Report - b2bmarelaspezia.it/er/index.php?qbot.zip

Report Overview

Submitted URL
b2bmarelaspezia.it/er/index.php?qbot.zip
IP
80.88.87.206
ASN
#31034 Aruba S.p.A.
Submitted
2022-11-18 23:48:21
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.0 kB	5.3 kB	23.36.77.32
ocsp.comodoca.com	1696	2012-05-21T09:01:17Z	2023-03-10T14:02:39Z	682 B	2.0 kB	104.18.32.68
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	2.7 kB	43 kB	34.120.237.76
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-10T05:15:22Z	376 B	29 kB	31.13.72.12
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.4 kB	3.2 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.7 kB	5.6 kB	142.250.74.35
www.google.com	7	2015-05-10T13:11:19Z	2023-03-10T12:19:40Z	406 B	1.2 kB	142.250.74.164
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	974 B	18 kB	216.58.207.195
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	849 B	1.5 kB	142.250.74.10
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
b2bmarelaspezia.it	unknown	2022-11-16T19:57:12Z	2023-03-01T00:25:36Z	943 B	912 B	80.88.87.206
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	34.215.56.181
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-10T12:47:01Z	447 B	164 kB	142.250.74.163
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	607 B	86 kB	31.13.72.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-18	medium	b2bmarelaspezia.it/er/index.php?qbot.zip	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-18	medium	b2bmarelaspezia.it	Sinkholed
2022-11-18	medium	b2bmarelaspezia.it	Sinkholed

JavaScript (43)

	URL	Size	First Seen	Last Seen
	b2bmarelaspezia.it/er/?qbot.zip	444 B	2023-03-11	2023-03-13
Pretty URL b2bmarelaspezia.it/er/?qbot.zip IP 80.88.87.206 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:15:44 Last Seen2023-03-13 19:06:50 Times Seen1 Hash 56ecc6860cecb31be7b10fc7d357df6e 5bb5d240ba3433a4d023cf80d8db25ade82fd813 297794e10e67b6955a37e77d306b5cd85e10440955701c9668c417a85f5376dc Loading...

	b2bmarelaspezia.it/wp-content/themes/exertio/js/toastr.min.js?ver=81582bdb254a94e4464424087c6479a8	3.7 kB	2023-03-09	2024-01-19
Pretty URL b2bmarelaspezia.it/wp-content/themes/exertio/js/toastr.min.js?ver=81582bdb254a94e4464424087c6479a8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:09:30 Last Seen2024-01-19 03:11:34 Times Seen26 Hash d96f460350fd7beb5e2ecf934897a695 92e9a9619795218f99ed233e5228641d12dff2f0 79658778157c03a8e7a481ae4a1e6ef6c649ec6a14ebd0a446c2e235726936ef Loading...

	b2bmarelaspezia.it/wp-content/themes/exertio/js/counter.js?ver=81582bdb254a94e4464424087c6479a8	3.1 kB	2023-03-08	2024-01-27
Pretty URL b2bmarelaspezia.it/wp-content/themes/exertio/js/counter.js?ver=81582bdb254a94e4464424087c6479a8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:25 Last Seen2024-01-27 07:42:14 Times Seen44 Hash 556d5225c369519acb1443b477b9cc1d 9276c1047b537222fbb909b3268d89e36a84c0be 5174d3ca5c19ea76ad812399db86f0c92e7c9aec04e65c69aa8dd60bf4338c4c Loading...

	b2bmarelaspezia.it/er/?qbot.zip	2.2 kB	2023-03-11	2023-03-11
Pretty URL b2bmarelaspezia.it/er/?qbot.zip IP 80.88.87.206 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:15:44 Last Seen2023-03-11 14:15:44 Times Seen1 Hash 9db38f0f7d907ff367d1b547c7177831 cad731ded95043a04b29e334dfb22e325b01109a e7f1880b9c0c1f55d57a1f376eddcf15f5c2321e36eb005de62236d1f98c95db Loading...

	b2bmarelaspezia.it/wp-content/themes/exertio/js/isotope.js?ver=81582bdb254a94e4464424087c6479a8	36 kB	2023-03-07	2024-04-19
Pretty URL b2bmarelaspezia.it/wp-content/themes/exertio/js/isotope.js?ver=81582bdb254a94e4464424087c6479a8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:38 Last Seen2024-04-19 17:27:26 Times Seen1659 Hash 5fb7c19c9c51cfb99f5ff942629f0f21 14c7f59e73d2a99aa688c2443a9a9b24acbff43c a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc Loading...

	b2bmarelaspezia.it/wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=2.2.9	140 kB	2023-03-07	2024-04-04
Pretty URL b2bmarelaspezia.it/wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=2.2.9 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:29:50 Last Seen2024-04-04 18:20:10 Times Seen346 Hash c6f53af9fcf3eec125d61c2211b2e49c 6adbac2da222bfa043117bc43ba61965632b9056 7c77990bc88d4b4834ee62a3ceb8da90c2e24be3d1b44209b6404d1865b99217 Loading...

	b2bmarelaspezia.it/wp-content/themes/exertio/js/youtube-popup-jquery.js?ver=81582bdb254a94e4464424087c6479a8	1.8 kB	2023-03-09	2023-05-22
Pretty URL b2bmarelaspezia.it/wp-content/themes/exertio/js/youtube-popup-jquery.js?ver=81582bdb254a94e4464424087c6479a8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:09:30 Last Seen2023-05-22 17:54:49 Times Seen2 Hash 3536b4d877a180805328aa054aa3ed58 56c4482a189702180f41871efc3bce7fd40b3cc6 3c63b96257a41d6d00236142f825f1b0498bf1b76a2ebe65835c4ed242eba4aa Loading...

	b2bmarelaspezia.it/er/?qbot.zip	1.7 kB	2023-03-11	2023-03-11
Pretty URL b2bmarelaspezia.it/er/?qbot.zip IP 80.88.87.206 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:15:44 Last Seen2023-03-11 14:15:44 Times Seen1 Hash 3b69adf1141b7e49355d0e141a9edf9e 2d32bdedb2cfc09f0abf28263fcd799c1fc4d7f2 2a25cba502750e880a20e16a58c952ceaae9e810d6715de1ac697e8ae78d800f Loading...

	b2bmarelaspezia.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-19
Pretty URL b2bmarelaspezia.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 22:30:21 Times Seen68500 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	b2bmarelaspezia.it/wp-content/themes/exertio/js/owl.carousel.min.js?ver=81582bdb254a94e4464424087c6479a8	44 kB	2023-03-07	2024-04-19
Pretty URL b2bmarelaspezia.it/wp-content/themes/exertio/js/owl.carousel.min.js?ver=81582bdb254a94e4464424087c6479a8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:30 Last Seen2024-04-19 12:02:34 Times Seen3835 Hash 47c357c05cb99cedbac2874840319818 d8b05365de4b760618328fdeef7672e8374978e4 4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029 Loading...

	b2bmarelaspezia.it/wp-content/plugins/cf7-multi-step/assets/frontend/js/cf7mls.js?ver=2.7.3	19 kB	2023-03-10	2023-10-20
Pretty URL b2bmarelaspezia.it/wp-content/plugins/cf7-multi-step/assets/frontend/js/cf7mls.js?ver=2.7.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:16:37 Last Seen2023-10-20 01:39:09 Times Seen28 Hash 0ab6b2afe14fe5ef8ae5f1f870eb0ae7 ff522f2984b90df841e45b7b044ed1168496761c 28e73684dc8c5d8d3691372a44b2fb5f6027bdc6cff5f4ac9aca48dc63956cfb Loading...

	b2bmarelaspezia.it/wp-content/themes/exertio/js/jquery.richtext.min.js?ver=81582bdb254a94e4464424087c6479a8	36 kB	2023-03-09	2023-11-21
Pretty URL b2bmarelaspezia.it/wp-content/themes/exertio/js/jquery.richtext.min.js?ver=81582bdb254a94e4464424087c6479a8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:09:30 Last Seen2023-11-21 05:40:38 Times Seen9 Hash e03f1a08818d7632597211f6d676b4dd 17da8f6e2eb5c806c2144bbe1d609bca0f6cbc31 27fa590547947ca73f573c0cf27d8f1020b98f34239f1dedb3a4c196e7464ad2 Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	b2bmarelaspezia.it/wp-content/themes/exertio/js/sbmenu.js?ver=81582bdb254a94e4464424087c6479a8	6.7 kB	2023-03-09	2023-09-07
Pretty URL b2bmarelaspezia.it/wp-content/themes/exertio/js/sbmenu.js?ver=81582bdb254a94e4464424087c6479a8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:09:30 Last Seen2023-09-07 08:32:48 Times Seen4 Hash e114dd70542012a93817be965229d4b9 ead45294bdcadee790cf6bb8cb017943830a350d d69dc55e21fdd5e0d2ebed8f42f68cb25e0b972e6b8cda18c6a5e873248ac584 Loading...

	b2bmarelaspezia.it/wp-includes/js/imagesloaded.min.js?ver=4.1.4	5.6 kB	2023-03-07	2024-04-18
Pretty URL b2bmarelaspezia.it/wp-includes/js/imagesloaded.min.js?ver=4.1.4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:40 Last Seen2024-04-18 13:42:00 Times Seen30936 Hash 3a56752b736635bf69cb069b8818cbfd 42e0951fe74bb3f56a30f51291823bcd4a84d76e ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869 Loading...

	b2bmarelaspezia.it/wp-content/themes/exertio/js/smoke.min.js?ver=81582bdb254a94e4464424087c6479a8	18 kB	2023-03-09	2023-05-22
Pretty URL b2bmarelaspezia.it/wp-content/themes/exertio/js/smoke.min.js?ver=81582bdb254a94e4464424087c6479a8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:09:30 Last Seen2023-05-22 17:54:49 Times Seen3 Hash def7cb6531c234f43cc7962c6e67dfc2 5c152b1c97c15bad621fc64e994e46e759e13f70 dcd3a985d655a24cae796962c48295dd5b5fdf1c74ed82c248e63145cd6d3c20 Loading...

	b2bmarelaspezia.it/wp-content/themes/exertio/js/jquery.flexslider.js?ver=81582bdb254a94e4464424087c6479a8	23 kB	2023-03-09	2023-05-22
Pretty URL b2bmarelaspezia.it/wp-content/themes/exertio/js/jquery.flexslider.js?ver=81582bdb254a94e4464424087c6479a8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:09:30 Last Seen2023-05-22 17:54:50 Times Seen3 Hash 3e06f40ef23d92c9ae9f91aeb68f2687 6971d9eb51386301c7b5ba1fe19aa25959bdace1 ad30f14b16d839aa85169f395a05a091cd1f20dca154f40cc4d27fdda4f5c6f2 Loading...

	b2bmarelaspezia.it/wp-content/themes/exertio/js/chart.min.js?ver=81582bdb254a94e4464424087c6479a8	173 kB	2023-03-07	2024-03-27
Pretty URL b2bmarelaspezia.it/wp-content/themes/exertio/js/chart.min.js?ver=81582bdb254a94e4464424087c6479a8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:26 Last Seen2024-03-27 09:48:49 Times Seen327 Hash b5c2301eb15826bf38c9bdcaa3bbe786 2a9dbc047084b139fd7bee26c1c14b8d1abc8952 478a6a70e615f25b7bb27c4c40efc749b5421513cc76b84014c1febebf608982 Loading...

	b2bmarelaspezia.it/er/?qbot.zip	111 B	2023-03-11	2023-03-13
Pretty URL b2bmarelaspezia.it/er/?qbot.zip IP 80.88.87.206 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:15:44 Last Seen2023-03-13 19:06:50 Times Seen1 Hash 16fc8e3a4f8341982a6226abdddd7d6d 97ef6568a12100da059d6640b8e4371d5aa87fd4 d7bac9d6ab7b050251bb8c8396b1f73e0736e8676e9f1eabf384dc1d3fc5c4e4 Loading...

	b2bmarelaspezia.it/wp-content/themes/exertio/js/custom-script.js?ver=81582bdb254a94e4464424087c6479a8	58 kB	2023-03-09	2023-03-13
Pretty URL b2bmarelaspezia.it/wp-content/themes/exertio/js/custom-script.js?ver=81582bdb254a94e4464424087c6479a8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:09:30 Last Seen2023-03-13 19:06:50 Times Seen1 Hash de0c1956fd317bfe51d1c86cf87fa95f 733cd21dd357d29be0fa73158696e91f9dfff88a 3c5580be48b841a0384a61f1580109b62013c80291e6b3ee9ca617cd019f8d82 Loading...

	b2bmarelaspezia.it/wp-content/themes/exertio/js/stats.js?ver=81582bdb254a94e4464424087c6479a8	711 B	2023-03-09	2023-05-22
Pretty URL b2bmarelaspezia.it/wp-content/themes/exertio/js/stats.js?ver=81582bdb254a94e4464424087c6479a8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:09:30 Last Seen2023-05-22 17:54:49 Times Seen2 Hash 57762f53a7b83896baa158c0d189d469 59fece2325844fe03274f9f70ce85650bddf7888 6ffa0d8ba8b11f127e7480e97e1412e5aab2e58ab871e9cc75a6a4f4e4730377 Loading...

	b2bmarelaspezia.it/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-19
Pretty URL b2bmarelaspezia.it/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-19 20:39:51 Times Seen31782 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	b2bmarelaspezia.it/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	21 kB	2023-03-08	2024-04-19
Pretty URL b2bmarelaspezia.it/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-19 20:39:51 Times Seen9798 Hash 034bd11ecaf6fb9240d905245e42e202 ff136c394ed95badfc0107fb98a890dcff642828 ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651 Loading...

	b2bmarelaspezia.it/wp-content/themes/exertio/js/protip.min.js?ver=81582bdb254a94e4464424087c6479a8	34 kB	2023-03-09	2023-10-14
Pretty URL b2bmarelaspezia.it/wp-content/themes/exertio/js/protip.min.js?ver=81582bdb254a94e4464424087c6479a8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:09:30 Last Seen2023-10-14 13:12:45 Times Seen7 Hash f1cf1ea3c92fe6c30674bb58ec5669e5 a6a4ef8ede749898280b7748fa6dfeab713f4d25 6d901b61ab353523b5af79d9f105647e0cd66622008f294192d63a7cb4f4b02f Loading...

	b2bmarelaspezia.it/wp-content/themes/exertio/js/jquery.waypoints.min.js?ver=81582bdb254a94e4464424087c6479a8	9.0 kB	2023-03-07	2024-04-19
Pretty URL b2bmarelaspezia.it/wp-content/themes/exertio/js/jquery.waypoints.min.js?ver=81582bdb254a94e4464424087c6479a8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-19 22:53:37 Times Seen4745 Hash 7d05f92297dede9ecfe3706efb95677a 56bdb149d9baf64474a4c24ae66445769a28254e 368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c Loading...

	b2bmarelaspezia.it/er/?qbot.zip	263 B	2023-03-11	2023-03-13
Pretty URL b2bmarelaspezia.it/er/?qbot.zip IP 80.88.87.206 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:15:44 Last Seen2023-03-13 19:06:50 Times Seen1 Hash f9a19ac235610c06ef821ceed73cfdfb 79eecdb65ee33d074c308100d2b526364f6b84b1 850fab9fa27113a0e956ac557f7656c53e20b0f53eb1d5ede8bbd8ddaa190e67 Loading...

	b2bmarelaspezia.it/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.2	3.4 kB	2023-03-08	2024-04-19
Pretty URL b2bmarelaspezia.it/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:31 Last Seen2024-04-19 22:53:16 Times Seen10108 Hash c4a1336d5abc0f160d866481f99b1717 4498359374276a34a59ab798d667da38fd17a439 809ec973a018b6bf8ac18e74bfffc3d25182e6f44df00128d531cf3e07570ee6 Loading...

	b2bmarelaspezia.it/wp-content/themes/exertio/js/rating.js?ver=81582bdb254a94e4464424087c6479a8	2.7 kB	2023-03-09	2023-05-22
Pretty URL b2bmarelaspezia.it/wp-content/themes/exertio/js/rating.js?ver=81582bdb254a94e4464424087c6479a8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:09:30 Last Seen2023-05-22 17:54:49 Times Seen2 Hash d92e51a2fcea9b1a09c010e4708cfd25 6037cdbe328b0f52319f8ad459a113c573cc874b a2a98eb4b12a1cbf42d9033b54f4d4037c5fbc6960cdaf3735f5093f917a4ac5 Loading...

	b2bmarelaspezia.it/er/?qbot.zip	127 B	2023-03-11	2023-03-13
Pretty URL b2bmarelaspezia.it/er/?qbot.zip IP 80.88.87.206 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:15:44 Last Seen2023-03-13 19:06:50 Times Seen1 Hash 7106880f3daf262f008f3778e77cdc6b 3f9156521a7f7a4f0b47ade35dfe1daa0abddcc5 fd147500cd11c57ef937777a7444950ccdb71a698283d3324dfaaf9b314b77e0 Loading...

	b2bmarelaspezia.it/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4	12 kB	2023-03-08	2024-04-18
Pretty URL b2bmarelaspezia.it/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:19 Last Seen2024-04-18 12:23:25 Times Seen3477 Hash 1f9968a7c7a2a02491393fb9d4103dae 0032c8a6a692e6f072b2cef20828449402fdd57d f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49 Loading...

	b2bmarelaspezia.it/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1	8.1 kB	2023-03-07	2024-04-18
Pretty URL b2bmarelaspezia.it/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:30:33 Last Seen2024-04-18 16:41:58 Times Seen2788 Hash e3317d55ad904d30ea400a2da2a56686 b998595f2c96f76ba65a808ac4029d66021195b4 ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1 Loading...

	b2bmarelaspezia.it/wp-content/themes/exertio/js/select2.full.min.js?ver=81582bdb254a94e4464424087c6479a8	71 kB	2023-03-09	2023-05-22
Pretty URL b2bmarelaspezia.it/wp-content/themes/exertio/js/select2.full.min.js?ver=81582bdb254a94e4464424087c6479a8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:09:30 Last Seen2023-05-22 17:54:49 Times Seen3 Hash 6fffa03ad7863d3aae02885a841f33f7 d6d871ec21bd9a60c7e86330d538e7e3d9d41993 39e3e3a61dcb73bee35dc7c4eb7b804612524f4b83083d59450cc30a82a52a49 Loading...

	b2bmarelaspezia.it/wp-content/themes/exertio/js/bootstrap.bundle.min.js?ver=81582bdb254a94e4464424087c6479a8	81 kB	2023-03-07	2024-04-17
Pretty URL b2bmarelaspezia.it/wp-content/themes/exertio/js/bootstrap.bundle.min.js?ver=81582bdb254a94e4464424087c6479a8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2024-04-17 19:57:08 Times Seen474 Hash a3b0a9f767ac0014b919593207a08b27 cd42a3722f0d90bfed00cb2e9be372b07aa8562f 886a0d1005f4d663e11473c81ea20b2b9d618372313df55223d2c571dffc5698 Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 02:57:11 Times Seen36969314 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	connect.facebook.net/signals/config/592251841372035?v=2.9.89&r=stable	300 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/signals/config/592251841372035?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:15:44 Last Seen2023-03-11 14:15:44 Times Seen1 Hash 1d8073b969d0d5f5ba4b9ca2b6644a9f 07864950e19d9915e5faa3213c91226d91eb2df3 2ca145d7560825d67041680ee91a69abcca5d02c118669b2bcef0fcd8dc6cfbb Loading...

	b2bmarelaspezia.it/wp-content/uploads/matomo/matomo.js	66 kB	2023-03-08	2024-04-19
Pretty URL b2bmarelaspezia.it/wp-content/uploads/matomo/matomo.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:51:14 Last Seen2024-04-19 12:36:21 Times Seen8049 Hash a3a7245d6daf7d31d2069c0ba05879dd ec1bf464889e71aec1ced6d8361a26c76e4a1460 d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693 Loading...

	b2bmarelaspezia.it/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4	9.9 kB	2023-03-08	2024-04-18
Pretty URL b2bmarelaspezia.it/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:19 Last Seen2024-04-18 12:23:23 Times Seen3132 Hash dc74c9954b1944928eca0172c3b8c6b3 e9e00e587e0e28491b69563b4e768945ff2e0ed5 d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b Loading...

	b2bmarelaspezia.it/wp-includes/js/masonry.min.js?ver=4.2.2	24 kB	2023-03-07	2024-04-19
Pretty URL b2bmarelaspezia.it/wp-includes/js/masonry.min.js?ver=4.2.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-04-19 23:26:48 Times Seen15206 Hash 3b3fc826e58fc554108e4a651c9c7848 76778fd446e2ff2377588a7b4ac4d79f258427c9 e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb Loading...

	b2bmarelaspezia.it/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.2	26 kB	2023-03-08	2024-04-19
Pretty URL b2bmarelaspezia.it/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:32 Last Seen2024-04-19 20:39:51 Times Seen1057 Hash 72cfca7098dcd0b02f7a293a19b344e0 7423dddaf11edf79f88e988b05461af2f7d73b7d 59848acc8f86a05b6983df9f54056ec156e969186ac5ac2b723b57303143bc7b Loading...

	b2bmarelaspezia.it/wp-includes/js/wp-emoji-release.min.js?ver=81582bdb254a94e4464424087c6479a8	19 kB	2023-03-07	2024-04-19
Pretty URL b2bmarelaspezia.it/wp-includes/js/wp-emoji-release.min.js?ver=81582bdb254a94e4464424087c6479a8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-19 20:39:52 Times Seen37996 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	b2bmarelaspezia.it/er/?qbot.zip	502 B	2023-03-11	2023-03-13
Pretty URL b2bmarelaspezia.it/er/?qbot.zip IP 80.88.87.206 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:15:44 Last Seen2023-03-13 19:06:50 Times Seen1 Hash b3c4e8de10f41dfeb16bda28a372fdcf 834ce30493aa6fdc49e361f12a61bcd75115bc89 acd1bc4468c144a97cef36a5adff4ed017324e981cb3287039ff23f63bfc6c2e Loading...

	b2bmarelaspezia.it/er/?qbot.zip	132 B	2023-03-11	2023-03-13
Pretty URL b2bmarelaspezia.it/er/?qbot.zip IP 80.88.87.206 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:15:45 Last Seen2023-03-13 19:06:50 Times Seen1 Hash 84b4587cad4babfda136be815129c52e 718a54e2166c56672238447300adcb14f4f72487 0879a40f052f86a3df624e9125265af676358fc0e634369e614fd5ca19dce79a Loading...

	www.google.com/recaptcha/api.js?ver=81582bdb254a94e4464424087c6479a8	850 B	2023-03-08	2023-03-17
Pretty URL www.google.com/recaptcha/api.js?ver=81582bdb254a94e4464424087c6479a8 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash a6d9f11246866ef6247a51ae9116cf53 1ba0ec4e57dd5d3845edb729fea44e6f709c7aca 60eac53947f6a289ca775891e56b3a4a1084cb8763fe2bf4220b759a58761f1d Loading...

HTTP Transactions (40)

URL IP Response Size

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
67f53a639d57dd6237b5be86fe4f6c1b
287f09532dc331228d09c20b75f4160e91e9800a
41913a8af366685c42af59e9d8e02fccedbe68a3313d2d9fe353deb0c1019075

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6149
Cache-Control: max-age=131126
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 23:48:10 GMT
Etag: "63775eeb-1d7"
Expires: Sun, 20 Nov 2022 12:13:36 GMT
Last-Modified: Fri, 18 Nov 2022 10:31:07 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
30c30d01178fc74ac5266ee64c3ee85b
c0c2af8a864c00aa85a8775d55f85ab107150a3b
c15644f69fbfeb99074c7e9711dfc9452ee164fa78eb981b6bae4fb7e3585f2a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C15644F69FBFEB99074C7E9711DFC9452EE164FA78EB981B6BAE4FB7E3585F2A"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6109
Expires: Sat, 19 Nov 2022 01:29:59 GMT
Date: Fri, 18 Nov 2022 23:48:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3a38b6dd8a4cc335c026aebf2ed348b6
8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8
8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4044
Expires: Sat, 19 Nov 2022 00:55:34 GMT
Date: Fri, 18 Nov 2022 23:48:10 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 18 Nov 2022 23:45:04 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 186
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 3naWLlStVv/vDW+DEIvjBxASmkDnj5KiVZch57Icn+Uv0n8SsNyRGM09G6RciPSFLqbo5p0ayvY=
x-amz-request-id: 74P6T3GYSTNHTQ2P
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 18 Nov 2022 22:53:06 GMT
age: 3304
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.comodoca.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.comodoca.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2f2a8e833ba1310be3fd9206370621a8
1e3bfeeda126fb5d7850394881ac05b119dd12e6
02571a0dd7cfd0498afbc4cbcc6ee3577bf2670c5bab17ff8f340e90a2994d5a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 23:48:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 23:28:44 GMT
Expires: Fri, 25 Nov 2022 23:28:43 GMT
Etag: "1e3bfeeda126fb5d7850394881ac05b119dd12e6"
Cache-Control: max-age=603032,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76c4986bf8fbb515-OSL

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 23:48:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 18 Nov 2022 23:44:49 GMT
cache-control: public,max-age=3600
age: 201
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fe40cc6ea871d80382b6082111393fbe
281f75d0a35dc8ef908bb0500e57abd86bd5388e
6d15422cdf7a6d72d06497188f27af893682314e82ac8a189a0ee2d798cb62d7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6223
Cache-Control: max-age=126149
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 23:48:10 GMT
Etag: "63774b30-1d7"
Expires: Sun, 20 Nov 2022 10:50:39 GMT
Last-Modified: Fri, 18 Nov 2022 09:06:56 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

b2bmarelaspezia.it/er/index.php?qbot.zip

80.88.87.206

301 Moved Permanently

0 B

URL HTTP/2
b2bmarelaspezia.it/er/index.php?qbot.zip
IP
80.88.87.206:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /er/index.php?qbot.zip HTTP/1.1
Host: b2bmarelaspezia.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.4.32
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://b2bmarelaspezia.it/er/?qbot.zip
content-length: 0
date: Fri, 18 Nov 2022 23:48:10 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

ocsp.comodoca.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.comodoca.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2f2a8e833ba1310be3fd9206370621a8
1e3bfeeda126fb5d7850394881ac05b119dd12e6
02571a0dd7cfd0498afbc4cbcc6ee3577bf2670c5bab17ff8f340e90a2994d5a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 23:48:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 23:28:44 GMT
Expires: Fri, 25 Nov 2022 23:28:43 GMT
Etag: "1e3bfeeda126fb5d7850394881ac05b119dd12e6"
Cache-Control: max-age=603032,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76c498716f14b515-OSL

push.services.mozilla.com/

34.215.56.181

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.215.56.181:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: H09C1teAxrk8BXojUvRElQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0NfFiXpSL+uf5QBbdGlEZ0jqgjk=

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
feaeba711c7421b074e726f89ff34e0b
c590c0b76a7a78ab51a4dabcd8f20a1b172b02fb
ebe6e312ea7116713547fbd756805843b1c242ad22269158a79305f1819fa990

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 23:48:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5e884c53db72411f06e2209d005f7586
6e1049a7fc26d6a3259a97bfca9dc6ba7b0dd5af
2965603dd297987ffa36ffd33c133f2c6a67fa6df1551554160b65ce804b0198

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 23:48:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 23:48:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?ver=81582bdb254a94e4464424087c6479a8

142.250.74.164

200 OK

553 B

URL HTTP/2
www.google.com/recaptcha/api.js?ver=81582bdb254a94e4464424087c6479a8
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (850), with no line terminators
Size
553 B (553 bytes)
Hash
1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038

HTTP Headers

GET /recaptcha/api.js?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b2bmarelaspezia.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Fri, 18 Nov 2022 23:48:12 GMT
date: Fri, 18 Nov 2022 23:48:12 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
feaeba711c7421b074e726f89ff34e0b
c590c0b76a7a78ab51a4dabcd8f20a1b172b02fb
ebe6e312ea7116713547fbd756805843b1c242ad22269158a79305f1819fa990

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 23:48:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c15be7bf1c6987951ddd348d6f6b4db1
9faac1fb81abc8fce6d4ae81777c76b8bc11e9b0
7f1d01e3fc0b69e331fd30326ea8fd9b1e3e06a0a93ae4768e7addd03a121025

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 23:48:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 23:48:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 23:48:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.195

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://b2bmarelaspezia.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 21:48:50 GMT
expires: Thu, 16 Nov 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 179962
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

216.58.207.195

200 OK

7.7 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://b2bmarelaspezia.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 08:32:10 GMT
expires: Thu, 16 Nov 2023 08:32:10 GMT
cache-control: public, max-age=31536000
age: 227762
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 23:48:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
42a5ddbe8f6f5abe924fc9060d630e3b
8f3f1cf4e9d6ba3176b25c2caf9ea958d1694d0a
b426d43bef89fa91dada624d5334111b77f284f1c4a49af081814e00106410a6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5943
Cache-Control: max-age=169797
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 23:48:12 GMT
Etag: "6377f6ca-1d7"
Expires: Sun, 20 Nov 2022 22:58:09 GMT
Last-Modified: Fri, 18 Nov 2022 21:19:06 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8328
Expires: Sat, 19 Nov 2022 02:07:00 GMT
Date: Fri, 18 Nov 2022 23:48:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8328
Expires: Sat, 19 Nov 2022 02:07:00 GMT
Date: Fri, 18 Nov 2022 23:48:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8328
Expires: Sat, 19 Nov 2022 02:07:00 GMT
Date: Fri, 18 Nov 2022 23:48:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8328
Expires: Sat, 19 Nov 2022 02:07:00 GMT
Date: Fri, 18 Nov 2022 23:48:12 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ca5d00-3117-40f2-90e5-4ca95505ab2d.jpeg

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ca5d00-3117-40f2-90e5-4ca95505ab2d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9745 bytes)
Hash
dfd1ad982b5a23711e8d302e226498c5
3dc5b12aca861b5a1a74bb606afdf29a7cfabfb6
0a2bc926b1afe092d21894615c576d4f8178dc37877b9b712dbe3d2d72351c8a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ca5d00-3117-40f2-90e5-4ca95505ab2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9745
x-amzn-requestid: a516b773-5122-4c77-a288-864cc9146cc0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ6STH5aoAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d70db-0aea66e27e3ceabd4bff12bc;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 21:44:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: oKF_EUV9e-E3eHWMA_ZCYspSYnZG7lnfs6Hu0WFbiPM6Y4KMS_JTuw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:55:07 GMT
age: 6785
etag: "3dc5b12aca861b5a1a74bb606afdf29a7cfabfb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

142.250.74.163

200 OK

163 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (730)
Size
163 kB (162976 bytes)
Hash
79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6

HTTP Headers

GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://b2bmarelaspezia.it
Connection: keep-alive
Referer: https://b2bmarelaspezia.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 15:30:33 GMT
expires: Fri, 17 Nov 2023 15:30:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 116259
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7589 bytes)
Hash
06c6e720bc9900b38e88cd72f739603e
22884cbc78622d6f78c1c3397c9b440946144a99
8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G_b9L1-WBsD1eh58iF6Cwh8ij3yZVOei6oIUjwdoKQzHLayBLJdv0A==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 16:26:42 GMT
age: 26490
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7754 bytes)
Hash
8cf981b1ea47b981c73aa1f291be4d8a
d18b869e1940841e9b03f66f5608e381f1727b37
3352a04b9596b594aeb5de3dc70047196a830e3ca79babf7c1b72ff1103b2d26

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7754
x-amzn-requestid: 2c21447c-03bb-4e50-9eeb-a8ae86c0d204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRmFuiIAMFjWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa70-7a7e65fc5d443a1d70feb62b;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MFN-Yhp70fPLS4R_tVxEvzt-YQ7COwXaXrmifEfXfpiC0epJHSJq7w==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 7907
etag: "d18b869e1940841e9b03f66f5608e381f1727b37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2322028-23d3-484c-804a-5b251de1f7ec.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4929 bytes)
Hash
d6ec86b5af6fbe10dd5b3e48d5524374
dbb6eab95c500e223998f34ec0ccffceaf76898f
4dd5976de4c8ad965129132d8eea940e4af9f2142c68dfe2ca3687ad2e55e529

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2322028-23d3-484c-804a-5b251de1f7ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4929
x-amzn-requestid: fefd5676-19dc-4459-b745-812407eac732
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr9bFfhIAMFpdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d22-040efd6f1b7397911cdb5aab;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: aqxEDGH05okuYqEEHltirZtY6Ku_qsxVaHwR3BnLlKEcaX-uJeLF6g==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 04:07:52 GMT
age: 70820
etag: "dbb6eab95c500e223998f34ec0ccffceaf76898f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b2bmarelaspezia.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: OFNwOnEgi2fLUCLvxuqIme8GLJiIc1AH5Ait8BLOi6/Cy7m4+JkMimKVgTwbuePgiUzoQ+Jd5C+Bux1jJW7vhA==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 23:48:12 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53a83e17-462d-4d4f-8f42-f44460fc79a2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7445 bytes)
Hash
50a8727077dd86072a07bd2077c252a8
0e2df523714ca147a69465f3ad4867a33314acb2
9fd12b1e80aa231ffd709c05edda762a4c63d0c70010fb62efdf21c73e657459

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53a83e17-462d-4d4f-8f42-f44460fc79a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7445
x-amzn-requestid: 10c0e6f1-9264-49a0-93b1-16f291edb643
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bu9_nGVwIAMFlKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375dd30-42e9fc0207225de072a699c6;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 07:05:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qCvIW2IsCq9sLUWmSTXQOrBC61C1rL7qmSoTn1IHuaXrOzg-bM9NJQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 07:41:15 GMT
age: 58017
etag: "0e2df523714ca147a69465f3ad4867a33314acb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
42a5ddbe8f6f5abe924fc9060d630e3b
8f3f1cf4e9d6ba3176b25c2caf9ea958d1694d0a
b426d43bef89fa91dada624d5334111b77f284f1c4a49af081814e00106410a6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5943
Cache-Control: max-age=169797
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 23:48:12 GMT
Etag: "6377f6ca-1d7"
Expires: Sun, 20 Nov 2022 22:58:09 GMT
Last-Modified: Fri, 18 Nov 2022 21:19:06 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

www.facebook.com/tr/?id=592251841372035&ev=PageView&dl=https%3A%2F%2Fb2bmarelaspezia.it%2Fer%2F%3Fqbot.zip&rl=&if=false&ts=1668815290713&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668815290712.942872980&it=1668815290549&coo=false&rqm=GET

31.13.72.36

200 OK

86 kB

URL HTTP/2
www.facebook.com/tr/?id=592251841372035&ev=PageView&dl=https%3A%2F%2Fb2bmarelaspezia.it%2Fer%2F%3Fqbot.zip&rl=&if=false&ts=1668815290713&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668815290712.942872980&it=1668815290549&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type
gzip compressed data, from Unix\012- data
Size
86 kB (86042 bytes)
Hash
9964c80a10d223548ad487ddbcdac23f
d34351381828fa5babefeae1cc21f2f1fbf4e1a9
c2f6be981f1e1a5e510cedb2c15ce92707e63d0e6f84ff17812574207eedf0f4

HTTP Headers

GET /tr/?id=592251841372035&ev=PageView&dl=https%3A%2F%2Fb2bmarelaspezia.it%2Fer%2F%3Fqbot.zip&rl=&if=false&ts=1668815290713&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668815290712.942872980&it=1668815290549&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b2bmarelaspezia.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Nov 2022 23:48:12 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Poppins:400,500,600&subset=latin,latin-ext

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Poppins:400,500,600&subset=latin,latin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Poppins:400,500,600&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b2bmarelaspezia.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Nov 2022 23:48:12 GMT
date: Fri, 18 Nov 2022 23:48:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

b2bmarelaspezia.it/er/?qbot.zip

80.88.87.206

404 Not Found

0 B

URL HTTP/2
b2bmarelaspezia.it/er/?qbot.zip
IP
80.88.87.206:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /er/?qbot.zip HTTP/1.1
Host: b2bmarelaspezia.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 404 Not Found
x-powered-by: PHP/7.4.32
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://b2bmarelaspezia.it/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Fri, 18 Nov 2022 23:48:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Poppins:500&display=swap&ver=1668769814

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Poppins:500&display=swap&ver=1668769814
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Poppins:500&display=swap&ver=1668769814 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b2bmarelaspezia.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Nov 2022 23:48:12 GMT
date: Fri, 18 Nov 2022 23:48:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (43)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations