Report - fiumicinobus.com/

Report Overview

Submitted URL
fiumicinobus.com/
IP
185.136.89.218
ASN
#12338 Euskaltel S.A.
Submitted
2022-11-25 04:17:28
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
40

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.6 kB	142.250.74.35
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.20.226
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	21 kB	142.250.74.174
vars.hotjar.com	1014	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	506 B	1.7 kB	143.204.55.105
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	770 B	115 kB	142.250.74.168
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	45 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	69 kB	142.250.74.10
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.38.227.80
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	793 B	9.0 kB	104.17.25.14
www.fiumicinobus.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	2.1 kB	185.136.89.218
fiumicinobus.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	42 kB	1.6 MB	185.136.89.218
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	424 B	3.1 kB	151.101.85.229
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	510 B	129 kB	216.58.207.195
stats.busbeauvaisparis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	821 B	226 B	185.136.89.218
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	72 kB	54.230.111.8
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	54.230.245.110

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-25	medium	fiumicinobus.com/	Phishing
2022-11-25	medium	fiumicinobus.com/js/components-Pages-Home.7b625053cd640e81b29b.js	Phishing
2022-11-25	medium	fiumicinobus.com/js/components-Widgets-LanguagePicker.fa805e5dc1695e4eafc9.js	Phishing
2022-11-25	medium	www.fiumicinobus.com/img/es.svg	Phishing
2022-11-25	medium	www.fiumicinobus.com/img/gb.svg	Phishing
2022-11-25	medium	fiumicinobus.com/js/app.js	Phishing
2022-11-25	medium	www.fiumicinobus.com/img/it.svg	Phishing
2022-11-25	medium	www.fiumicinobus.com/img/pt.svg	Phishing
2022-11-25	medium	www.fiumicinobus.com/img/pl.svg	Phishing
2022-11-25	medium	fiumicinobus.com/img/gb.svg	Phishing
2022-11-25	medium	fiumicinobus.com/img/it.svg	Phishing
2022-11-25	medium	fiumicinobus.com/img/es.svg	Phishing
2022-11-25	medium	fiumicinobus.com/img/fr.svg	Phishing
2022-11-25	medium	fiumicinobus.com/img/pt.svg	Phishing
2022-11-25	medium	fiumicinobus.com/img/pl.svg	Phishing
2022-11-25	medium	fiumicinobus.com/images/vendor/flag-icon-css/flags/4x3/es.svg?50623e6a761b392b5381ce35e8a77f99	Phishing
2022-11-25	medium	fiumicinobus.com/js/vendors~components-Util-Flag~components-Widgets-LanguagePicker.68a8f69e7b8ca791048c.js	Phishing
2022-11-25	medium	fiumicinobus.com/js/components-Divs-Card.427a4fc01b3c083137ca.js	Phishing
2022-11-25	medium	fiumicinobus.com/js/components-BusJourneySelector.9cf88cfa67f6b3f4e416.js	Phishing
2022-11-25	medium	fiumicinobus.com/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.js	15 kB	2023-03-07	2024-04-02
Pretty URL cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:05 Last Seen2024-04-02 10:02:58 Times Seen492 Hash c27796136c1e46aa9b34e4176ed84faa 7f239033b0794ff1f13bbe80a91f4a5d89e200cb dfdf43351c9f229588cb5655d0a984208b88439b011dd2eef4c06d547acdb6df Loading...

	www.googletagmanager.com/gtag/js?id=UA-101106124-2	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-101106124-2 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:34:22 Last Seen2023-03-11 19:34:22 Times Seen1 Hash 39d8912f43badd7718d0b8be3c63fea5 8b79cd1cd3057bad5e9cab05e970271660121255 3b232805928de84e027a5312c42e343c8685ae85a13f4455e6b8af4f286af3a1 Loading...

	fiumicinobus.com/	508 B	2023-03-07	2024-02-05
Pretty URL fiumicinobus.com/ IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:05 Last Seen2024-02-05 02:51:25 Times Seen64 Hash f58f8ead870e1a303d3a3ae2c2adb570 601822321d2fbd90cb5ec226314b304f4a7c277c 2c7107cf42744be76aa5600891f379acf807c904699475f5f22009153df70d83 Loading...

	fiumicinobus.com/js/vendors~components-Util-Flag~components-Widgets-LanguagePicker.68a8f69e7b8ca791048c.js	93 kB	2023-03-07	2023-12-07
Pretty URL fiumicinobus.com/js/vendors~components-Util-Flag~components-Widgets-LanguagePicker.68a8f69e7b8ca791048c.js IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:50 Last Seen2023-12-07 02:05:49 Times Seen5 Hash c7ab1e6c9ec683deb3840ef2f28f8914 74d672c4e7be8781052326b6a9ad1b40a4ec83b2 101e1d598bbf91a40d50cf3383b711ecda626f99b29fdf1daa6ec059f3007faf Loading...

	fiumicinobus.com/js/components-BusJourneySelector.9cf88cfa67f6b3f4e416.js	16 kB	2023-03-07	2023-12-07
Pretty URL fiumicinobus.com/js/components-BusJourneySelector.9cf88cfa67f6b3f4e416.js IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:50 Last Seen2023-12-07 02:05:48 Times Seen3 Hash 8aaed400d613b3ec9d97d203b54b8a41 1886dae59cc55e646322f5b363934384e60f293a 01638c0c04aff15e0e070f76c3f00c890fec08f05b587e0421b8b51ced0a5c8f Loading...

	vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html	2.3 kB	2023-03-08	2023-03-26
Pretty URL vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html IP 143.204.55.105 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:11 Last Seen2023-03-26 01:38:12 Times Seen2 Hash 2ab04d2242413cc15369fa816e1a02f8 8ff148dd539f0fff0892dcc2075839c315cb8642 fe51660a3d21efbefab64694f51d02f2bcee4e82c324895e93c78ba6179508a3 Loading...

	fiumicinobus.com/	170 kB	2023-03-07	2023-12-07
Pretty URL fiumicinobus.com/ IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:50 Last Seen2023-12-07 02:05:48 Times Seen3 Hash 8d1f8cc9e17ed51a0a3bb3e8b1af77a9 2a73ef3fa84c83746ab22b7f6e68b3cd4eabe084 428723395262591cc6b65bc9ff1e27e93c42c05042eb9ca357a76a0d789e135c Loading...

	fiumicinobus.com/	23 B	2023-03-07	2024-04-19
Pretty URL fiumicinobus.com/ IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:37:53 Last Seen2024-04-19 15:17:36 Times Seen194 Hash ff3dd897e61e0f42ae57c565f7d86034 be0d83af8b36cda1c21be1b94b39c75cb14cb428 3e0830fd22515bfd90b1394553b6fb0368f9b541b5b917a4c4deb4f0a91a872d Loading...

	stats.busbeauvaisparis.com/matomo/matomo.js	66 kB	2023-03-08	2024-04-19
Pretty URL stats.busbeauvaisparis.com/matomo/matomo.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:51:14 Last Seen2024-04-19 12:36:21 Times Seen8049 Hash a3a7245d6daf7d31d2069c0ba05879dd ec1bf464889e71aec1ced6d8361a26c76e4a1460 d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693 Loading...

	fiumicinobus.com/js/components-DIalogs-CovidDialog.629c559d43171b3cec90.js	2.0 kB	2023-03-07	2023-12-07
Pretty URL fiumicinobus.com/js/components-DIalogs-CovidDialog.629c559d43171b3cec90.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:50 Last Seen2023-12-07 02:05:48 Times Seen3 Hash 1af310a6a0f1c3ab3eb6f4bb1778a6f3 72b321768bff3d8120aa88657486074e16695102 605a8c874f09460718e30c7c0efbf1bfd2352fd232087a8908104ab0965d0957 Loading...

	fiumicinobus.com/	23 B	2023-03-07	2024-02-05
Pretty URL fiumicinobus.com/ IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:04 Last Seen2024-02-05 02:51:25 Times Seen70 Hash adf403a4228a8407a94b6ac8c0b57b04 feabe0997a64d7e4938da4a07fbb2bfe82f5ca91 34d24afc8783f61e232e360be2ecda77142049d7f41ecd46ee6701fc261c3606 Loading...

	fiumicinobus.com/js/components-Widgets-LanguagePicker.fa805e5dc1695e4eafc9.js	3.2 kB	2023-03-07	2023-12-07
Pretty URL fiumicinobus.com/js/components-Widgets-LanguagePicker.fa805e5dc1695e4eafc9.js IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:50 Last Seen2023-12-07 02:05:48 Times Seen4 Hash d1f7f784da0eb2755271934cb0c26bb6 c0ac937bc67438c22995394de43a56c0938fbaad e7a184f4c8f12049cefe02ac46b231dbd11c3144bbcd6407a5ab2fa999578dbe Loading...

	static.hotjar.com/c/hotjar-1721441.js?sv=6	6.7 kB	2023-03-11	2023-03-11
Pretty URL static.hotjar.com/c/hotjar-1721441.js?sv=6 IP 54.230.111.8 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:34:22 Last Seen2023-03-11 22:17:01 Times Seen1 Hash e3881b1412b8a8df5518f0252b3ad478 7cdde09bc233dee5f6943a9a81e02feb84282083 5f4ebbba084e6d156f068b067b3133ae435d1b1fa892c9e758574617abd98427 Loading...

	fiumicinobus.com/js/app.js	681 kB	2023-03-07	2023-12-07
Pretty URL fiumicinobus.com/js/app.js IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:50 Last Seen2023-12-07 02:05:48 Times Seen4 Hash 0421c0e8b9ff4ec4157fb1472f3acbc9 a0393310c413262f15e20b09916174c5b2245a88 4f34c29683effc96425620dbdf086567bba112d8caf06c6f69f5b379bcf6efd7 Loading...

	fiumicinobus.com/js/components-Pages-Home.7b625053cd640e81b29b.js	23 kB	2023-03-07	2023-12-07
Pretty URL fiumicinobus.com/js/components-Pages-Home.7b625053cd640e81b29b.js IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:50 Last Seen2023-12-07 02:05:48 Times Seen4 Hash 40fc1f362dbf62b11077d7b6d3950d5c 06620f03e8914d77a57f639ca34a501313a8dd58 7e4fd290b72302e21eea1024b99b79115d8a222defa6696a63c34554d9476d0d Loading...

	fiumicinobus.com/js/components-Divs-Card.427a4fc01b3c083137ca.js	1.9 kB	2023-03-07	2023-12-07
Pretty URL fiumicinobus.com/js/components-Divs-Card.427a4fc01b3c083137ca.js IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:50 Last Seen2023-12-07 02:05:48 Times Seen3 Hash ea43c773ee7922fd3da57e690a4998e3 91319db81ca37aca63ec18e67fcc011ad05fb910 2c785c879f58f73e33f6074e0347498bceda7b37a8c4a403fee16581d80a8861 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-19
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-19 18:35:29 Times Seen1519 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?tracking=1&thirdparty=1&always=1	7.3 kB	2023-03-08	2023-03-12
Pretty URL cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?tracking=1&thirdparty=1&always=1 IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:52 Last Seen2023-03-12 09:43:53 Times Seen1 Hash f1ec2db37e85d68b0dcb5d99548839da b123b4578bacf4869ee10c2b77629628a6b67fc9 4f20141879a5447bbfb6d7ec992df28f25a6c097a916ae323f743dd2ec13be1a Loading...

	www.googletagmanager.com/gtag/js?id=AW-879903643	193 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=AW-879903643 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:34:23 Last Seen2023-03-11 19:34:23 Times Seen1 Hash e24bfa7370b3439924af010b66d03ca9 b092c04b9ff074210b640ac59e470c1a6928dc4e 28538ebb1469ad1fffb5a6c374d32c360b5243d8a529314c26c0129928939fb9 Loading...

	fiumicinobus.com/	209 B	2023-03-07	2024-01-07
Pretty URL fiumicinobus.com/ IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:13 Last Seen2024-01-07 01:37:53 Times Seen10 Hash e0913882578c06552a476e6f3fc40f09 688ab7f7790cbfe4e53961873c1884af33217961 1a7ff9d877694dd45a8bdf5080c7b3eb70ed61d37c696254a8e4663b67a2840a Loading...

	fiumicinobus.com/	524 B	2023-03-07	2023-12-07
Pretty URL fiumicinobus.com/ IP 185.136.89.218 ASN #12338 Euskaltel S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:50 Last Seen2023-12-07 02:05:48 Times Seen3 Hash 13f3b1fbc8acc88e85a235fc3b9514db 419060a65583a11c2b027761f321c6df554b12bd a621811b24cf51daae5b65c4fbc31250a004bfed3a9f95fa344c34db7b72a44e Loading...

HTTP Transactions (86)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2871
Expires: Fri, 25 Nov 2022 05:05:08 GMT
Date: Fri, 25 Nov 2022 04:17:17 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6177
Cache-Control: max-age=115011
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:17:17 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:14:08 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 03:19:02 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3495
alt-svc: clear
X-Firefox-Spdy: h2

fiumicinobus.com/

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/1.1
fiumicinobus.com/
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 25 Nov 2022 04:17:16 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://fiumicinobus.com/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9236
Expires: Fri, 25 Nov 2022 06:51:13 GMT
Date: Fri, 25 Nov 2022 04:17:17 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: GbQSV0jg1DdcuFgOfmC50V/x5GvCIRtoTy6NR0TmpldViYl8JX0clyggLEukiX/Qm892lo3v1rE=
x-amz-request-id: FG4W2XGC2BP8WVF1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 03:40:39 GMT
age: 2198
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 04:11:11 GMT
cache-control: public,max-age=3600
age: 366
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d80278bca5b2609cd3e6c2073fb189d4
58de874a7885394d2298da1aeaaca163d966a971
22bc45ea5c4983d431574aec377b2f296a2e78d686c5c1266c6edf451168cc10

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22BC45EA5C4983D431574AEC377B2F296A2E78D686C5C1266C6EDF451168CC10"
Last-Modified: Fri, 25 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21550
Expires: Fri, 25 Nov 2022 10:16:27 GMT
Date: Fri, 25 Nov 2022 04:17:17 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4870
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:17:17 GMT
Last-Modified: Fri, 25 Nov 2022 02:56:07 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.38.227.80

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.38.227.80:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qEp7QNSUfvKrEBNYZSRI/A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dmq/PcEQLaZI//r2pMsgJWU+It4=

cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.css

104.17.25.14

200 OK

3.8 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
3.8 kB (3792 bytes)
Hash
c7022a9318bb098c948cb1dd13c23207
ddaa1d7a00991fb28fbef5b7abc5071a3aec6360
432ee441344f4679abbe5741b0ba0d662089f1ad539347506e6d8af5b32f9b49

HTTP Headers

GET /ajax/libs/animate.css/3.7.2/animate.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:17:18 GMT
content-type: text/css; charset=utf-8
content-length: 3792
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d2a-13053"
last-modified: Mon, 04 May 2020 16:04:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4352841
expires: Wed, 15 Nov 2023 04:17:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJVJDzuPdDgksfi5esNaaK7%2Bggkcs%2FsAg3QsoZurrj13Otry740lALbFCU9BgR0HNbo%2F1YuMEjWATX3LQ1oxp9C7jRaAhAIXG7APsLNo68cuovAGjS8vmdIREeE0uu7H0WuLyv%2FD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76f792e99bcfb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.js

104.17.25.14

200 OK

3.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
3.0 kB (2998 bytes)
Hash
e30f0c9c62a48fa192266bf8c5cb1eae
2bec3bc63d8c333bab464d1c110a24cebb58f9d4
218e8dbd3a5d9ba3eacdc9678e633601a97d6222bc494f3d8da6603eec3e9be2

HTTP Headers

GET /ajax/libs/wow/1.1.2/wow.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:17:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 2998
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04033-3b8a"
last-modified: Mon, 04 May 2020 16:17:55 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 14793484
expires: Wed, 15 Nov 2023 04:17:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9TCMI%2B5xN6WLMY1b9Oq37jSpzgtX1RQeJ0H5WKYWLmU%2BMcPm9Enpay3WmO4EcvSWvz%2BN2wjT7eRh6yQWLp2OCanwSKfm%2Fgg%2B6AAHCxtd6D3FpYSa0VrH%2BoyQgz1sVOKAldpo%2Ba0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76f792e9abd0b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:17:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:17:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:17:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:17:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:17:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?tracking=1&thirdparty=1&always=1

151.101.85.229

200 OK

2.3 kB

URL HTTP/2
cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?tracking=1&thirdparty=1&always=1
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (7273), with no line terminators
Size
2.3 kB (2344 bytes)
Hash
ee29d69be664aabdf4477445160714df
b8d812e44035ddebf86f1404288f833b5c2575b7
ee337ac04ce1ccc14cbb5c78dfc18d850a687c8439efe05b5e3d323ff4a3ee93

HTTP Headers

GET /npm/cookie-bar/cookiebar-latest.min.js?tracking=1&thirdparty=1&always=1 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.10.1
x-jsd-version-type: version
etag: W/"1c69-sSO0V4us9Iae4Qwrd2KWKKa2f8k"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 25 Nov 2022 04:17:18 GMT
age: 38988
x-served-by: cache-fra-eddf8230077-FRA, cache-bma1655-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2344
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
aa8d632fd2b4d45275d958e5e0573606
b333468224608159895ed534fb52578c12f2a314
2c703c8c7989ec56679e212ea184a325c5a9e39daa89192f03fb07acf1e896d8

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:17:18 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "018A3951B41DEF6AA2ED1611866A7E5A897CA95C"
Expires: Fri, 25 Nov 2022 15:00:00 GMT
Last-Modified: Fri, 25 Nov 2022 03:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 950
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f792ea1d17b521-OSL

www.googletagmanager.com/gtag/js?id=UA-101106124-2

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-101106124-2
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43679 bytes)
Hash
56b197cea4cf305f041199ad47f13220
7f34a1d50b46533a9863958b9ada17ec9de3d3ec
3a59f945b56049e50186feabceb4ef8d3a351c260f09c20198c979548d681236

HTTP Headers

GET /gtag/js?id=UA-101106124-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 04:17:18 GMT
expires: Fri, 25 Nov 2022 04:17:18 GMT
cache-control: private, max-age=900
last-modified: Fri, 25 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=AW-879903643

142.250.74.168

200 OK

70 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-879903643
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (5236)
Size
70 kB (69843 bytes)
Hash
f126f89030d3ed05db96b0c22d80b1a4
ce978a5d1986d0e586a7bedf658807b530cf6433
c407b1baf37cf7e8dd7ba40afdc71a5e81d73d54c681e6b3b6958333f2657ca2

HTTP Headers

GET /gtag/js?id=AW-879903643 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 04:17:18 GMT
expires: Fri, 25 Nov 2022 04:17:18 GMT
cache-control: private, max-age=900
last-modified: Fri, 25 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69843
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:17:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:17:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:17:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fiumicinobus.com/css/menu.css

185.136.89.218

200 OK

9.6 kB

URL HTTP/2
fiumicinobus.com/css/menu.css
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
ASCII text, with very long lines (612)
Size
9.6 kB (9635 bytes)
Hash
27bc7d5408b5f9adeee420bb15cee66d
93a93e38262330bfba4922bdb2901268332800ac
e31cc74f10bb13cf4acc021dc2505227377cb596548f81f0803dcd0d664646d7

HTTP Headers

GET /css/menu.css HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/css/base.css
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:18 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-222d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/css/base.css

185.136.89.218

200 OK

524 B

URL HTTP/2
fiumicinobus.com/css/base.css
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
ASCII text
Size
524 B (524 bytes)
Hash
b96b44e60f6027b3212ab3562bace430
bf587c0a12190395ee7fca4e7d24091585925dd8
fa55c1e125b52e46429faa3bc031299d7549f93cd1231b416a123389d1bc4492

HTTP Headers

GET /css/base.css HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:18 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"6d-5e55507eca41b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/img/logo_sticky_2x.png

185.136.89.218

200 OK

66 kB

URL HTTP/2
fiumicinobus.com/img/logo_sticky_2x.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 2008 x 567, 8-bit/color RGBA, non-interlaced\012- data
Size
66 kB (66448 bytes)
Hash
5fd10725d1d896cfaf8784640c18ed93
e4a2d52104fb5de2cf871858bca95fdc80cf3292
3dd131c71c0010f72515176ae2d3fbad265d0f7a55e3906395d781fbb51327fe

HTTP Headers

GET /img/logo_sticky_2x.png HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:18 GMT
content-type: image/png
content-length: 66448
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-10390"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/img/logo.png

185.136.89.218

200 OK

66 kB

URL HTTP/2
fiumicinobus.com/img/logo.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 2008 x 567, 8-bit/color RGBA, non-interlaced\012- data
Size
66 kB (66448 bytes)
Hash
5fd10725d1d896cfaf8784640c18ed93
e4a2d52104fb5de2cf871858bca95fdc80cf3292
3dd131c71c0010f72515176ae2d3fbad265d0f7a55e3906395d781fbb51327fe

HTTP Headers

GET /img/logo.png HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:18 GMT
content-type: image/png
content-length: 66448
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-10390"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/css/animate.min.css

185.136.89.218

200 OK

16 kB

URL HTTP/2
fiumicinobus.com/css/animate.min.css
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
data
Size
16 kB (15785 bytes)
Hash
5d03825b5a88ddcf6d0458e1069b9259
e34e96eeb9c35d105db0e749028365f200070cba
706976c103922c9cdf0f0a3cda688edd53a96422411ec0e3fd9d5c8d03616649

HTTP Headers

GET /css/animate.min.css HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/css/base.css
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:18 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-d0bc"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
74ebf0d837d1a73d37184735e7dc847b
862cb5affa432e8716374acea7b2bc22fca10d71
1dd58246d37eadebb9a946d3061672f5b012edd9fe0e69b9b763c72305db6764

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DD58246D37EADEBB9A946D3061672F5B012EDD9FE0E69B9B763C72305DB6764"
Last-Modified: Thu, 24 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6528
Expires: Fri, 25 Nov 2022 06:06:07 GMT
Date: Fri, 25 Nov 2022 04:17:19 GMT
Connection: keep-alive

fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

216.58.207.195

200 OK

128 kB

URL HTTP/2
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fiumicinobus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 20:36:08 GMT
expires: Fri, 24 Nov 2023 20:36:08 GMT
cache-control: public, max-age=31536000
age: 27671
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fiumicinobus.com/js/components-Pages-Home.7b625053cd640e81b29b.js

185.136.89.218

200 OK

4.2 kB

URL HTTP/2
fiumicinobus.com/js/components-Pages-Home.7b625053cd640e81b29b.js
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
Unicode text, UTF-8 text, with very long lines (22812)
Size
4.2 kB (4164 bytes)
Hash
2fafce35a480bbc901e147774a8e94f0
5843cdade41ff3911c562fbc7a35bc75ae21d54a
fe79b8d901107d0a0dcbe4bc0f9abbcd07398dbf971b1465ddf4ea8568e8669b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/components-Pages-Home.7b625053cd640e81b29b.js HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-5973"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/js/components-Widgets-LanguagePicker.fa805e5dc1695e4eafc9.js

185.136.89.218

200 OK

1.7 kB

URL HTTP/2
fiumicinobus.com/js/components-Widgets-LanguagePicker.fa805e5dc1695e4eafc9.js
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
Unicode text, UTF-8 text, with very long lines (3113)
Size
1.7 kB (1712 bytes)
Hash
6be0918d5d6966755a76b868882c072d
5edfa5d8f238d04ea7dfbb0ac27a7614fdb3caff
232fbdbb7c7609c1a151c87be0aadf4e82ea5bc85a5628ee96538d0dcb218665

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/components-Widgets-LanguagePicker.fa805e5dc1695e4eafc9.js HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-c7f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/img/visa.png

185.136.89.218

200 OK

4.4 kB

URL HTTP/2
fiumicinobus.com/img/visa.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 226 x 71, 8-bit/color RGBA, non-interlaced\012- data
Size
4.4 kB (4399 bytes)
Hash
4dc043ece80aef7b007da59aac56460d
0f736cef4bc4e6d3b29a184cee9a8d6f27d4c895
a728125dc850891e7fbb75cbac19d6764eebe7743e78ff9a02b69ca9576a1796

HTTP Headers

GET /img/visa.png HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/png
content-length: 4399
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-112f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/img/mastercard.png

185.136.89.218

200 OK

2.2 kB

URL HTTP/2
fiumicinobus.com/img/mastercard.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 50 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2245 bytes)
Hash
fe1fd1c1dabd1b05830de73bf316f276
e5a2bf8fcb22043a1bf0132e052ef1c0bdc3d97d
800b95f62090540c2a6535d39812d626dd520dca38db411db1873beaac97bc28

HTTP Headers

GET /img/mastercard.png HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/png
content-length: 2245
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-8c5"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2580
Expires: Fri, 25 Nov 2022 05:00:19 GMT
Date: Fri, 25 Nov 2022 04:17:19 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8277 bytes)
Hash
f59a591b222397ff0f01c22a0786e660
6a8504212141af411a18ce58960c8bb52e8116ac
624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: e84a5668-cd91-42af-b6de-5eb694ea56e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-KFtmIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38d-64513fb257d83b9847c82929;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rIKW7gaK37mlbk_TUo63AH9-XDOoF3Z-5mGaeOkzmESFLJ3GHz60lA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:10 GMT
etag: "6a8504212141af411a18ce58960c8bb52e8116ac"
content-type: image/jpeg
age: 24129
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8275 bytes)
Hash
4c67bf2eb6ca2d7e2b34df1dbe8e7b36
cdacea802c72450973140387aafacae9df78b0aa
52c1b293ec45c98077953699dcc48d77d4aee2bb12f38ef21c692af9171b6db2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8275
x-amzn-requestid: 350ffdb7-723f-4dfc-95e8-e76364d1313d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xGPAoAMFbWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-10d4c566779b9b9f4bb9112d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Uj2zluKZJzwlcymflJicV2rFLgOEYzWuhZsThZPRbCwiNoYxCgbEwg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "cdacea802c72450973140387aafacae9df78b0aa"
content-type: image/jpeg
age: 24138
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8006 bytes)
Hash
8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: q53jN1uOtSdeThbk2_0UF6Rl3g4_-_TW7uK1_6Z5oDwSTSRk8XRjyQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:08 GMT
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
age: 24131
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5211 bytes)
Hash
7d0105e45becaf777227cac49e320321
d279a0b70061fe3d8268f1e69c515c0c4439dc80
ea9571213d9a57318cde036c108d4c973c627ce4cd225534ee246349ed4ba3a9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5211
x-amzn-requestid: 706d0037-bbff-417a-9fa3-8ebbbf7b4df1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wFOToAMF12Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-01b6908212b2ab9c5caa34a0;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _FkuS0I2--xiqT4sOKa8ACg8BtI97R-bGe2UZ3o91wfqn_WgktspiQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:36:27 GMT
age: 24052
etag: "d279a0b70061fe3d8268f1e69c515c0c4439dc80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 75792
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4270 bytes)
Hash
648677a7e7bab1896a190d2e5fb7243c
6217a262002244ef3f2e8034076a735cafd9888a
72f2913f7c0770ebab0f2683bdc1ec5a5db8872e8f2c62a8fd5c9178b95dbb06

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4270
x-amzn-requestid: 7327f8fb-804b-4d09-83dc-628e35ffa74b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xFwXoAMFkqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-33f83cea2c585279140f4f59;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: NLXTbS53l_c-lByM8Ym4_tfOlgP2lB-F1dYxOSfdeEfBSM41X0Cpug==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "6217a262002244ef3f2e8034076a735cafd9888a"
content-type: image/jpeg
age: 24138
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Poppins&display=swap

142.250.74.10

200 OK

67 kB

URL HTTP/2
fonts.googleapis.com/css?family=Poppins&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
67 kB (66852 bytes)
Hash
4414fbc5cb6eb172bc6402f3c0f39e1a
9d0928c91150b6b390292baf99e8fa08e4350114
cac2c8891f3eb889c14af6f4bdd543196fc1fc9540aa590ec2c737f850d2608b

HTTP Headers

GET /css?family=Poppins&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 04:17:18 GMT
date: Fri, 25 Nov 2022 04:17:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fiumicinobus.com/img/ryanair.jpg

185.136.89.218

200 OK

14 kB

URL HTTP/2
fiumicinobus.com/img/ryanair.jpg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 340x389, components 3\012- data
Size
14 kB (14385 bytes)
Hash
a6822e276e86fab61c3fee23c0cf7b48
594a1621bb23f51569ab3e25d16b210a15396044
c9ee6982de7160e1b1cec7b43e0dd5b4d161609838d35abe0a3674c02435f2fe

HTTP Headers

GET /img/ryanair.jpg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/jpeg
content-length: 14385
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-3831"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/img/blue-air.jpg

185.136.89.218

200 OK

11 kB

URL HTTP/2
fiumicinobus.com/img/blue-air.jpg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 340x389, components 3\012- data
Size
11 kB (10669 bytes)
Hash
0e56f0d4b72db0184956c1ccb4b8021f
3d33ccaa38b0b060fa42061de3a5b24237988cf0
4a21461655895ee5d7acaad11ac9c18102984314cd3849cda36c64d5be0548f3

HTTP Headers

GET /img/blue-air.jpg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/jpeg
content-length: 10669
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-29ad"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.fiumicinobus.com/img/es.svg

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/2
www.fiumicinobus.com/img/es.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/es.svg HTTP/1.1
Host: www.fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: text/html
content-length: 162
location: https://fiumicinobus.com/img/es.svg
X-Firefox-Spdy: h2

www.fiumicinobus.com/img/gb.svg

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/2
www.fiumicinobus.com/img/gb.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/gb.svg HTTP/1.1
Host: www.fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: text/html
content-length: 162
location: https://fiumicinobus.com/img/gb.svg
X-Firefox-Spdy: h2

fiumicinobus.com/js/app.js

185.136.89.218

200 OK

181 kB

URL HTTP/2
fiumicinobus.com/js/app.js
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
181 kB (180599 bytes)
Hash
6ac896d71bd30a59ac2d09441bc29934
59c312b1add948af6b21dcd716c0575fea2a1eb0
feb2b980b74fb7bfc0c6add512bf71e8e7537433902448002e333831d602c4f5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/app.js HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:18 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-a633f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.fiumicinobus.com/img/it.svg

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/2
www.fiumicinobus.com/img/it.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/it.svg HTTP/1.1
Host: www.fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: text/html
content-length: 162
location: https://fiumicinobus.com/img/it.svg
X-Firefox-Spdy: h2

fiumicinobus.com/img/moldova.jpg

185.136.89.218

200 OK

14 kB

URL HTTP/2
fiumicinobus.com/img/moldova.jpg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 340x389, components 3\012- data
Size
14 kB (13978 bytes)
Hash
7fb0c831db68ae3918e6c7d49ebfe43e
cae18e521af50ebfdec17ac04e33ea3b6e606e68
ddc98bd400bb00fce61348f5dc522e5f3b20c0e1610400d345fe1ac345e6922b

HTTP Headers

GET /img/moldova.jpg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/jpeg
content-length: 13978
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-369a"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.fiumicinobus.com/img/pt.svg

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/2
www.fiumicinobus.com/img/pt.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/pt.svg HTTP/1.1
Host: www.fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: text/html
content-length: 162
location: https://fiumicinobus.com/img/pt.svg
X-Firefox-Spdy: h2

fiumicinobus.com/img/volotea.jpg

185.136.89.218

200 OK

10 kB

URL HTTP/2
fiumicinobus.com/img/volotea.jpg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 340x389, components 3\012- data
Size
10 kB (10483 bytes)
Hash
c212d15bf772c4c25d413dee90a3093e
55daf7e92e79c34e15734b64dbf0e852995b7ee3
ff9f2038e9f1161d4119907c7e6b94fdbbe9b17d5017defd23fd11c083a84d31

HTTP Headers

GET /img/volotea.jpg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/jpeg
content-length: 10483
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-28f3"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/img/wizz.jpg

185.136.89.218

200 OK

17 kB

URL HTTP/2
fiumicinobus.com/img/wizz.jpg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 340x389, components 3\012- data
Size
17 kB (16700 bytes)
Hash
647470c8c3a7bd1821c5b5b7a63de688
3a1ff2d2ca31ca83f355d050c4c30f1eea98dcfa
2904400676c65f7da9894e0b9155ac0b4c94d387fcb5e603e8a26bb72d1846ee

HTTP Headers

GET /img/wizz.jpg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/jpeg
content-length: 16700
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-413c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.fiumicinobus.com/img/pl.svg

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/2
www.fiumicinobus.com/img/pl.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/pl.svg HTTP/1.1
Host: www.fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: text/html
content-length: 162
location: https://fiumicinobus.com/img/pl.svg
X-Firefox-Spdy: h2

www.fiumicinobus.com/img/ro.png

185.136.89.218

301 Moved Permanently

162 B

URL HTTP/2
www.fiumicinobus.com/img/ro.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /img/ro.png HTTP/1.1
Host: www.fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: text/html
content-length: 162
location: https://fiumicinobus.com/img/ro.png
X-Firefox-Spdy: h2

stats.busbeauvaisparis.com/matomo/matomo.php?action_name=Bus%20Fiumicino%20Roma.%20Comprar%20ticket%20Bus%20aeropuerto%20de%20Fiumicino&idsite=4&rec=1&r=394530&h=4&m=17&s=19&url=https%3A%2F%2Ffiumicinobus.com%2F&_id=a07158685fee9926&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=zTRPLw&pf_net=542&pf_srv=278&pf_tfr=1&pf_dm1=1161&uadata=%7B%7D

185.136.89.218

204 No Content

0 B

URL HTTP/2
stats.busbeauvaisparis.com/matomo/matomo.php?action_name=Bus%20Fiumicino%20Roma.%20Comprar%20ticket%20Bus%20aeropuerto%20de%20Fiumicino&idsite=4&rec=1&r=394530&h=4&m=17&s=19&url=https%3A%2F%2Ffiumicinobus.com%2F&_id=a07158685fee9926&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=zTRPLw&pf_net=542&pf_srv=278&pf_tfr=1&pf_dm1=1161&uadata=%7B%7D
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /matomo/matomo.php?action_name=Bus%20Fiumicino%20Roma.%20Comprar%20ticket%20Bus%20aeropuerto%20de%20Fiumicino&idsite=4&rec=1&r=394530&h=4&m=17&s=19&url=https%3A%2F%2Ffiumicinobus.com%2F&_id=a07158685fee9926&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=zTRPLw&pf_net=542&pf_srv=278&pf_tfr=1&pf_dm1=1161&uadata=%7B%7D HTTP/1.1
Host: stats.busbeauvaisparis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://fiumicinobus.com
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
access-control-allow-origin: https://fiumicinobus.com
access-control-allow-credentials: true
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2

fiumicinobus.com/img/home_bg_2.jpg

185.136.89.218

200 OK

65 kB

URL HTTP/2
fiumicinobus.com/img/home_bg_2.jpg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, manufacturer=Canon, model=Canon EOS 550D, xresolution=108, yresolution=116, resolutionunit=2], progressive, precision 8, 1912x610, components 3\012- data
Size
65 kB (64914 bytes)
Hash
435a0f6cdd6542c6128ca2166d0038c1
6fd409a25523a2ddca9ab7f027e2aa4651f6308a
afcb4f5c3739c398693a59aa47241c5b4b61813c20af9dc841a6372ed624a902

HTTP Headers

GET /img/home_bg_2.jpg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/jpeg
content-length: 64914
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-fd92"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/img/gb.svg

185.136.89.218

200 OK

834 B

URL HTTP/2
fiumicinobus.com/img/gb.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
834 B (834 bytes)
Hash
b518e6a9d34783d12f1d71b014e7abb6
05e325c26f7527f3eeb957ee5f426318f44b5e67
ce93c8a6b974d63998e263f6d25f898fc20580a28464457f2f4463b687e4fe8d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/gb.svg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiumicinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D; _pk_id.4.5b3b=a07158685fee9926.1669349839.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/svg+xml
content-length: 834
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "342-5e55507ee0f63"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

fiumicinobus.com/img/it.svg

185.136.89.218

200 OK

295 B

URL HTTP/2
fiumicinobus.com/img/it.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
295 B (295 bytes)
Hash
529a7e6acbba61dafee3d7dfa6be0612
8f11f413db0778773570dded673c79c9225c31da
d2c168050fc509adac1163b097b0ed409217560735b27802ae9259587c146562

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/it.svg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiumicinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D; _pk_id.4.5b3b=a07158685fee9926.1669349839.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/svg+xml
content-length: 295
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "127-5e55507ee1733"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

fiumicinobus.com/img/es.svg

185.136.89.218

200 OK

93 kB

URL HTTP/2
fiumicinobus.com/img/es.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2367)
Size
93 kB (92574 bytes)
Hash
f5311bf6aafc2459d2696b15aa933570
942a5a37d3455e70ca9b6b3710d3a32b6b137822
50e59681c6b6412498bd9cbfc473abedc713db75c54c538b839db3c394d64499

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/es.svg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiumicinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D; _pk_id.4.5b3b=a07158685fee9926.1669349839.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/svg+xml
content-length: 92574
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-1699e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/img/fr.svg

185.136.89.218

200 OK

295 B

URL HTTP/2
fiumicinobus.com/img/fr.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
295 B (295 bytes)
Hash
9a5dcb2a490e33157ea7335c0a0e5aaa
dd1e77f728abca0e5dffd1dd225e700d205b45f7
30ed2f68dc9a17927643640f48f3d2a858bd041770547035349c6e79713cd84e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/fr.svg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiumicinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D; _pk_id.4.5b3b=a07158685fee9926.1669349839.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/svg+xml
content-length: 295
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "127-5e55507ee0f63"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

fiumicinobus.com/img/pt.svg

185.136.89.218

200 OK

8.4 kB

URL HTTP/2
fiumicinobus.com/img/pt.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (606)
Size
8.4 kB (8393 bytes)
Hash
07f887f292303c33cff1f7edfff3bb70
7a75945aa92f7a3dd5aeb0cc01f3f8798d44e2d5
9aab20caed714ee47fc408f017037aea94a649b3ba4d87e2da37870ee31e4f92

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/pt.svg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiumicinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D; _pk_id.4.5b3b=a07158685fee9926.1669349839.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/svg+xml
content-length: 8393
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-20c9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/img/pl.svg

185.136.89.218

200 OK

225 B

URL HTTP/2
fiumicinobus.com/img/pl.svg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
225 B (225 bytes)
Hash
aa9329e76696c5835da30ce63de55721
80c26923e9b5914e3dd39719660c381ed89ef840
df8ec3d0ac33382e0b276fd1bfafb80b8914b4670f8e5676d9419f8bb5d89419

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/pl.svg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiumicinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D; _pk_id.4.5b3b=a07158685fee9926.1669349839.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/svg+xml
content-length: 225
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "e1-5e55507ee5d83"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

fiumicinobus.com/img/ro.png

185.136.89.218

200 OK

138 B

URL HTTP/2
fiumicinobus.com/img/ro.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 38 x 25, 8-bit/color RGB, non-interlaced\012- data
Size
138 B (138 bytes)
Hash
c43c3f93a9615869f6cc956dfe817779
cc5d45912b0935587b77e3360c89d1b0c910df2f
765ea57ad7fcf6aabd8da4b1b09a57b3f7faf818e4e8d92c0572703d1d78fb6b

HTTP Headers

GET /img/ro.png HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiumicinobus.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D; _pk_id.4.5b3b=a07158685fee9926.1669349839.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/png
content-length: 138
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "8a-5e55507ee616b"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

fiumicinobus.com/img/minus.png

185.136.89.218

200 OK

87 B

URL HTTP/2
fiumicinobus.com/img/minus.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 9 x 5, 8-bit/color RGBA, non-interlaced\012- data
Size
87 B (87 bytes)
Hash
2f9434c1015abb6e5e455d7a889c5dca
c2818954963dcdcf142d26174591eb90220a1696
b17b25a25184a8fd56784e859ff137b3842b2b175017a1252b1c8585cbe076b2

HTTP Headers

GET /img/minus.png HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D; _pk_id.4.5b3b=a07158685fee9926.1669349839.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/png
content-length: 87
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "57-5e55507ee55b3"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

fiumicinobus.com/img/plus.png

185.136.89.218

200 OK

92 B

URL HTTP/2
fiumicinobus.com/img/plus.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 8 x 8, 8-bit/color RGBA, non-interlaced\012- data
Size
92 B (92 bytes)
Hash
a0f055915bc97e33c668a31624ea56f7
531e0a16a7d2e017f892b6fb057feb2616bc18a4
b91acd4cbcc0d72d51e797aa2b26eee1510af26bcc0aceefc363552137ec6cd1

HTTP Headers

GET /img/plus.png HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D; _pk_id.4.5b3b=a07158685fee9926.1669349839.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/png
content-length: 92
x-accel-version: 0.01
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "5c-5e55507ee5d83"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

fiumicinobus.com/images/vendor/flag-icon-css/flags/4x3/es.svg?50623e6a761b392b5381ce35e8a77f99

185.136.89.218

200 OK

91 kB

URL HTTP/2
fiumicinobus.com/images/vendor/flag-icon-css/flags/4x3/es.svg?50623e6a761b392b5381ce35e8a77f99
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2714)
Size
91 kB (90819 bytes)
Hash
50623e6a761b392b5381ce35e8a77f99
ca76a86214554c7540cd3c98d8ceb2d2e22b6238
ab3d438837b7f1c4ebce6980cc9274cd2e6adcc8af9be6f5cfc47ef2c4c464e3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /images/vendor/flag-icon-css/flags/4x3/es.svg?50623e6a761b392b5381ce35e8a77f99 HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/svg+xml
content-length: 90819
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-162c3"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/img/cabecera_rya.jpg

185.136.89.218

200 OK

184 kB

URL HTTP/2
fiumicinobus.com/img/cabecera_rya.jpg
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1900x450, components 3\012- data
Size
184 kB (184439 bytes)
Hash
776398abca037577d5d50676be589f77
0d0e4e11f904771afd5f5fd6998a219ffffac7bc
35d97c2f09b9c68f34c6f226210380f08f5a4a77fdf213df0c8fea6bd47acc90

HTTP Headers

GET /img/cabecera_rya.jpg HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/jpeg
content-length: 184439
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-2d077"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fiumicinobus.com/img/traslado.png

185.136.89.218

200 OK

700 kB

URL HTTP/2
fiumicinobus.com/img/traslado.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
PNG image data, 1440 x 918, 8-bit/color RGB, non-interlaced\012- data
Size
700 kB (699896 bytes)
Hash
a43e9827ef74dff00657371548cabfbb
2d1e171bb8a651acd21692e7fde48f7b0f019150
9de53ff1fb6fc7403fb34fab9eb19139f3d307e5a1f5269c9564f3113ddae89e

HTTP Headers

GET /img/traslado.png HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: image/png
content-length: 699896
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-aadf8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 25 Nov 2022 02:41:08 GMT
expires: Fri, 25 Nov 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 5772
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-1721441.js?sv=6

54.230.111.8

200 OK

72 kB

URL HTTP/2
static.hotjar.com/c/hotjar-1721441.js?sv=6
IP
54.230.111.8:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (5909)
Size
72 kB (71548 bytes)
Hash
30765eb5ee4df4b84d5500aaf85b2b5e
6347fbd15e8d6262e58b6bb782dbd8baac56d95e
b3fc70d39aa4ee4aa0fb95552fe8c02f21fdc05b0d0244fae5f5d4e320963738

HTTP Headers

GET /c/hotjar-1721441.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 04:17:20 GMT
cache-control: max-age=60
etag: W/e3881b1412b8a8df5518f0252b3ad478
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fel_mlSs46bKiResGKQUoh7an1TsHRGi4kMIpXgxAyhMk0SZD3kWeg==
age: 25
X-Firefox-Spdy: h2

www.google-analytics.com/j/collect?v=1&_v=j98&a=2061459501&t=pageview&_s=1&dl=https%3A%2F%2Ffiumicinobus.com%2F&ul=en-us&de=UTF-8&dt=Bus%20Fiumicino%20Roma.%20Comprar%20ticket%20Bus%20aeropuerto%20de%20Fiumicino&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=572328427&gjid=1437800525&cid=496723999.1669349840&tid=UA-101106124-2&_gid=1497879193.1669349840&_r=1&gtm=2oub90&z=518383556

142.250.74.174

200 OK

1 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=2061459501&t=pageview&_s=1&dl=https%3A%2F%2Ffiumicinobus.com%2F&ul=en-us&de=UTF-8&dt=Bus%20Fiumicino%20Roma.%20Comprar%20ticket%20Bus%20aeropuerto%20de%20Fiumicino&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=572328427&gjid=1437800525&cid=496723999.1669349840&tid=UA-101106124-2&_gid=1497879193.1669349840&_r=1&gtm=2oub90&z=518383556
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?v=1&_v=j98&a=2061459501&t=pageview&_s=1&dl=https%3A%2F%2Ffiumicinobus.com%2F&ul=en-us&de=UTF-8&dt=Bus%20Fiumicino%20Roma.%20Comprar%20ticket%20Bus%20aeropuerto%20de%20Fiumicino&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=572328427&gjid=1437800525&cid=496723999.1669349840&tid=UA-101106124-2&_gid=1497879193.1669349840&_r=1&gtm=2oub90&z=518383556 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://fiumicinobus.com
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://fiumicinobus.com
date: Fri, 25 Nov 2022 04:17:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

143.204.55.105

200 OK

1.0 kB

URL HTTP/2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP
143.204.55.105:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size
1.0 kB (1035 bytes)
Hash
e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d

HTTP Headers

GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mK33hGv1-zqASxTcMrcUyFwS9-gl_UQPy7euVGHjFHZilUv-63I5_w==
age: 140834
X-Firefox-Spdy: h2

fiumicinobus.com/img/favicon.ico

185.136.89.218

200 OK

32 kB

URL HTTP/2
fiumicinobus.com/img/favicon.ico
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
32 kB (32038 bytes)
Hash
470ac769e31783d7e6ff8733d8d5a47d
6c3b510c99afa50b59e1edd0be4b67d13ecf12bd
a72779d89f095b976d583c78372684b1831f7a61378e54dfbd01b6da74b3021e

HTTP Headers

GET /img/favicon.ico HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D; _pk_id.4.5b3b=a07158685fee9926.1669349839.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:20 GMT
content-type: image/vnd.microsoft.icon
content-length: 32038
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: "62ea643b-7d26"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3f804cecb0f24ba0262c7ffa4be1c486
764b2df067dca86aba28ce6b7fac6b839ae47b65
d56c1086a852225b6edec51561658cf17f6b6eb351242011547ec3a781a25c73

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=130460
Date: Fri, 25 Nov 2022 04:17:20 GMT
Etag: "637f8cd6-1d7"
Expires: Sat, 26 Nov 2022 16:31:40 GMT
Last-Modified: Thu, 24 Nov 2022 15:25:10 GMT
Server: ECS (dcb/7F39)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: udfnNpL0T7V0FH44GEK4DMWZgZlUUTgI_MTU5bGxcJxWjJRJzie02A==
Age: 3991

fiumicinobus.com/js/vendors~components-Util-Flag~components-Widgets-LanguagePicker.68a8f69e7b8ca791048c.js

185.136.89.218

200 OK

0 B

URL HTTP/2
fiumicinobus.com/js/vendors~components-Util-Flag~components-Widgets-LanguagePicker.68a8f69e7b8ca791048c.js
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/vendors~components-Util-Flag~components-Widgets-LanguagePicker.68a8f69e7b8ca791048c.js HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-16a07"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/js/components-Divs-Card.427a4fc01b3c083137ca.js

185.136.89.218

200 OK

0 B

URL HTTP/2
fiumicinobus.com/js/components-Divs-Card.427a4fc01b3c083137ca.js
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/components-Divs-Card.427a4fc01b3c083137ca.js HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-753"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/css/custom.css

185.136.89.218

200 OK

0 B

URL HTTP/2
fiumicinobus.com/css/custom.css
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/custom.css HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/css/base.css
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:18 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-131f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/js/components-BusJourneySelector.9cf88cfa67f6b3f4e416.js

185.136.89.218

200 OK

0 B

URL HTTP/2
fiumicinobus.com/js/components-BusJourneySelector.9cf88cfa67f6b3f4e416.js
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/components-BusJourneySelector.9cf88cfa67f6b3f4e416.js HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:19 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-3de4"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Gochi+Hand|Lato:300,400|Montserrat:400,400i,700,700i

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Gochi+Hand|Lato:300,400|Montserrat:400,400i,700,700i
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Gochi+Hand|Lato:300,400|Montserrat:400,400i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 04:17:18 GMT
date: Fri, 25 Nov 2022 04:17:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 04:17:18 GMT
date: Fri, 25 Nov 2022 04:17:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fiumicinobus.com/css/app.css

185.136.89.218

200 OK

0 B

URL HTTP/2
fiumicinobus.com/css/app.css
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/app.css HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:18 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-3f8ae"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/css/style.css

185.136.89.218

200 OK

0 B

URL HTTP/2
fiumicinobus.com/css/style.css
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/style.css HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/css/base.css
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:18 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 12:04:11 GMT
etag: W/"62ea643b-11ec6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/img/apple-touch-icon-144x144-precomposed.png

185.136.89.218

404 Not Found

0 B

URL HTTP/2
fiumicinobus.com/img/apple-touch-icon-144x144-precomposed.png
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/apple-touch-icon-144x144-precomposed.png HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiumicinobus.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D; _pk_id.4.5b3b=a07158685fee9926.1669349839.; _pk_ses.4.5b3b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Fri, 25 Nov 2022 04:17:20 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.33
cache-control: no-cache, private
content-encoding: br
X-Firefox-Spdy: h2

fiumicinobus.com/

185.136.89.218

200 OK

0 B

URL HTTP/2
fiumicinobus.com/
IP
185.136.89.218:0
ASN
#12338 Euskaltel S.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: fiumicinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:17:17 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6ImdaWUNla3QySW9kanVhZkNYUEVpR3c9PSIsInZhbHVlIjoidU5NNkl1RzllZGhpZUw1UzRxK1VIaE9BWjdhYmloT3BJVFZlamNla0t3QUYweFNGNzZadWxPVy9Mc0M3Znd0T3VDTTd5QVN5cFFSTlIzbWVoR2dIb1VpTEtQdWIxR3BoajZLd3Z6YVVHSTY4cUFTMEtiSFlJRG16cm9ZVVVTajQiLCJtYWMiOiIxZTBjMmUwNzc0MDA1NDZhYjBjYTk4ZDg2YWE0YTUzMDgyMTZiYzBiYTkxMThkYzI5ODFiOGIxNDljY2E2OTVkIn0%3D; expires=Fri, 25-Nov-2022 06:17:17 GMT; Max-Age=7200; path=/
fiumicinobus_session=eyJpdiI6IlRBSU95WTRZL1ZPVHdDT2hIbmNxK2c9PSIsInZhbHVlIjoidjc1NVFIQm1xaGJOWjUvMUFVZ0xhNzdDS0k1SDJvb3BKdE9nbDBlN1V1Q1IrRzBydnNNOU50S3BCdk1lWHBPOXh2ZU5kSklKc2hrMVMzUXhGZEo5d09Od1BQRHpnS3YzRmFJMjNMalhtUnpZRmNhc1F5b0s5VXF4SFM4UnlGbHgiLCJtYWMiOiIwYjZiMGY4Zjg5ZjYzYjc3ZGJkMzJkNDhkNmZhNTJmMTg1OGQzYzlhMTQyZGQzMzg1M2UyYWFhOWU1MjM1NTUxIn0%3D; expires=Fri, 25-Nov-2022 06:17:17 GMT; Max-Age=7200; path=/; httponly
x-powered-by: PHP/7.3.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations