Overview

URL gimistudios.com/unicredit/unicredit/carta
IP192.254.185.52
ASNUNIFIEDLAYER-AS-1
Location United States
Report completed2022-10-04 09:00:19 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-10-03 2 gimistudios.com/unicredit/unicredit/carta UniCredit Bank
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 gimistudios.com/unicredit/unicredit/carta Phishing
2022-10-04 2 gimistudios.com/unicredit/unicredit/carta/ Phishing
2022-10-04 2 gimistudios.com/unicredit/unicredit/carta/assets/fonts/UniCredit-Regular.otf Phishing
2022-10-04 2 gimistudios.com/unicredit/unicredit/carta/assets/fonts/roboto-regular.woff2 Phishing
2022-10-04 2 gimistudios.com/unicredit/unicredit/carta/assets/fonts/UniCredit-Bold.otf Phishing
2022-10-04 2 gimistudios.com/unicredit/unicredit/carta/assets/fonts/UniCredit-Medium.otf Phishing
2022-10-04 2 gimistudios.com/unicredit/unicredit/carta/assets/fonts/UniCredit-Light.otf Phishing
2022-10-04 2 gimistudios.com/unicredit/unicredit/carta/assets/fonts/roboto-regular.woff2 Phishing
2022-10-04 2 gimistudios.com/unicredit/unicredit/carta/assets/fonts/UniCredit-Bold.otf Phishing
2022-10-04 2 gimistudios.com/unicredit/unicredit/carta/assets/fonts/roboto-regular.woff Phishing
2022-10-04 2 gimistudios.com/unicredit/unicredit/carta/assets/fonts/roboto-regular.woff Phishing
2022-10-04 2 gimistudios.com/unicredit/unicredit/carta/assets/fonts/roboto-regular.ttf Phishing
2022-10-04 2 gimistudios.com/unicredit/unicredit/carta/assets/fonts/roboto-regular.ttf Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (9)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-04 02:06:24 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-03 09:28:24 UTC 35.161.231.36
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-04 04:18:32 UTC 34.120.237.76
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-10-03 07:33:36 UTC 23.36.76.226
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 00:45:50 UTC 143.204.55.35
mnemonic passive DNS gimistudios.com (22) 0 2019-06-18 16:57:36 UTC 2022-10-04 06:34:52 UTC 192.254.185.52 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-03 09:28:24 UTC 34.117.237.239
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-10-04 03:58:00 UTC 69.16.175.42
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-03 08:07:24 UTC 143.204.55.25


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 192.254.185.52

Date UQ / IDS / BL URL IP
2022-11-19 01:30:15 +0000
0 - 0 - 1 creativemuraldesigns.com/hqehsc/98099/KTEQ_98 (...) 192.254.185.52
2022-11-19 01:28:18 +0000
1 - 0 - 31 sparq.social/wp-content/.tmb/d656507f61d58078 (...) 192.254.185.52
2022-11-19 01:27:05 +0000
8 - 0 - 6 sparq.social/wp-content/.tmb/d656507f61d58078 (...) 192.254.185.52
2022-11-18 17:52:56 +0000
1 - 0 - 31 sparq.social/wp-content/.tmb/d656507f61d58078 (...) 192.254.185.52
2022-11-18 17:52:53 +0000
10 - 0 - 6 sparq.social/wp-content/.tmb/d656507f61d58078 (...) 192.254.185.52

Last 5 reports on ASN: UNIFIEDLAYER-AS-1

Date UQ / IDS / BL URL IP
2022-11-30 04:59:37 +0000
0 - 0 - 2 natanpires.com/koglud/uebumeru/mail/active?ui (...) 50.116.112.104
2022-11-30 04:53:30 +0000
0 - 0 - 2 kernalbio.comlegal.com.au/Yusuf/eXVzdWZAa2Vyb (...) 192.232.216.122
2022-11-30 04:53:28 +0000
0 - 0 - 2 betermix.comlegal.com.au/Sbowling/c2Jvd2xpbmd (...) 192.232.216.122
2022-11-30 04:52:23 +0000
0 - 0 - 1 brendanf.ga/Adresse.zip 162.240.217.49
2022-11-30 04:52:15 +0000
0 - 0 - 1 omrakox.gq/AJBox.zip 162.240.48.131

Last 1 reports on domain: gimistudios.com

Date UQ / IDS / BL URL IP
2022-10-04 09:00:19 +0000
0 - 0 - 14 gimistudios.com/unicredit/unicredit/carta 192.254.185.52

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-07 09:20:21 +0000
0 - 0 - 9 www.condordelcaribe.com/unicredit/ 192.185.3.32
2022-09-23 09:48:41 +0000
0 - 0 - 9 freeflywindstation.com/unicredit/carta/ 108.167.143.215
2022-09-14 10:10:38 +0000
0 - 0 - 10 sardarfeed.com/unicredit/carta 208.91.198.98
2022-09-03 22:31:37 +0000
0 - 0 - 10 freeflywindstation.com/unicredit/carta 108.167.143.215
2022-09-01 11:09:09 +0000
0 - 0 - 10 freeflywindstation.com/unicredit/carta 108.167.143.215


JavaScript

Executed Scripts (2)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (41)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10834
Expires: Tue, 04 Oct 2022 12:00:42 GMT
Date: Tue, 04 Oct 2022 09:00:08 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 08:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: m-s7-VoDqQFyR-sgicYXSZ4p0qqhcv4PoBAzNL6ibtVg5p2XuGvi9w==
Age: 785


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /unicredit/unicredit/carta HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         192.254.185.52
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 04 Oct 2022 09:00:08 GMT
Server: Apache
Location: http://gimistudios.com/unicredit/unicredit/carta/
Content-Length: 257
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   257
Md5:    53b434f983c97846ee1475b5a6f7f791
Sha1:   2603abd50d11602db8948da181e0c41214983c0b
Sha256: 4a0bab0f2dc9dac300db5682be13f099dd721666ad2c8b65c0db52da919c5184

Alerts:
  Blocklists:
    - openphish: UniCredit Bank
    - fortinet: Phishing
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SWxmHNumA_emqcxuPSMAz-iyH1srqQ4raQKNLkK4DrwjSNt1BkM2mg==
age: 12702
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 09:00:09 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /unicredit/unicredit/carta/ HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         192.254.185.52
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 04 Oct 2022 09:00:09 GMT
Server: Apache
Set-Cookie: COOKIE_KEY=166487400965; expires=Fri, 01-Oct-2032 09:00:09 GMT; Max-Age=315360000 COOKIE_KEY=166487400956; expires=Fri, 01-Oct-2032 09:00:09 GMT; Max-Age=315360000
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4041
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1058), with CRLF line terminators
Size:   4041
Md5:    1a373b7629cf6d7ca938c9cb111b5c26
Sha1:   e7368d95eb55f1eb22488ef816deb4deb674d421
Sha256: 56819e64d070b10368d3af9906f14d438ec767e4a008489703e50e4f23f7dde1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /jquery-2.2.4.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimistudios.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 09:00:09 GMT
content-encoding: gzip
content-length: 29811
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-14e4a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664874009.dop013.sk1.t,1664874009.cds212.sk1.hn,1664874009.cds214.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   29811
Md5:    82885772205f23cd59e25a221521b059
Sha1:   96ed36f45544295f28df1ab251e7e38faceeff0e
Sha256: 8e85465daae15b31a1837a4112cf920c1eeec7a5c189595651b3a53cb9b97215
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 08:29:33 GMT
Expires: Tue, 04 Oct 2022 09:26:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lLXqItjttuDsA359ZGgIEO94dZNSwDGwkrzeev1R6h6zBKUJXcM-Fw==
Age: 1836


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4245
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:00:09 GMT
Last-Modified: Tue, 04 Oct 2022 07:49:24 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JQ4aA/Us83J2f4kmmQD7dw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.161.231.36
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PvOEagWwc+p64Wgr4JtoFf0uo6A=

                                        
                                            GET /unicredit/unicredit/carta/assets/main.4c1b8b4624.css HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimistudios.com/unicredit/unicredit/carta/
Cookie: COOKIE_KEY=166487400956

                                         
                                         192.254.185.52
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 09:00:09 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 09 Nov 2020 15:05:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   466866
Md5:    6a0f1ebcc7ae8d0d9ecb635fbbe68d65
Sha1:   74b6a40134f1cd63607dcfb090675c6a9481bf1e
Sha256: 98802cfc3623796dcb74be0f1aab505e95aefbd5bdcc471d084da36de80dd219
                                        
                                            GET /unicredit/unicredit/carta/assets/imgs/logo-splash-msite.png HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimistudios.com/unicredit/unicredit/carta/
Cookie: COOKIE_KEY=166487400956

                                         
                                         192.254.185.52
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 09:00:10 GMT
Server: Apache
Last-Modified: Mon, 09 Nov 2020 15:05:38 GMT
Accept-Ranges: bytes
Content-Length: 7123
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 1174 x 285, 8-bit colormap, non-interlaced\012- data
Size:   7123
Md5:    65294bbb5427d8dd82b6001edec003f1
Sha1:   9a389c60ae57ff80fe2542d355709ea5f51d70fc
Sha256: e62e38d3cda262687803f85dcfeb47f8a8960e01a4f493475b95bf0be235481f
                                        
                                            GET /unicredit/unicredit/carta/assets/icon/login/msite/home.png HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimistudios.com/unicredit/unicredit/carta/
Cookie: COOKIE_KEY=166487400956

                                         
                                         192.254.185.52
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 09:00:10 GMT
Server: Apache
Last-Modified: Mon, 09 Nov 2020 15:05:38 GMT
Accept-Ranges: bytes
Content-Length: 2738
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size:   2738
Md5:    093ff98de56ace3c0c9c497446759840
Sha1:   9c5307f15c91ad9fead6234a7105fc55b08397b3
Sha256: 825ff7e698273277b498ff7a2ccdfd6c2db7712e0f6904a30e4d944e5adbb611
                                        
                                            GET /unicredit/unicredit/carta/assets/icon/orientation.png HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimistudios.com/unicredit/unicredit/carta/
Cookie: COOKIE_KEY=166487400956

                                         
                                         192.254.185.52
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 09:00:10 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 09 Nov 2020 15:05:38 GMT
Accept-Ranges: bytes
Content-Length: 8882
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  PNG image data, 302 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size:   8882
Md5:    2073cded710eb1ff89baf36eac4cbc59
Sha1:   9a4a5185ae47a7630f3dfccdb234e924f044fc19
Sha256: 034e29c302d5a67bb29f401a4b26ece4d920b0891e88337a37919dbd74abbf84
                                        
                                            GET /unicredit/unicredit/carta/assets/imgs/Logo-UniCredit.png HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimistudios.com/unicredit/unicredit/carta/
Cookie: COOKIE_KEY=166487400956

                                         
                                         192.254.185.52
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 09:00:10 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 09 Nov 2020 15:05:38 GMT
Accept-Ranges: bytes
Content-Length: 2879
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  PNG image data, 240 x 47, 8-bit colormap, non-interlaced\012- data
Size:   2879
Md5:    6da3b1dadbf4752b21c9976b5b5a0e59
Sha1:   d6222a646ba72ad6a6784ed8e9d26fb93f8f6c86
Sha256: ce2a90b7453d592f36994cf622a4c7a016e6050c5dc115c97127e15f9adb2bab
                                        
                                            GET /unicredit/unicredit/carta/assets/icon/login/msite/locator.png HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimistudios.com/unicredit/unicredit/carta/
Cookie: COOKIE_KEY=166487400956

                                         
                                         192.254.185.52
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 09:00:10 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 09 Nov 2020 15:05:38 GMT
Accept-Ranges: bytes
Content-Length: 2325
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size:   2325
Md5:    50c7809e2e4c323f6a92f5522f9f3348
Sha1:   5b0160b5f22afc8b9d82122793e880f70becd59e
Sha256: 6953f2685dc754d4e2489826d52fbf36a5c8d0aa18fb8c23be70dc2ba5e71402
                                        
                                            GET /unicredit/unicredit/carta/assets/fonts/UniCredit-Regular.otf HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimistudios.com/unicredit/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=166487400956

                                         
                                         192.254.185.52
HTTP/1.1 200 OK
Content-Type: font/otf
                                        
Date: Tue, 04 Oct 2022 09:00:10 GMT
Server: Apache
Last-Modified: Mon, 09 Nov 2020 15:13:14 GMT
Accept-Ranges: bytes
Content-Length: 63864
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive


--- Additional Info ---
Magic:  OpenType font data\012- data
Size:   63864
Md5:    ead58f7ad732335b3efcfcb49baa3982
Sha1:   7d98101c525a65129b0ef6d44913071d35721c18
Sha256: 9cfe221c6d9b096b2b7db501ec58d6ce58b03cd87a8cdda037cd5eb69d634bee

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /unicredit/unicredit/carta/assets/msite/footer/info-trasparenza.jpg HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimistudios.com/unicredit/unicredit/carta/
Cookie: COOKIE_KEY=166487400956

                                         
                                         192.254.185.52
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 04 Oct 2022 09:00:10 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 09 Nov 2020 15:13:40 GMT
Accept-Ranges: bytes
Content-Length: 17060
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  PNG image data, 295 x 84, 8-bit/color RGBA, non-interlaced\012- data
Size:   17060
Md5:    56b5bb79ce602307ebea7cef2eca03ec
Sha1:   61eb31d995e3508006c0c47366fdfd92d6ced384
Sha256: ee937dcede34527a7158666d9ddcd10ea8f23558b285a6b8ca1b0ff6e01c1473
                                        
                                            GET /unicredit/unicredit/carta/assets/fonts/roboto-regular.woff2 HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gimistudios.com/unicredit/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=166487400956

                                         
                                         192.254.185.52
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 04 Oct 2022 09:00:10 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://gimistudios.com/unicredit/unicredit/carta/assets/fonts/roboto-regular.woff2
Content-Length: 0
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /unicredit/unicredit/carta/assets/fonts/UniCredit-Bold.otf HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimistudios.com/unicredit/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=166487400956

                                         
                                         192.254.185.52
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 04 Oct 2022 09:00:10 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://gimistudios.com/unicredit/unicredit/carta/assets/fonts/UniCredit-Bold.otf
Content-Length: 0
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /unicredit/unicredit/carta/assets/fonts/UniCredit-Medium.otf HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimistudios.com/unicredit/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=166487400956

                                         
                                         192.254.185.52
HTTP/1.1 200 OK
Content-Type: font/otf
                                        
Date: Tue, 04 Oct 2022 09:00:10 GMT
Server: Apache
Last-Modified: Mon, 09 Nov 2020 15:13:00 GMT
Accept-Ranges: bytes
Content-Length: 69416
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  OpenType font data\012- data
Size:   69416
Md5:    e06c0fb36f7080e2014d33df87f8f5d3
Sha1:   61cd7b696e9cdf680a8509cde6d66dd6a819ff8a
Sha256: b3d6fea3cf3db29242671ea9d4f5498b05f82b938ff7e2bc94b2c399c06bdec6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /unicredit/unicredit/carta/assets/fonts/UniCredit-Light.otf HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimistudios.com/unicredit/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=166487400956

                                         
                                         192.254.185.52
HTTP/1.1 200 OK
Content-Type: font/otf
                                        
Date: Tue, 04 Oct 2022 09:00:10 GMT
Server: Apache
Last-Modified: Mon, 09 Nov 2020 15:12:54 GMT
Accept-Ranges: bytes
Content-Length: 64444
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  OpenType font data\012- data
Size:   64444
Md5:    2f70f3a7da1eee3afb7f600fc0894f0f
Sha1:   d31c2d6465d4759f6521acfd0d8a0d03e413f350
Sha256: d51aa085e49a4211758b17675299bdf1c65da3a2c7fdd1e4bd9ed1ce78e19a7b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17907
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 09:00:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17907
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 09:00:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17907
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 09:00:11 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8287b853-235b-49f5-9b5c-780827ac695b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9855
x-amzn-requestid: 15f15a2e-0028-40ac-be8f-8e20c37fd27e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuGX7oAMFgDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-5fe693f30c91e4c82c8accb1;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ngoNHOX6fFTGa1Y_-yFOFUYYYqiLJCQOq3NISbmc3gX21YO0TLxx0w==
via: 1.1 b637bd7696854d7acbf96132dcf53200.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 23:32:19 GMT
etag: "a36475a0ec7d7b92593cadd4aa99ca38550f1cd1"
age: 34072
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9855
Md5:    7b7345414898d451d930431b46d4bd00
Sha1:   a36475a0ec7d7b92593cadd4aa99ca38550f1cd1
Sha256: 79b541c69c78df0e4a4c26438431fd6b52754b589d80e929a4203063712a540c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:51 GMT
age: 15440
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 40538
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5504
Md5:    6c6882c60d7ca6f918c77104e3ad1d52
Sha1:   20ef861be49c652a938e0145e4ca3a60159367e2
Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 40551
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5083
x-amzn-requestid: ed99df03-5d15-4e09-9aea-bbf77a705323
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpI0HT0IAMFxvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556b-422197147d76caac6e910664;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:35 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZFVTt0eV3kpIaS4KAIZlgaTJxHb2hPxyP4BBRAZCE-cCAWJM44fZxw==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:38:28 GMT
age: 37303
etag: "f5ce815082043a4efce28fc790ae7d8b3a8531f8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5083
Md5:    34f2dfb2faff276db1d4a57739db2450
Sha1:   f5ce815082043a4efce28fc790ae7d8b3a8531f8
Sha256: e02ea92f0be524ccfe26eee61a77e39a13d852d1ba3696f729e0f61812028667
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 40551
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4858
Md5:    6779181f9c06975f2a662da743893939
Sha1:   585e7146fd24cdc2496b05baafea04091dc541e2
Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "844B2DFEA88C5BF82335876E3C2DF785DF9E33BE85115A19F58169CC4C8A5A6A"
Last-Modified: Sun, 02 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 04 Oct 2022 15:00:11 GMT
Date: Tue, 04 Oct 2022 09:00:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "844B2DFEA88C5BF82335876E3C2DF785DF9E33BE85115A19F58169CC4C8A5A6A"
Last-Modified: Sun, 02 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17667
Expires: Tue, 04 Oct 2022 13:54:38 GMT
Date: Tue, 04 Oct 2022 09:00:11 GMT
Connection: keep-alive

                                        
                                            GET /unicredit/unicredit/carta/assets/imgs/logo-msite.png HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimistudios.com/unicredit/unicredit/carta/
Cookie: COOKIE_KEY=166487400956

                                         
                                         192.254.185.52
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 04 Oct 2022 09:00:11 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://gimistudios.com/unicredit/unicredit/carta/assets/imgs/logo-msite.png
Content-Length: 0
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive

                                        
                                            GET /unicredit/unicredit/carta/assets/fonts/roboto-regular.woff2 HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gimistudios.com
Referer: http://gimistudios.com/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.254.185.52
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://gimistudios.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-length: 7590
date: Tue, 04 Oct 2022 09:00:11 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13769), with CRLF, LF line terminators
Size:   7590
Md5:    82472683d4a696589f503c1c7bc40184
Sha1:   fe680761b50c12f2933398ed7c0f4245f423acb9
Sha256: d8f572a0c8e2b7e6c5e659360bff572513e9a64d67840c880bd9abdc11587cd3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /unicredit/unicredit/carta/assets/imgs/logo-msite.png HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gimistudios.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.254.185.52
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://gimistudios.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-length: 7590
date: Tue, 04 Oct 2022 09:00:11 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13769), with CRLF, LF line terminators
Size:   7590
Md5:    82472683d4a696589f503c1c7bc40184
Sha1:   fe680761b50c12f2933398ed7c0f4245f423acb9
Sha256: d8f572a0c8e2b7e6c5e659360bff572513e9a64d67840c880bd9abdc11587cd3
                                        
                                            GET /unicredit/unicredit/carta/assets/fonts/UniCredit-Bold.otf HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gimistudios.com
Referer: http://gimistudios.com/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.254.185.52
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://gimistudios.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-length: 7590
date: Tue, 04 Oct 2022 09:00:11 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13769), with CRLF, LF line terminators
Size:   7590
Md5:    82472683d4a696589f503c1c7bc40184
Sha1:   fe680761b50c12f2933398ed7c0f4245f423acb9
Sha256: d8f572a0c8e2b7e6c5e659360bff572513e9a64d67840c880bd9abdc11587cd3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /unicredit/unicredit/carta/assets/fonts/roboto-regular.woff HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gimistudios.com/unicredit/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=166487400956

                                         
                                         192.254.185.52
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 04 Oct 2022 09:00:12 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://gimistudios.com/unicredit/unicredit/carta/assets/fonts/roboto-regular.woff
Content-Length: 0
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /unicredit/unicredit/carta/assets/fonts/roboto-regular.woff HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gimistudios.com
Referer: http://gimistudios.com/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.254.185.52
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://gimistudios.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-length: 7590
date: Tue, 04 Oct 2022 09:00:12 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13769), with CRLF, LF line terminators
Size:   7590
Md5:    82472683d4a696589f503c1c7bc40184
Sha1:   fe680761b50c12f2933398ed7c0f4245f423acb9
Sha256: d8f572a0c8e2b7e6c5e659360bff572513e9a64d67840c880bd9abdc11587cd3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /unicredit/unicredit/carta/assets/fonts/roboto-regular.ttf HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimistudios.com/unicredit/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=166487400956

                                         
                                         192.254.185.52
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 04 Oct 2022 09:00:12 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://gimistudios.com/unicredit/unicredit/carta/assets/fonts/roboto-regular.ttf
Content-Length: 0
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /unicredit/unicredit/carta/assets/fonts/roboto-regular.ttf HTTP/1.1 
Host: gimistudios.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gimistudios.com
Referer: http://gimistudios.com/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.254.185.52
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://gimistudios.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-length: 7590
date: Tue, 04 Oct 2022 09:00:13 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13769), with CRLF, LF line terminators
Size:   7590
Md5:    82472683d4a696589f503c1c7bc40184
Sha1:   fe680761b50c12f2933398ed7c0f4245f423acb9
Sha256: d8f572a0c8e2b7e6c5e659360bff572513e9a64d67840c880bd9abdc11587cd3

Alerts:
  Blocklists:
    - fortinet: Phishing