f2231044483105ab0c
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Wed, 08 Feb 2023 23:39:28 GMT
ETag: "446fd94a6cdc612797c30169436fa2a53e255586"
Last-Modified: Sat, 04 Feb 2023 23:39:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 05 Feb 2023 01:18:35 GMT
Age: 0
X-Served-By: cache-qpg1223-QPG, cache-bma1674-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 1, 0
X-Timer: S1675559915.994133,VS0,VE190
widget.poste.it/js/custom.js
62.241.5.94200 OK 31 kB URL HTTP/1.1 widget.poste.it/js/custom.js
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type HTML document, Unicode text, UTF-8 text, with very long lines (306)
Hash e84988c180eec87621660bfd18da9af3
043326fe6385ac741d5c44f765dbe5bc9490d83d
05f5bac65a4da7b2658711f9ca44cfa9d17311287dad65f928c0922b4b8f16c2
GET /js/custom.js HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:35 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:05 GMT
ETag: "7808-5ee8af14ff540"
Accept-Ranges: bytes
Content-Length: 30728
Access-Control-Allow-Origin:
Keep-Alive: timeout=278, max=84
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 4837206a8cfc4c9dc2b6c4248f4bbc95
005dd2dadbf30e938e51b94bd3889c30c7a4c4bf
40631588446256234c01c152fa9a5937c832322e9903b4c8674fa1bb892e6ffc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6563
Cache-Control: max-age=85782
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 01:18:35 GMT
Etag: "63dd965e-139"
Expires: Mon, 06 Feb 2023 01:08:17 GMT
Last-Modified: Fri, 03 Feb 2023 23:18:54 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 313
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 73904ce8b9f54f1a139d128f80e73cc2
51bdabba475b242d329a2526f7cde71a33b27ae2
e97a9086bd4690d8bae30211edd3bb4784fc570be218287cd1172fb2468fc79c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 05:29:14 GMT
Expires: Sat, 11 Feb 2023 05:29:13 GMT
Etag: "51bdabba475b242d329a2526f7cde71a33b27ae2"
Cache-Control: max-age=532837,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7947d01fade0b511-OSL
b.54-234-97-169.cprapid.com/favicon.ico
54.234.97.169404 Not Found 315 B URL HTTP/1.1 b.54-234-97-169.cprapid.com/favicon.ico
IP 54.234.97.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: b.54-234-97-169.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: PHPSESSID=db998a387a5777200a4ae2587548ba02; s_fid=4F2E44E070DEA300-0A05ACD1513A41D5; s_cc=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 01:18:35 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
posteitalianespa.sc.omtrdc.net/b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s46566787434239?AQB=1&ndh=1&pf=1&t=5%2F1%2F2023%201%3A19%3A12%200%200&fid=4F2E44E070DEA300-0A05ACD1513A41D5&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b.54-234-97-169.cprapid.com%2F&c2=b.54-234-97-169.cprapid.com%2F&v2=b.54-234-97-169.cprapid.com%2F&v32=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&v46=DEFAULT&v198=2023-01-03T16%3A02%3A29Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
15.236.117.205302 Found 0 B URL HTTP/2 posteitalianespa.sc.omtrdc.net/b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s46566787434239?AQB=1&ndh=1&pf=1&t=5%2F1%2F2023%201%3A19%3A12%200%200&fid=4F2E44E070DEA300-0A05ACD1513A41D5&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b.54-234-97-169.cprapid.com%2F&c2=b.54-234-97-169.cprapid.com%2F&v2=b.54-234-97-169.cprapid.com%2F&v32=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&v46=DEFAULT&v198=2023-01-03T16%3A02%3A29Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
IP 15.236.117.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s46566787434239?AQB=1&ndh=1&pf=1&t=5%2F1%2F2023%201%3A19%3A12%200%200&fid=4F2E44E070DEA300-0A05ACD1513A41D5&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b.54-234-97-169.cprapid.com%2F&c2=b.54-234-97-169.cprapid.com%2F&v2=b.54-234-97-169.cprapid.com%2F&v32=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&v46=DEFAULT&v198=2023-01-03T16%3A02%3A29Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: posteitalianespa.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
access-control-allow-origin: *
vary: Origin
date: Sun, 05 Feb 2023 01:18:35 GMT
content-type: text/plain;charset=utf-8
expires: Sat, 04 Feb 2023 01:18:35 GMT
last-modified: Mon, 06 Feb 2023 01:18:35 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi_oplkzx7Eoo1pizmx7Ess1oplkz1vkx7Esvx7Eqz=[CS]v4|0-0|63DF03EB[CE]; Path=/; Domain=omtrdc.net; Max-Age=63072000; Expires=Tue, 04 Feb 2025 01:18:18 GMT; SameSite=None; Secure
location: https://posteitalianespa.sc.omtrdc.net/b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s46566787434239?AQB=1&pccr=true&ndh=1&pf=1&t=5%2F1%2F2023%201%3A19%3A12%200%200&fid=4F2E44E070DEA300-0A05ACD1513A41D5&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b.54-234-97-169.cprapid.com%2F&c2=b.54-234-97-169.cprapid.com%2F&v2=b.54-234-97-169.cprapid.com%2F&v32=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&v46=DEFAULT&v198=2023-01-03T16%3A02%3A29Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
content-length: 0
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
widget.poste.it/json/widgetLabels.json
62.241.5.94200 OK 7.1 kB URL HTTP/1.1 widget.poste.it/json/widgetLabels.json
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash f6bcc872c62240d4339b14acdb952341
2a14c8c5c5513ba23351a67ae1a6f23f95626a23
5dee78278049e1a73e771b2ea7b4d3cbf89f71a2e6c535e07e45ff392cb89fa4
POST /json/widgetLabels.json HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://b.54-234-97-169.cprapid.com
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:35 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "1bd5-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 7125
Access-Control-Allow-Origin: https://b.54-234-97-169.cprapid.com
Keep-Alive: timeout=278, max=83
Connection: Keep-Alive
Content-Type: application/json
posteitalianespa.sc.omtrdc.net/b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s46566787434239?AQB=1&pccr=true&ndh=1&pf=1&t=5%2F1%2F2023%201%3A19%3A12%200%200&fid=4F2E44E070DEA300-0A05ACD1513A41D5&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b.54-234-97-169.cprapid.com%2F&c2=b.54-234-97-169.cprapid.com%2F&v2=b.54-234-97-169.cprapid.com%2F&v32=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&v46=DEFAULT&v198=2023-01-03T16%3A02%3A29Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
15.236.117.205200 OK 43 B URL HTTP/2 posteitalianespa.sc.omtrdc.net/b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s46566787434239?AQB=1&pccr=true&ndh=1&pf=1&t=5%2F1%2F2023%201%3A19%3A12%200%200&fid=4F2E44E070DEA300-0A05ACD1513A41D5&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b.54-234-97-169.cprapid.com%2F&c2=b.54-234-97-169.cprapid.com%2F&v2=b.54-234-97-169.cprapid.com%2F&v32=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&v46=DEFAULT&v198=2023-01-03T16%3A02%3A29Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
IP 15.236.117.205:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/posteapp.overall.poste.italiane/1/JS-2.23.0-LCXS/s46566787434239?AQB=1&pccr=true&ndh=1&pf=1&t=5%2F1%2F2023%201%3A19%3A12%200%200&fid=4F2E44E070DEA300-0A05ACD1513A41D5&ce=UTF-8&pageName=Accedi%20o%20Registrati&g=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&c.&getPreviousValue=3.0.1&p_fo=3.0&.c&cc=EUR&c1=b.54-234-97-169.cprapid.com%2F&c2=b.54-234-97-169.cprapid.com%2F&v2=b.54-234-97-169.cprapid.com%2F&v32=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&v46=DEFAULT&v198=2023-01-03T16%3A02%3A29Z&v200=WEB&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: posteitalianespa.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.54-234-97-169.cprapid.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Sun, 05 Feb 2023 01:18:35 GMT
expires: Sat, 04 Feb 2023 01:18:35 GMT
last-modified: Mon, 06 Feb 2023 01:18:35 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi_oplkzx7Eoo1pizmx7Ess1oplkz1vkx7Esvx7Eqz=[CS]v4|4F2E44E070DEA300-A05ACD1513A41D5|0[CE]; Path=/; Domain=omtrdc.net; Max-Age=63072000; Expires=Tue, 04 Feb 2025 01:18:18 GMT; SameSite=None; Secure
etag: 3598237519817670656-4619653124552123355
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 40b7dcf6bd6a14ca9baf819d2d83dbcc
53c7815c810fd495ca3e0d72894f1c5b99fd369e
94ccaeb13c5d2e02f0508cabdb68cb057086098eb46941d266236cc38758965e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 21:46:11 GMT
Expires: Wed, 08 Feb 2023 21:46:10 GMT
Etag: "53c7815c810fd495ca3e0d72894f1c5b99fd369e"
Cache-Control: max-age=332254,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7947d021eb13b527-OSL
api.ipify.org/
64.185.227.155200 OK 12 B IP 64.185.227.155:0
File type ASCII text, with no line terminators
Hash 35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
GET / HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://b.54-234-97-169.cprapid.com
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://b.54-234-97-169.cprapid.com
content-type: text/plain
date: Sun, 05 Feb 2023 01:18:35 GMT
vary: Origin
content-length: 12
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f778d551c0863c1a21556c8505894dff
2eeaa5eaa20a00dcd52e5912430d5a0819495c78
6eeff9b51275defc26c45f86df2f82a3cb5cce699667c36437d76daebffd2369
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 23:33:41 GMT
Expires: Wed, 08 Feb 2023 23:33:40 GMT
Etag: "2eeaa5eaa20a00dcd52e5912430d5a0819495c78"
Cache-Control: max-age=338704,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7947d02198a7b511-OSL
widget.poste.it/fonts/Texta-Black.woff
62.241.5.94200 OK 33 kB URL HTTP/1.1 widget.poste.it/fonts/Texta-Black.woff
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type Web Open Font Format, TrueType, length 33140, version 1.0\012- data
Hash bb38c2004fb8284b41ab208428f57e57
eede479ce3535e6dd33934e677de0b7224ce31c4
3d4a9402bef6028217f3f4279e7f6c4bb9af9bfce7786eac52d3a5d0065a27af
POST /fonts/Texta-Black.woff HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://b.54-234-97-169.cprapid.com
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:36 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "8174-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 33140
Access-Control-Allow-Origin: https://b.54-234-97-169.cprapid.com
Keep-Alive: timeout=278, max=82
Connection: Keep-Alive
Content-Type: application/font-woff
widget.poste.it/fonts/Texta-LightItalic.woff
62.241.5.94200 OK 32 kB URL HTTP/1.1 widget.poste.it/fonts/Texta-LightItalic.woff
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type Web Open Font Format, TrueType, length 32084, version 1.0\012- data
Hash 50ff911beaeaea06a186cbe72898ea42
610aa069b2987d6fbbf46c456f177ced1aa49a57
91509bd0e2ed20655b4cbbf585f5587a1a1cc282291dd56d7821881699757971
POST /fonts/Texta-LightItalic.woff HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://b.54-234-97-169.cprapid.com
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:36 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "7d54-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 32084
Access-Control-Allow-Origin: https://b.54-234-97-169.cprapid.com
Keep-Alive: timeout=278, max=92
Connection: Keep-Alive
Content-Type: application/font-woff
cdn.tynt.com/tc.js
172.64.151.83200 OK 6.7 kB IP 172.64.151.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (647)
Hash b9634caacb549d84184a80dc49789266
351eee6585f8f85eea954edfe6555973beb6b1fb
af7a6bf911a73bb07bc458e5a4cb7bb93799ee3910268459bfcb31bfa9fa6e0c
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 01:18:35 GMT
content-type: application/javascript
last-modified: Tue, 10 Jan 2023 20:39:00 GMT
vary: Accept-Encoding
etag: W/"63bdcce4-4571"
content-encoding: gzip
cf-cache-status: HIT
age: 159139
expires: Wed, 08 Feb 2023 01:18:35 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 7947d022dc0ab4fd-OSL
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!it51m5pael&lm=0&ts=1675559954019&dn=TC&iso=0&pu=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&t=Accedi%20o%20Registrati
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!it51m5pael&lm=0&ts=1675559954019&dn=TC&iso=0&pu=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&t=Accedi%20o%20Registrati
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!it51m5pael&lm=0&ts=1675559954019&dn=TC&iso=0&pu=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&t=Accedi%20o%20Registrati HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 05 Feb 2023 01:18:36 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
widget.poste.it/fonts/Texta-Regular.woff
62.241.5.94200 OK 32 kB URL HTTP/1.1 widget.poste.it/fonts/Texta-Regular.woff
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type Web Open Font Format, TrueType, length 32376, version 1.0\012- data
Hash 8d611853ca1853f21ea4d768306f965e
b189a033f6a69180f2f705557021861ee89af975
4563e60af72ef8d0cc8b7c64716d81610d2f6595c7f76c8069b2015a89d623e2
POST /fonts/Texta-Regular.woff HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://b.54-234-97-169.cprapid.com
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:36 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "7e78-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 32376
Access-Control-Allow-Origin: https://b.54-234-97-169.cprapid.com
Keep-Alive: timeout=278, max=20
Connection: Keep-Alive
Content-Type: application/font-woff
ic.tynt.com/b/p?id=w!it51m5pael&lm=0&ts=1675559954019&dn=TC&iso=0&pu=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!it51m5pael&lm=0&ts=1675559954019&dn=TC&iso=0&pu=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!it51m5pael&lm=0&ts=1675559954019&dn=TC&iso=0&pu=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 05 Feb 2023 01:18:36 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!it51m5pael&dn=TC&cc=1&r=&pu=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F
67.202.105.32200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!it51m5pael&dn=TC&cc=1&r=&pu=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F
IP 67.202.105.32:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!it51m5pael&dn=TC&cc=1&r=&pu=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Mon, 06 Feb 2023 01:18:36 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Sun, 05 Feb 2023 01:18:36 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
t.dtscout.com/i/?l=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&j=
141.101.120.11200 OK 13 kB URL HTTP/2 t.dtscout.com/i/?l=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&j=
IP 141.101.120.11:0
File type ASCII text, with very long lines (2077)
Hash 1657cf490069ee40e16c7d11fd888b0e
9bbcb18fbf4976ef17adf01927443a6e05f311a3
8e6ccd6ca72b241ea1e1fc0433376b191054baaa9282ee8fad37c3dcfb0f0348
GET /i/?l=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 01:18:35 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=1; Domain=dtscout.com; Expires=Sun, 05-Feb-2023 02:41:55 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Sun, 05-Feb-2023 05:18:35 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1675559915; Domain=dtscout.com; Expires=Tue, 16-May-2023 01:18:35 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.434
expires: Sun, 05 Feb 2023 01:18:34 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7%2BDnPYYh6oD%2BzKrw9g3T%2FTzCDZlX9YHHv2My50U2HJwl1YRd%2BvPHkVzBgYA3MTTw14QZNUq70Qm8lOXP3UcGHVoCYVDohfwaWMqBe2Q5W1QNNz3GAwcw6X%2Bemo8rnM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7947d01c0d2609a8-ARN
content-encoding: br
X-Firefox-Spdy: h2
widget.poste.it/css/chat_custom.css
62.241.5.94200 OK 1.8 kB URL HTTP/1.1 widget.poste.it/css/chat_custom.css
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type ASCII text, with CRLF line terminators
Hash b5630f2b6ef609755051582891d6f95f
ff9df70fc8ca0653c0fade1e7e062813785d5cec
0c4b8459c2b949886ae64971a9d3f2555b680dd1c1fa36a0b42dbca2a21bd053
GET /css/chat_custom.css HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:36 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:03 GMT
ETag: "715-5ee8af13170c0"
Accept-Ranges: bytes
Content-Length: 1813
Access-Control-Allow-Origin:
Keep-Alive: timeout=278, max=19
Connection: Keep-Alive
Content-Type: text/css
widget.poste.it/css/widgets.min.css
62.241.5.94200 OK 118 kB URL HTTP/1.1 widget.poste.it/css/widgets.min.css
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type ASCII text, with very long lines (64898), with CRLF line terminators
Size 118 kB (118490 bytes)
Hash 8a02a55585ef2630988a32645ce68be2
00d11de0e5150cf3d35629f2bc52af00bfce4ee0
f0cf34169482d5d1aa31c2910fea9ad33979b7bf52a1202ab83d3de29843d8a3
GET /css/widgets.min.css HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:36 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "1ceda-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 118490
Access-Control-Allow-Origin:
Keep-Alive: timeout=278, max=81
Connection: Keep-Alive
Content-Type: text/css
widget.poste.it/js/lib/widgets.min.js
62.241.5.94200 OK 839 kB URL HTTP/1.1 widget.poste.it/js/lib/widgets.min.js
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type ASCII text, with very long lines (64898), with CRLF line terminators
Size 839 kB (839332 bytes)
Hash 82374b6c20855319bda55472e83e82b4
9067439be48ff638c5ff5ef790ce12bc08b21414
18fc4c844d845b1c289d1d1d324ff6e7abf51785619c9a60d9e245b2100c256a
GET /js/lib/widgets.min.js HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:36 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "ccea4-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 839332
Access-Control-Allow-Origin:
Keep-Alive: timeout=278, max=81
Connection: Keep-Alive
Content-Type: application/javascript
ic.tynt.com/b/p?id=w!it51m5pael&lm=0&ts=1675559954019&dn=TC&iso=0&pu=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!it51m5pael&lm=0&ts=1675559954019&dn=TC&iso=0&pu=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!it51m5pael&lm=0&ts=1675559954019&dn=TC&iso=0&pu=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 05 Feb 2023 01:18:37 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!it51m5pael&lm=0&ts=1675559954019&dn=TC&iso=0&pu=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!it51m5pael&lm=0&ts=1675559954019&dn=TC&iso=0&pu=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!it51m5pael&lm=0&ts=1675559954019&dn=TC&iso=0&pu=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 05 Feb 2023 01:18:37 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
widget.poste.it/img/button_openChat.png
62.241.5.94200 OK 20 kB URL HTTP/1.1 widget.poste.it/img/button_openChat.png
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 7305cd2f12691ddda291fb1b21bd4347
5b3f944fc435c3ad74f138942aaf50ff159cbee0
25fbb9e5014408868cbd5d87ac48192ddddcb3b32ca3cdfb8e3efa0ebba2e251
GET /img/button_openChat.png HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.poste.it/css/chat_custom.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:37 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "4e8b-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 20107
Access-Control-Allow-Origin:
Keep-Alive: timeout=278, max=18
Connection: Keep-Alive
Content-Type: image/png
widget.poste.it/fonts/Texta-Regular.woff
62.241.5.94200 OK 32 kB URL HTTP/1.1 widget.poste.it/fonts/Texta-Regular.woff
IP 62.241.5.94:0
ASN #15720 Poste Italiane S.p.A.
File type Web Open Font Format, TrueType, length 32376, version 1.0\012- data
Hash 8d611853ca1853f21ea4d768306f965e
b189a033f6a69180f2f705557021861ee89af975
4563e60af72ef8d0cc8b7c64716d81610d2f6595c7f76c8069b2015a89d623e2
GET /fonts/Texta-Regular.woff HTTP/1.1
Host: widget.poste.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://b.54-234-97-169.cprapid.com
Connection: keep-alive
Referer: https://widget.poste.it/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:18:37 GMT
Server: Apache
Access-Control-Allow-Headers: Cache-Control,Pragma, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since, X-WRKEY, apikey
Last-Modified: Mon, 28 Nov 2022 17:10:02 GMT
ETag: "7e78-5ee8af1222e80"
Accept-Ranges: bytes
Content-Length: 32376
Access-Control-Allow-Origin: https://b.54-234-97-169.cprapid.com
Keep-Alive: timeout=278, max=79
Connection: Keep-Alive
Content-Type: application/font-woff
waust.at/d.js
172.67.71.57200 OK 0 B IP 172.67.71.57:0
GET /d.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 01:18:33 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 17:19:30 GMT
etag: W/"63c04122-3972"
expires: Mon, 06 Feb 2023 00:40:40 GMT
cache-control: max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 2273
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdTvor0QAoIKuy6eOVc7N5HY1Gid1KVHaXMMFxgG%2Bg3wRFvghr9eCrhHpYebKSU0k1RVq4Fgg4HiHA9SRLPftoETdzO71jBYhjvCe5nBK6a6hlkFPZ6wMpy%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7947d012fdbeb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
t.dtscout.com/pv/?_a=v&_h=b.54-234-97-169.cprapid.com&_ss=4hymz2qks2&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=63wr&_cb=_dtspv.c
141.101.120.11200 OK 0 B URL HTTP/2 t.dtscout.com/pv/?_a=v&_h=b.54-234-97-169.cprapid.com&_ss=4hymz2qks2&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=63wr&_cb=_dtspv.c
IP 141.101.120.11:0
GET /pv/?_a=v&_h=b.54-234-97-169.cprapid.com&_ss=4hymz2qks2&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=63wr&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Cookie: m=1; oa=1; df=1675559915
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 01:18:35 GMT
content-type: application/javascript
x-t: 0.132
x-c: 0
expires: Sun, 05 Feb 2023 01:18:34 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgnYNTtrFV42SmrYKpzlEamgO70hBUGq5i6d2GhuQFn1FdFgl%2BrR%2BOR%2BeAmUFgqrkJ%2BS7KGW4wY%2BRQ%2FHgu1oR3MWK6lCoW%2Fqzu2uuWglUojIg%2BvrFIXyTXYJaMyQHTI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7947d01d9e0f09a8-ARN
content-encoding: br
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=it51m5pael&t=Accedi%20o%20Registrati&c=d&x=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&y=&a=0&v=27&r=5161
172.67.8.141200 OK 0 B URL HTTP/2 whos.amung.us/pingjs/?k=it51m5pael&t=Accedi%20o%20Registrati&c=d&x=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&y=&a=0&v=27&r=5161
IP 172.67.8.141:0
GET /pingjs/?k=it51m5pael&t=Accedi%20o%20Registrati&c=d&x=https%3A%2F%2Fb.54-234-97-169.cprapid.com%2F&y=&a=0&v=27&r=5161 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.54-234-97-169.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 01:18:35 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7947d0202dd60b31-OSL
X-Firefox-Spdy: h2