ofux.xyz Open in urlscan Pro
2606:4700:3030::6815:4320 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Submission: On February 22 via manual (February 22nd 2021, 7:20:55 am UTC) from IT

Summary HTTP 95 Redirects Links 84 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 95 HTTP transactions. The main IP is 2606:4700:3030::6815:4320, located in United States and belongs to CLOUDFLARENET, US. The main domain is ofux.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 5th 2021. Valid for: a year.

This is the only time ofux.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Unicredit (Banking)

Domain & IP information

	IP Address	AS Autonomous System
53	2606:4700:303... 2606:4700:3030::6815:4320	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	213.134.65.20 213.134.65.20	15515 (UNICREDIT...) (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16)
1	213.134.65.21 213.134.65.21	15515 (UNICREDIT...) (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16)
95	4

53 2606:4700:3030::6815:4320 (United States)

ASN13335 (CLOUDFLARENET, US)

ofux.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 213.134.65.20 (Milan, Italy)

ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT)

content.unicredit.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.134.65.21 (Milan, Italy)

ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT)

ebank.unicredit.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	ofux.xyz ofux.xyz	23 KB
42	unicredit.it content.unicredit.it ebank.unicredit.it	2 MB
95	2

	Domain	Requested by
53	ofux.xyz	ofux.xyz
41	content.unicredit.it	ofux.xyz content.unicredit.it
1	ebank.unicredit.it	ofux.xyz
95	3

This site contains links to these domains. Also see Links.

Domain
www.unicredit.it
shop.unicredit.it
www.unicreditsubitocasa.it
www.facebook.com
plus.google.com
www.linkedin.com
www.youtube.com
twitter.com
www.pinterest.com
www.consob.it
unicreditgroup.eu
www.unicreditgroup.eu
online-retail.unicredit.it
online.unicreditcorporate.it

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.content.unicredit.it Actalis Organization Validated Server CA G3	`2020-09-18` - `2021-09-18`	a year	crt.sh
ebank.unicredit.it Actalis Organization Validated Server CA G3	`2020-10-08` - `2021-10-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Frame ID: 2617F8A9F11AFC5F98A34498335D58FE
Requests: 97 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/etc\/designs\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/etc\/designs\//i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

95
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

2242 kB
Transfer

4468 kB
Size

0
Cookies

84 Outgoing links

These are links going to different origins than the main page.

URL: https://www.unicredit.it/it/privati.html
Title:

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/private.html
Title: Private Banking

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/piccole-imprese.html
Title: imprese

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/corporate.html
Title: Corporate Banking

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/settore-pubblico.html
Title: Settore Pubblico

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/chi-siamo.html
Title: Chi Siamo

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/contatti-e-agenzie.html
Title: Contatti e Filiali

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/conti-correnti.html
Title: Conti correnti Conti correnti

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/carte.html
Title: Carte Carte

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/prestiti.html
Title: Prestiti Prestiti

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/mutui.html
Title: Mutui Mutui

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/investimenti-e-risparmio.html
Title: Investimenti e risparmio Investimenti e risparmio

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/assicurazioni.html
Title: Assicurazioni Assicurazioni

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/internet-e-mobile.html
Title: Internet e Mobile Internet e Mobile

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/investimenti-e-risparmio/tutti-gli-investimenti/unicredit_pir/unicredit_pir.html?intcid=INT-SE00130
Title: Perché le cose fatte a regola d'arte sono quelle che durano nel tempo

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/conti-correnti/tutti-i-conti/conto-modulare/conto-corrente-mygenius-unicredit.html?intcid=INT-SE00145
Title: Prima apro il conto, poi il mio regalo.

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/mutui/tutti-i-mutui/per-la-casa/mutuo-unicredit-tasso-fisso.html?intcid=INT-SE00141
Title: Comprare casa è la mia prossima tappa.

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/prestiti/tutti-i-prestiti/per-le-esigenze-di-tutti-i-giorni/creditexpress-dynamic.html?intcid=INT-SE00135
Title: Cambiare salotto o camera da letto? Entrambi!

Search URL Search Domain Scan URL

URL: https://shop.unicredit.it/it/privati/contoonline/prodotti?intcid=INT-SE00005
Title: Apri un Conto

Search URL Search Domain Scan URL

URL: https://www.unicreditsubitocasa.it/?ucid=ILC-952&intcid=INT-SE00133
Title: Scopri di più

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/investimenti-e-risparmio/consulenza_unicredit.html?intcid=INT-SE00131
Title: Scopri di più

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/assicurazioni/tutte-le-assicurazioni/protezione-auto-e-moto/guida-protetta-auto.html?intcid=INT-SE00132
Title: Scopri di più

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/contatti-e-agenzie/locator.html
Title:

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/contatti-e-agenzie/telefonaci.html
Title:

Search URL Search Domain Scan URL

URL: https://www.unicreditsubitocasa.it/?ucid=ILC-843
Title: UniCredit Subito Casa Società di Intermediazione Immobiliare del Gruppo UniCredit

Search URL Search Domain Scan URL

URL: https://www.facebook.com/unicredititalia

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/+unicredit

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/unicredit

Search URL Search Domain Scan URL

URL: https://www.youtube.com/unicreditchannel

Search URL Search Domain Scan URL

URL: https://twitter.com/UniCredit_IT

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/unicredit/

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/info/trasparenzabancaria.html
Title:

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/info/dati-societari.html
Title: Dati societari

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/info/sicurezza.html
Title: Sicurezza

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/info/reclami-ricorsi-e-conciliazione.html
Title: Reclami, ricorsi e conciliazione

Search URL Search Domain Scan URL

URL: http://www.consob.it/web/area-pubblica/arbitro-per-le-controversie-finanziarie
Title: Arbitro per le controversie finanziarie

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/info/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/info/informativa-cookies.html
Title: Informativa Cookies

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/info/normativa-mifid.html
Title: Normativa MiFID

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/info/obbligazioni-pb.html
Title: Obbligazioni - Disclaimer

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/info/manifestazioni-a-premio.html
Title: Manifestazioni a premio

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/info/rapporti-dormienti.html
Title: Rapporti dormienti

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/info/sepa.html
Title: SEPA

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/info/operazioni-di-cartolarizzazione.html
Title: Operazioni di cartolarizzazione

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/info/certificazione-qualita-tesoreria-enti.html
Title: Certificazione Qualità Tesoreria Enti

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/info/dizionario-finanziario.html
Title: Dizionario Finanziario

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/info/disclaimer.html
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/conti-correnti/tutti-i-conti.html
Title: Conti Correnti

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/carte/tutte-le-carte.html
Title: Carte

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/prestiti/tutti-i-prestiti.html
Title: Prestiti

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/mutui/tutti-i-mutui.html
Title: Mutui

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/investimenti-e-risparmio/tutti-gli-investimenti.html
Title: Investimenti e Risparmio

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/assicurazioni/tutte-le-assicurazioni.html
Title: Assicurazioni

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/privati/internet-e-mobile/tutti-i-servizi-internet-e-mobile.html
Title: Internet e Mobile

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/private/il-nostro-private-banking/la-nostra-consulenza.html
Title: Il nostro Private Banking

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/private/consulenza-specialistica/la-nostra-consulenza.html
Title: Consulenza Specialistica

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/private/soluzioni-di-investimento/tutte-le-soluzioni-di-investimento.html
Title: Soluzioni di investimento

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/private/soluzioni-assicurative/tutti-i-prodotti-e-servizi.html
Title: Soluzioni assicurative

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/private/soluzioni-bancarie/tutti-i-prodotti-e-servizi.html
Title: Soluzioni bancarie

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/piccole-imprese/conti-correnti/tutti-i-conti-correnti.html
Title: Conti Correnti

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/piccole-imprese/finanziamenti/tutti-i-finanziamenti.html
Title: Finanziamenti

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/piccole-imprese/incassi-e-pagamenti/tutti-i-prodotti-di-incasso-e-pagamento.html
Title: Incassi e Pagamenti

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/piccole-imprese/investimenti-e-risparmio/tutte-le-formule-d-investimento.html
Title: Investimenti e Risparmio

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/piccole-imprese/gestione-rischi/tutti-i-prodotti-per-la-protezione-della-tua-impresa.html
Title: Gestione Rischi

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/piccole-imprese/international/tutti-i-prodotti-per-l-estero.html
Title: International

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/piccole-imprese/internet-e-mobile/tutti-i-servizi-internet-e-mobile.html
Title: Internet e Mobile

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/corporate/perche-unicredit/servizi-offerti.html
Title: Perchè UniCredit

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/corporate/incassi-e-pagamenti/prodotti-di-incasso-e-pagamento.html
Title: Incassi e Pagamenti

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/corporate/finanziamenti/prodotti-di-finanziamento.html
Title: Finanziamenti

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/corporate/estero/prodotti-e-servizi-per-l-estero.html
Title: Estero

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/corporate/rischi-e-liquidita/gestione-rischi.html
Title: Rischi e Liquidità

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/corporate/investment-banking/tutti-i-servizi.html
Title: Investment Banking

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/chi-siamo/presenza-in-italia.html
Title: Presenza in Italia

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/chi-siamo/noi-e-le-imprese.html
Title: Noi e le Imprese

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/chi-siamo/noi-e-il-sociale.html
Title: Noi e il sociale

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/chi-siamo/sponsorship.html
Title: Sponsorship

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/chi-siamo/educazione-finanziaria.html
Title: Educazione finanziaria

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/chi-siamo/sostegno-e-solidarieta.html
Title: Sostegno e solidarietà

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/chi-siamo/lavora-con-noi.html
Title: Lavora con noi

Search URL Search Domain Scan URL

URL: https://www.unicredit.it/it/chi-siamo/superindice-minisite.html
Title: Superindice

Search URL Search Domain Scan URL

URL: http://unicreditgroup.eu/it/uefa.html?ucid=ILC-IG1087
Title:

Search URL Search Domain Scan URL

URL: https://www.unicreditgroup.eu/
Title:

Search URL Search Domain Scan URL

URL: https://online-retail.unicredit.it/nb/it/SbloccoUtenza.faces
Title: Hai dimenticato i tuoi dati d'accesso (Codice di Adesione e PIN)?

Search URL Search Domain Scan URL

URL: https://online.unicreditcorporate.it/nb/it/uniweb.html
Title: UNIWEB

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

95 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request web.php Show response
ofux.xyz/scam/unic/ 98 KB
19 KB 104ms
76ms Document
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae2dd0d0af6f700f6439b9ba45edfd63098c9eae25e5c33ead633eaba38f9a52

Request headers

:method: GET
:authority: ofux.xyz
:scheme: https
:path: /scam/unic/web.php?ip=172.68.10.164
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:23 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d71d6fb8f7719ac04e03a312d3ab5335c1613978423; expires=Wed, 24-Mar-21 07:20:23 GMT; path=/; domain=.ofux.xyz; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 086a35697900001f2d47862000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BETnsaf675JlKPxkn28Q6DMtuEU3XGCVdb68aVVg3s4emGbLlfbmB6BiI9UN6Qyg94KjQPb5InYB17oN52WoW4bvSxxC5OUMAKBQ5aHy8VVC34jMPA%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6256f1bbfbac1f2d-FRA
content-encoding: br

GET
H2 404 ld.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 83ms
77ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/ld.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9W5AdWTj4Aa3H26bA3RJSFDm4XKlPyEmQU55YaLMBMRlj%2BsYGadFAZahav92oAjeB7Cz1uHTRaOWmoxSlMRy7y71JkxTIFSIHdRit6yrdaWWsjDD%2Bw%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bc7c0d1f2d-FRA
cf-request-id: 086a3569ce00001f2d6f8bc000000001

GET
H/1.1 200
OK main.js Show response
content.unicredit.it/etc/designs/ucpublic/it/clientlibs/ 690 KB
215 KB 270ms
48ms Script
application/x-javascript 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/ucpublic/it/clientlibs/main.js

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

4c9fd0a58c6260cedd14670e551618e69ebb0b1b4f731fc91a13a7c8bab14fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 01:25:04 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
VTS-H3: GP RM AS
Cache-Control: max-age=28800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Expires: Mon, 22 Feb 2021 15:20:23 GMT

GET
H/1.1 200
OK font-families.css
content.unicredit.it/etc/designs/ucpublic/it/css/ 2 KB
1 KB 198ms
45ms Stylesheet
text/css 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/ucpublic/it/css/font-families.css

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

0b355889ce41dc787839ca9c6c6e6e7e6a7cca98e78c6778de78d9238c82077a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 373
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:02:02 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: text/css
VTS-H3: GP RM AS
Cache-Control: max-age=14400
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Expires: Mon, 22 Feb 2021 11:20:23 GMT

GET
H/1.1 200
OK font_public.css
content.unicredit.it/etc/designs/ucpublic/it/css/ 38 KB
22 KB 200ms
46ms Stylesheet
text/css 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/ucpublic/it/css/font_public.css

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

7840a0189a3f40d335e47aa8e2c5b6e97a94881fc4e3812e654dcf7fab4a8d82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 21522
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:09:27 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: text/css
VTS-H3: GP RM AS
Cache-Control: max-age=14400
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Mon, 22 Feb 2021 11:20:23 GMT

GET
H/1.1 200
OK font_extra.css
content.unicredit.it/etc/designs/ucpublic/it/css/ 47 KB
21 KB 200ms
46ms Stylesheet
text/css 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/ucpublic/it/css/font_extra.css

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

0caa580cfb101af5584b2636965829b0b8be12959bbc186c2a9b4159c0658723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 20831
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:09:28 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: text/css
VTS-H3: GP RM AS
Cache-Control: max-age=14400
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=23
Expires: Mon, 22 Feb 2021 11:20:23 GMT

GET
H/1.1 200
OK font_multicolor.css
content.unicredit.it/etc/designs/ucpublic/it/css/ 22 KB
3 KB 215ms
46ms Stylesheet
text/css 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/ucpublic/it/css/font_multicolor.css

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

84aac2bcdfe16fbbb3366891ce10865af89b1e213387419e7b246931d0cb63ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 2341
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:01:02 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: text/css
VTS-H3: GP RM AS
Cache-Control: max-age=14400
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=56
Expires: Mon, 22 Feb 2021 11:20:23 GMT

GET
H/1.1 200
OK font_mono.css
content.unicredit.it/etc/designs/ucpublic/it/css/ 4 KB
2 KB 216ms
47ms Stylesheet
text/css 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/ucpublic/it/css/font_mono.css

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

9a7ac62cc77451f48ba86d34c290f3e9d8d24b1307c4ab65e72729c7e17cdc42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1016
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:09:02 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: text/css
VTS-H3: GP RM AS
Cache-Control: max-age=14400
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=51
Expires: Mon, 22 Feb 2021 11:20:23 GMT

GET
H/1.1 200
OK primefaces.js Show response
content.unicredit.it/etc/designs/gimb/js/foundation/ 482 KB
98 KB 288ms
48ms Script
application/x-javascript 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/gimb/js/foundation/primefaces.js

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

52704374a2f9953f76f3a435e43bb4bef71ced63d0be8a4f843e374dd76814ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:01:02 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
VTS-H3: GP RM AS
Cache-Control: max-age=28800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=44
Expires: Mon, 22 Feb 2021 15:20:24 GMT

GET
H/1.1 200
OK atmosphere.js Show response
content.unicredit.it/etc/designs/gimb/js/foundation/ 123 KB
26 KB 319ms
51ms Script
application/x-javascript 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/gimb/js/foundation/atmosphere.js

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

fd1e4f1e34d953e02687a8ac674f787ad7472846c2297d1491f312288d45378b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:09:24 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
VTS-H3: GP RM AS
Cache-Control: max-age=28800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Expires: Mon, 22 Feb 2021 15:20:24 GMT

GET
H/1.1 200
OK watermark.js Show response
content.unicredit.it/etc/designs/gimb/js/foundation/ 5 KB
3 KB 343ms
48ms Script
application/x-javascript 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/gimb/js/foundation/watermark.js

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

e5a6c207a3153f5650a788e557e1d67626f2f6035f602503b1d54d6a8151e95a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 2099
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:01:48 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
VTS-H3: GP RM AS
Cache-Control: max-age=28800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=28
Expires: Mon, 22 Feb 2021 15:20:24 GMT

GET
H/1.1 200
OK modal.js Show response
content.unicredit.it/etc/designs/gimb/js/foundation/ 10 KB
4 KB 353ms
47ms Script
application/x-javascript 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/gimb/js/foundation/modal.js

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

102481f4363d9070b4bf992b3c1d6c4d3e59f41e1a5384eb7cc56b2fa0a03da2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 3126
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:03:03 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
VTS-H3: GP RM AS
Cache-Control: max-age=28800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=65
Expires: Mon, 22 Feb 2021 15:20:24 GMT

GET
H/1.1 200
OK tooltip.js Show response
content.unicredit.it/etc/designs/gimb/js/foundation/ 21 KB
7 KB 379ms
42ms Script
application/x-javascript 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/gimb/js/foundation/tooltip.js

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

efef210198a75adacd0d3e726500fde192fc94320e4acbf90eb3a4d877215a2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 6504
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:09:11 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
VTS-H3: GP RM AS
Cache-Control: max-age=28800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=35
Expires: Mon, 22 Feb 2021 15:20:24 GMT

GET
H/1.1 200
OK popover.js Show response
content.unicredit.it/etc/designs/gimb/js/foundation/ 3 KB
2 KB 391ms
47ms Script
application/x-javascript 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/gimb/js/foundation/popover.js

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

415e3c557d74388c551d77497112a216601c88025d95e3c28b3fad4082d8863e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1285
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:01:10 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
VTS-H3: GP RM AS
Cache-Control: max-age=28800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=55
Expires: Mon, 22 Feb 2021 15:20:24 GMT

GET
H/1.1 200
OK jquery.slimscroll.min.js Show response
content.unicredit.it/etc/designs/gimb/js/foundation/ 5 KB
3 KB 393ms
48ms Script
application/x-javascript 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/gimb/js/foundation/jquery.slimscroll.min.js

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

f6d91c956229c639db9742a86d72121021f2abe4a2a6ee502a4d74bab3dd2669

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1957
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:09:29 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
VTS-H3: GP RM AS
Cache-Control: max-age=28800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=41
Expires: Mon, 22 Feb 2021 15:20:24 GMT

GET
H/1.1 200
OK safari-ios-fix.js Show response
content.unicredit.it/etc/designs/gimb/js/ 224 B
900 B 399ms
46ms Script
application/x-javascript 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/gimb/js/safari-ios-fix.js

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

58b092284e9a5001d629b3d304c97dd3d5c2c9db08e180b131d8d1828225560b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Feb 2021 00:09:29 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
VTS-H3: GP RM AS
Cache-Control: max-age=28800
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 224
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=50
Expires: Mon, 22 Feb 2021 15:20:24 GMT

GET
H/1.1 200
OK infotip.js Show response
content.unicredit.it/etc/designs/gimb/js/ 14 KB
6 KB 422ms
43ms Script
application/x-javascript 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/gimb/js/infotip.js

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

8cc47268cb93de1a0ec156c2bc0027836df8e4237b48a1b8f3dc7a5047d6f451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 5183
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:01:41 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
VTS-H3: GP RM AS
Cache-Control: max-age=28800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=64
Expires: Mon, 22 Feb 2021 15:20:24 GMT

GET
H/1.1 200
OK locale.js Show response
content.unicredit.it/etc/designs/gimb/js/ 2 KB
2 KB 432ms
42ms Script
application/x-javascript 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/gimb/js/locale.js

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

3d5ae598a7eb6da24443442a121a2315f994537592afbbb35cc9866cec217b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 914
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:09:11 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
VTS-H3: GP RM AS
Cache-Control: max-age=28800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Expires: Mon, 22 Feb 2021 15:20:24 GMT

GET
H/1.1 200
OK page-inject-backend.js Show response
content.unicredit.it/etc/designs/gimb/js/platform/ 14 KB
5 KB 438ms
48ms Script
application/x-javascript 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/gimb/js/platform/page-inject-backend.js

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

58c68e54fa22256230a3fdf653b42eea2488d91bb34fc4a50c756d1030b7f210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 4495
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:01:41 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
VTS-H3: GP RM AS
Cache-Control: max-age=28800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=27
Expires: Mon, 22 Feb 2021 15:20:24 GMT

GET
H/1.1 200
OK hashtable.js Show response
content.unicredit.it/etc/designs/gimb/js/ 13 KB
4 KB 440ms
47ms Script
application/x-javascript 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/gimb/js/hashtable.js

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

ef62646b0b21053bd22e4069e956d629cd4a64b4e35aeaaca0b522123b242c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 3733
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:01:41 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
VTS-H3: GP RM AS
Cache-Control: max-age=28800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=59
Expires: Mon, 22 Feb 2021 15:20:24 GMT

GET
H/1.1 200
OK deviceprint.js Show response
content.unicredit.it/etc/designs/gimb/js/ 58 KB
14 KB 449ms
50ms Script
application/x-javascript 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/gimb/js/deviceprint.js

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

ba897478536f33a2b28250672b30d4194ef073cfc7e928a1c6c4cfb19689b278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 13666
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:01:21 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
VTS-H3: GP RM AS
Cache-Control: max-age=28800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=14
Expires: Mon, 22 Feb 2021 15:20:24 GMT

GET
H/1.1 200
OK header-notifications.js Show response
content.unicredit.it/etc/designs/gimb/js/ 4 KB
2 KB 446ms
42ms Script
application/x-javascript 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/gimb/js/header-notifications.js

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

04209d703002badaf98089a660f0ec892c5e48656f173a731be83ed3b47f5a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1149
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:01:20 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
VTS-H3: GP RM AS
Cache-Control: max-age=28800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Expires: Mon, 22 Feb 2021 15:20:24 GMT

GET
H/1.1 200
OK CampaignAttributeManagement.js Show response
content.unicredit.it/etc/designs/gimb/js/ 5 KB
3 KB 472ms
51ms Script
application/x-javascript 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/gimb/js/CampaignAttributeManagement.js

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

33dab4eb3a92482076a0670dfe1737198c2d9952d446a64bb0e5cc79216f5205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 2323
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:09:02 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
VTS-H3: GP RM AS
Cache-Control: max-age=28800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Expires: Mon, 22 Feb 2021 15:20:24 GMT

GET
H/1.1 200
OK common.css
content.unicredit.it/etc/designs/gimb/css/ 350 KB
78 KB 218ms
52ms Stylesheet
text/css 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/gimb/css/common.css

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

cf56a2f91b7520139d658bff6bbca2ea7d59256955615e6597f3a0a823de8a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:09:34 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: text/css
VTS-H3: GP RM AS
Cache-Control: max-age=14400
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=42
Expires: Mon, 22 Feb 2021 11:20:23 GMT

GET
H/1.1 200
OK portal-override.css
content.unicredit.it/etc/designs/gimb/css/ 1 KB
1 KB 235ms
41ms Stylesheet
text/css 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/gimb/css/portal-override.css

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

25276820517cd93c93d58c13cc4641a943bfcb85dde8494cad06da61ceb2124f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 575
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:01:42 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: text/css
VTS-H3: GP RM AS
Cache-Control: max-age=14400
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Expires: Mon, 22 Feb 2021 11:20:23 GMT

GET
H/1.1 200
OK bootstrap.css
content.unicredit.it/etc/designs/gimb/css/ 143 KB
26 KB 265ms
54ms Stylesheet
text/css 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/gimb/css/bootstrap.css

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

b01a132d67911824c606f6138c75960eb09ce8e4ad06c0045518603dcd2e4afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:01:21 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: text/css
VTS-H3: GP RM AS
Cache-Control: max-age=14400
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=15
Expires: Mon, 22 Feb 2021 11:20:23 GMT

GET
H/1.1 200
OK primefaces.css
content.unicredit.it/etc/designs/gimb/css/ 54 KB
12 KB 264ms
52ms Stylesheet
text/css 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/gimb/css/primefaces.css

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

5d016ed1e0779e403380c81ec700c1d8e15a210b6c99a93f1e1e9f0e1a281c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 12026
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:01:19 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: text/css
VTS-H3: GP RM AS
Cache-Control: max-age=14400
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=67
Expires: Mon, 22 Feb 2021 11:20:23 GMT

GET
H/1.1 200
OK main.css
content.unicredit.it/etc/designs/ucpublic/it/clientlibs/ 463 KB
90 KB 263ms
46ms Stylesheet
text/css 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/ucpublic/it/clientlibs/main.css

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

c6e655fb906975abfe68518cc3d0fdf5b7a4cf703af2f15ef24671e2805a96bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Feb 2021 00:02:12 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: text/css
VTS-H3: GP RM AS
Cache-Control: max-age=14400
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=65
Expires: Mon, 22 Feb 2021 11:20:23 GMT

GET
H2 404 keep-alive.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 76ms
74ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/keep-alive.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1Hhj31gaud0%2B0unXprv8bYFdbDAuJIlT1CD6R1zo%2FYNmPB%2FCZKxQsDA5OqtelA88s%2BfrrLgS6qjyq07YBRwFEL2depJlz%2BEhA8DBA3LzwmFiW4lROg%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bc8c181f2d-FRA
cf-request-id: 086a3569d300001f2d81a4d000000001

GET
H2 404 placeholderCrmProducts.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 76ms
74ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/placeholderCrmProducts.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X5sNbLvJ%2F%2BeU1hKgMbu9IcxUVkdWp%2BT0UiKyPc7omtDhapm9xL3L84CwKFW8KT7nqcOTN%2FnJ9VoT%2BA5vvm3aIPuJZCNXLOtoPY8PXDCrFn0bZ7Bejw%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bc8c191f2d-FRA
cf-request-id: 086a3569d300001f2d92382000000001

GET
H2 404 utag_004.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 3710ms
3704ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/utag_004.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:27 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4%2BF6%2FSClBs848DIuegdQBfWGVmbaLuY8BF%2FCLtQUyr3mlfqYvLPJ%2BI%2BESuQZaUdaz9c0Cx0YtfyMpNks%2FUTdh2Kjthuq8REglKqOhrISvsqNL1FZdw%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdefe1f2d-FRA
cf-request-id: 086a356be400001f2d64ac9000000001

GET
H2 404 utag_003.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 2715ms
2709ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/utag_003.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:26 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bYmlGhiUqehCj9PK1nKBt%2F2ysIpMsvJxKZrjRUZWb6vxRU%2FWYDfk4ABRi5TvcvHc8NMcGZ5SdAomEExmVA%2BuNiiyFuW%2FsrRsk7UJNgi7sucmGYIiBw%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdeff1f2d-FRA
cf-request-id: 086a356be400001f2db3152000000001

GET
H2 404 utag_005.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 4595ms
4589ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/utag_005.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:28 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KT4gw0N7%2Bz1d9Pm37znTga5212Tm4Z5YGSmPOueZvxT%2BA0wP1vEnfiZ9Iw49aIl6DESOiRdi82cNf%2B7DN9e8T0qAMLHsmB2F5letkF%2Fn54pLSZPwxg%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdf001f2d-FRA
cf-request-id: 086a356be500001f2dae279000000001

GET
H2 404 utag.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 5017ms
5011ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/utag.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:29 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BzAE1cH1spSCloTUWB0raWHE6sZm0ZuR6RAM1f8bcO2tsVNtRZrxJ7fUkJb45b5RWSA5isaRM8s9IFZG8rD2avHO%2BwBN%2F99oqz685HkCBz4bP0AAmg%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdf011f2d-FRA
cf-request-id: 086a356be500001f2d4ca17000000001

GET
H2 404 utag_009.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 7728ms
7722ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/utag_009.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:32 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TNQsPAFWapNpkaJrjditJk%2BB5G9pVJ%2BHabeDQsLcd7FXeKPxMk2bFmholdTkvYvhd9JppE61Lghn1%2Bz33x09mJzY%2BxDkGUqyHEWUmNwFLrmgOiTpVA%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdf021f2d-FRA
cf-request-id: 086a356be900001f2d4ca18000000001

GET
H2 404 utag_007.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 5076ms
5071ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/utag_007.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:29 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vLhFYKFgyVe%2BkAYI9jPVlPJ3vb%2FXQArMjWU9syFUPxejnZeZQ0aarQ0BuJXqGDH6RIx%2BxmlQgRuo%2FpX6plIde9fzjZNKk5tZGO0m%2Bb%2FXOyHPcxFdhA%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdf031f2d-FRA
cf-request-id: 086a356be500001f2d708ac000000001

GET
H2 404 utag_006.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 4717ms
4711ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/utag_006.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:28 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V%2F4SuyNmQry4uQpMXLBFLUyWJ3AVZ0%2FMUQEg0i5C%2FmWk2hLDZUxQq8T3suVrh2GFr79rAqe2JSaP2kv5j6wJHpKsNGxjIhScrVo5UyKiZ3HU7z7KGg%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdf041f2d-FRA
cf-request-id: 086a356be500001f2da3beb000000001

GET
H2 404 utag_008.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 5083ms
5078ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/utag_008.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:29 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aZcYscHPUvIdItw0I8FhxwLQxD1N1kC8esOghdwaltOSCZhBRhU6216XwR%2B3pCQbwDGmonAgArpjHpKabIeoGv6TD6ttqBZIyTkWArF4baRvzeQ6ow%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdf061f2d-FRA
cf-request-id: 086a356be800001f2da3bec000000001

GET
H2 404 ucg.txt
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 4605ms
4599ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/ucg.txt
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 086a356be600001f2d7998c000000001
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Mon, 22 Feb 2021 07:20:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oSaIO7%2FKjD4igk1z5rqraZJmUikQhOsvsoQQTfccUU3ljaRB44f42y%2FwvwB1D7swhpJk0FH9DMcJcyRlj3Hgbpc%2BA7u5qSmjuaUzpdODInC6zcTylw%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cf-ray: 6256f1bfdf071f2d-FRA

GET
H2 404 utag_011.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 6733ms
6728ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/utag_011.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:31 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uC6NY1%2BUCWE4XGwhEqkmVoK6VpkP2Z78iMu4wjwqtRKvRGmZRy2wG9rtqCPWh9AU9AjKNfNnReGdN04nY9158Dz2p6rQIKC6rs4MKawIBDzgAZ1%2F7g%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdf091f2d-FRA
cf-request-id: 086a356be800001f2d999e2000000001

GET
H2 404 CRCMIHFNZRFG3IWKAUFTQ6
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 7776ms
7771ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/CRCMIHFNZRFG3IWKAUFTQ6
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 086a356be800001f2d8d20c000000001
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Mon, 22 Feb 2021 07:20:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=voZuT1mmHvUJl6BkJOEDQBYahQ1cwMfktqGDY1MNe55%2BfJNUC3sxmS%2FFD8GT0r343uQQEAlp8XtSszohyl9oV0fdBrkn%2Bj5GrEViMP15C4dLm%2B3z1w%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cf-ray: 6256f1bfdf0a1f2d-FRA

GET
H2 404 out_003.txt
ofux.xyz/scam/unic/Uni_fichiers/ 271 B
271 B 5733ms
5728ms Image
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/out_003.txt
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646c9c32d3ee56d31223b770121c5cd04379726f4db9c0cd9a4390a557aa16a6

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 086a356be900001f2d5abf2000000001
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Mon, 22 Feb 2021 07:20:30 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7NXOtmr8hWl8isWhz5gSrS1seXsFtzjPPh3aLpN8lqQuDnyW9Sc%2F1BiN0G%2FZrRCCWcJ5WupC%2F%2FEYK%2FOXIIp80FRLBGqkPTksShf8jN5xKhHWfbitEw%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cf-ray: 6256f1bfdf0d1f2d-FRA

GET
H2 404 out_002.gif
ofux.xyz/scam/unic/Uni_fichiers/ 271 B
271 B 7741ms
7736ms Image
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/out_002.gif
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646c9c32d3ee56d31223b770121c5cd04379726f4db9c0cd9a4390a557aa16a6

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:32 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xpqg9KnE8OSNhb5CXX0hE%2FxUJ3kAt7293AbIoEcZbcwkhjugkW8n%2FL4kUqAxYTbXlL8K3ch7Y0Td3LXX%2Blp7hR8W6l7v%2Blq0K1UI6plmPHPSJ8CltQ%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdf0f1f2d-FRA
cf-request-id: 086a356be900001f2da190b000000001

GET
H2 404 out_003.gif
ofux.xyz/scam/unic/Uni_fichiers/ 271 B
271 B 8738ms
8733ms Image
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/out_003.gif
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646c9c32d3ee56d31223b770121c5cd04379726f4db9c0cd9a4390a557aa16a6

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:33 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jo6j5E0mPxSPgnUWMArQ3gA6WIcKzavWCx%2FDt%2FaZbe8gUW4gFBnok3BzaUSWbJAbUn2bzZp0FXn6bHyDioWrHfxmLd6hXqj5KOSiajkm%2F84AA7hgWw%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdf101f2d-FRA
cf-request-id: 086a356be900001f2dbbb6a000000001

GET
H2 404 out.txt
ofux.xyz/scam/unic/Uni_fichiers/ 271 B
271 B 6726ms
6721ms Image
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/out.txt
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646c9c32d3ee56d31223b770121c5cd04379726f4db9c0cd9a4390a557aa16a6

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 086a356bea00001f2d8a257000000001
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Mon, 22 Feb 2021 07:20:31 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tQFzprw0qNuVd3uIrZwxMYGgkySLk6TrOoFv0BYtgPrxitU5qdCM%2B5UVbAMGNx3gdFc7InZzpGxw%2FJh%2FBdB5D%2FpkmV6jL6F0BfyzYIgoIyclvSpEYw%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cf-ray: 6256f1bfdf121f2d-FRA

GET
H2 404 out_002.htm
ofux.xyz/scam/unic/Uni_fichiers/ 271 B
271 B 10070ms
10065ms Image
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/out_002.htm
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646c9c32d3ee56d31223b770121c5cd04379726f4db9c0cd9a4390a557aa16a6

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 086a356bea00001f2d950c4000000001
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Mon, 22 Feb 2021 07:20:34 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AbYu4BIG%2F3n1iRb29SWhecew68eokFc6oCQ2uTr0h5rvT9DViDo0HPpnYqLNctZX2pM059etaZUSoRwrsRaTjogi9bVd36m1G1RQ0g7oiDdpv7WLag%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cf-ray: 6256f1bfdf131f2d-FRA

GET
H2 404 out_002.txt
ofux.xyz/scam/unic/Uni_fichiers/ 271 B
271 B 9798ms
9794ms Image
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/out_002.txt
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646c9c32d3ee56d31223b770121c5cd04379726f4db9c0cd9a4390a557aa16a6

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 086a356bea00001f2d6f8d3000000001
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Mon, 22 Feb 2021 07:20:34 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1Gi0FD%2Bioo1FVMcsbZijnW29OvMdXAbHYMcCrmzc7nzgaPBSjhM8oaBpB5D9GxYxvxQecfgQX%2BrHCpda1ZE9fRDGtXSkbIkFUjH8Aro9TX1W%2FH7s3Q%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cf-ray: 6256f1bfdf141f2d-FRA

GET
H2 404 out_006.gif
ofux.xyz/scam/unic/Uni_fichiers/ 271 B
271 B 9784ms
9780ms Image
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/out_006.gif
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646c9c32d3ee56d31223b770121c5cd04379726f4db9c0cd9a4390a557aa16a6

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=00pQARicpTtNG1ejCGkaQt7pv593Me9yFimaF8EA2GYvUkLuQa5%2BsVAfC14Qx3YvYkMny6PsOfW1KmntBMSsuyYjevj6%2FiIe%2FYuAXjCjKIk2m7F7IA%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdf161f2d-FRA
cf-request-id: 086a356beb00001f2db881a000000001

GET
H2 404 out_005.gif
ofux.xyz/scam/unic/Uni_fichiers/ 271 B
271 B 8735ms
8731ms Image
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/out_005.gif
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646c9c32d3ee56d31223b770121c5cd04379726f4db9c0cd9a4390a557aa16a6

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:33 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4TaIIosaKerDnaA6wujfzx3J7LEV2uD4lmNDtLD%2FHW%2F2z4ig5mkAJ2XIAYMKiwdPFBOIkbfCzra1XT%2B83WTklWS7w8NL3gtHxrDv33rC1spvt1EAWg%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdf181f2d-FRA
cf-request-id: 086a356beb00001f2d52b37000000001

GET
H2 404 out.htm
ofux.xyz/scam/unic/Uni_fichiers/ 271 B
271 B 10080ms
10076ms Image
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/out.htm
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646c9c32d3ee56d31223b770121c5cd04379726f4db9c0cd9a4390a557aa16a6

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 086a356beb00001f2d3caf1000000001
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Mon, 22 Feb 2021 07:20:34 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vxe%2Fm9MSkEhVNFvFLw1GGtqIUSkhUy3qSxEMXDrNcwUazLSn0c3Q7aOpxB0rWmm3kQBZ0NoDWSmo1MU8gbOeCUmLBwigd252ilALNayT%2BlBrixLs%2Bg%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cf-ray: 6256f1bfdf191f2d-FRA

GET
H2 404 out_004.gif
ofux.xyz/scam/unic/Uni_fichiers/ 271 B
271 B 9624ms
9620ms Image
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/out_004.gif
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646c9c32d3ee56d31223b770121c5cd04379726f4db9c0cd9a4390a557aa16a6

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:33 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dYGBsUYPSz05y4R%2FMHFXYUlmJwckaiuGYae3JHgl9U1IcqeAYwIf8ZIR6VrVCmDUNX1N8y1maXuqWNsQ%2FxgyZVnSZgBE45sDuvToLJrq53iuE25OFA%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdf1b1f2d-FRA
cf-request-id: 086a356beb00001f2d4fbf8000000001

GET
H2 404 out_003.htm
ofux.xyz/scam/unic/Uni_fichiers/ 271 B
271 B 8738ms
8734ms Image
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/out_003.htm
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646c9c32d3ee56d31223b770121c5cd04379726f4db9c0cd9a4390a557aa16a6

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 086a356bec00001f2d42a9c000000001
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Mon, 22 Feb 2021 07:20:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vWInQzXujSDy5IOwZipY6PrG8Bsu1PBvlfKLUHIoc7eOJ9gA3TDma%2FFADJX%2FzP5b%2BurW4dbD8%2FXe0IUYHPMEGHOMKS1rHSZR0urFXL0ANnZvuo8mDQ%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cf-ray: 6256f1bfdf1d1f2d-FRA

GET
H2 404 out.gif
ofux.xyz/scam/unic/Uni_fichiers/ 271 B
271 B 9784ms
9781ms Image
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/out.gif
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646c9c32d3ee56d31223b770121c5cd04379726f4db9c0cd9a4390a557aa16a6

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SPLQFo3GLJ%2BVO7bJUPT9KRK4Hoxe5GhDVELHxADrz1ogfKlgrp63NiOTekQjb9xrCWY8yXUYGT3NWxGbLE%2FSb0%2FtAiQbAV5Ine1WQQMajya%2BA%2FxHcA%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdf1e1f2d-FRA
cf-request-id: 086a356bec00001f2d9e17a000000001

GET
H2 404 trasparenza.png
ofux.xyz/scam/unic/Uni_fichiers/ 271 B
271 B 9638ms
9634ms Image
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/trasparenza.png
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646c9c32d3ee56d31223b770121c5cd04379726f4db9c0cd9a4390a557aa16a6

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:33 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QJTlXm0QRHbwuqJwpCVlsjsNHyZoHwoB6z3IQuPsvPHb8zL%2FDG%2B7YJb6bRDPtdAqqQ88vmeH4i1asmLVvB0APKrRHG1NJwUm8LXRp69w6eWwxSwzXA%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdf1f1f2d-FRA
cf-request-id: 086a356bec00001f2d5abf3000000001

GET
H2 404 Logo-UEFA-50x55.png
ofux.xyz/scam/unic/Uni_fichiers/ 271 B
271 B 9807ms
9803ms Image
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/Logo-UEFA-50x55.png
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646c9c32d3ee56d31223b770121c5cd04379726f4db9c0cd9a4390a557aa16a6

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZgnXt4aVFBxto7RCVHg0d%2BEKo%2B6kj8u3jogXQDE4rSyXKWT4XlMmuikknXF5QMMywfpmkY69ihsAVihsQZlM34cHa6GV7I3zF6BvyIiMqo%2Fnbjx4Vw%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdf211f2d-FRA
cf-request-id: 086a356bec00001f2d55103000000001

GET
H2 404 0.txt
ofux.xyz/scam/unic/Uni_fichiers/ 271 B
271 B 9625ms
9621ms Image
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/0.txt
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646c9c32d3ee56d31223b770121c5cd04379726f4db9c0cd9a4390a557aa16a6

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 086a356bed00001f2d45106000000001
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Mon, 22 Feb 2021 07:20:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I8VRegfQG9xsqC02mDge7EvSvYYeOGGEuHayekTwPSME2hXKrIZz9faS5K1lQ1H%2Bz9dz2DmTwN%2F1f5NMJ9tnFbCl%2FjJEGRA%2F7GSeNUKs1XNoXpJSXg%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cf-ray: 6256f1bfdf241f2d-FRA

GET
H2 404 c1fa4f6f-79cb-463b-86fe-22d3113388dd.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 56ms
56ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/c1fa4f6f-79cb-463b-86fe-22d3113388dd.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://ofux.xyz
Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:24 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=caoymuSDnbG01TkSimxgTZsnSb9JayeJsd4hCaro7Wf6aHqyDLlVppOG0FqQ8ZJ6HhKuVAMvwlbgVEdG2sGau%2FauN8C%2FqSWQva4AvtKSjGAXxqDF7w%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bf5e791f2d-FRA
cf-request-id: 086a356b9900001f2da3be8000000001

GET
H2 404 WR-latest.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 10128ms
10125ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/WR-latest.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://ofux.xyz
Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9wm%2FgEDa2MSMe4uyYl7iDYtzAI4DDC5KFxpGxUP4j9sWulePChM6DJEKwhWFQDg0pU3RmhHu9rlmOjt51%2FKVDXNp2UiYvlJlmJvMmdtEFiAxifgjqA%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdf251f2d-FRA
cf-request-id: 086a356bed00001f2d3f2f2000000001

GET
H2 404 ChangeMonitor-latest.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 48ms
48ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/ChangeMonitor-latest.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:24 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XYOx6p8X8ZwOE9jLq9ZCZL1%2BC2as5%2BTafekU5%2BmKFwVD2A6edUJHDhYekpsNfcDLtDfn1SZiFtmsH7prZWKQ%2Bsq0ccBdZefq4THh7JT%2FbiixygYGMA%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bf7e941f2d-FRA
cf-request-id: 086a356ba800001f2d51bd2000000001

GET
H2 404 login-common.css
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 50ms
49ms Stylesheet
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/login-common.css
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:24 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZfDCL%2FxudwmgSbzGGanlsieIrk9EW4JxKd3MgKT0hKcKDzZHozNJzXACYM59KNr1s5O%2BGu%2BZr9J7zanrwFKzVE6%2FvcE2HrHrhVRf990gZ4%2FWHQgF%2BQ%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfcef01f2d-FRA
cf-request-id: 086a356bda00001f2d9e178000000001

GET
H2 404 login.css
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 56ms
56ms Stylesheet
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/login.css
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:24 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OBrQCsyps6aaGjOdoC8aQ6NC6ne7zQbVoJHgQYNl2r%2BwRLtUIVsqrNuS8WMit7yDInec6PI0t91JY7lm1cGPGeioj8d%2BBQR5%2BHNySou6%2FkuJTFKCeA%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfcef11f2d-FRA
cf-request-id: 086a356bdf00001f2d5cbc0000000001

GET
H2 404 login.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 702ms
696ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/login.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:24 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0Cy1tqV2owTp44wnIjqdN3hoXjgcbT1et76V2wVXrcq%2Bmm%2B%2FcpNpd%2BFgJHDpBpntoKeuxyhUBjBCy7zkHw4r1sPtyvt9g7bvYbkB2uV2BjJsqtN4Tg%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdef41f2d-FRA
cf-request-id: 086a356be300001f2d47878000000001

GET
H2 404 1497278182294.png
ofux.xyz/scam/unic/Uni_fichiers/ 271 B
271 B 9755ms
9752ms Image
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/1497278182294.png
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646c9c32d3ee56d31223b770121c5cd04379726f4db9c0cd9a4390a557aa16a6

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zm8a5ayd0ULImdPsDNMX%2FYVXH8lwpxABOELSaOdo4rfSQ7tfScQaxfK%2FVMMRHh%2Bz4c7yz%2Bd1ieO0rdqvzkYjmhQ5dYY1%2FB494J7Qn1t61LSC2SGuXg%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdf271f2d-FRA
cf-request-id: 086a356bed00001f2d5cbc2000000001

GET
H2 404 1497278182294_002.png
ofux.xyz/scam/unic/Uni_fichiers/ 271 B
271 B 9528ms
9525ms Image
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/1497278182294_002.png
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646c9c32d3ee56d31223b770121c5cd04379726f4db9c0cd9a4390a557aa16a6

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:33 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eBbM0Z6q6RK%2FEIPiNUERaMEcuiD49RifGLY86PnMPP4tY8dT2hrO20oAu%2F9aTvSNW2Otx%2B4azC86eKnEh%2Bno9XkFU1bqGBu2CM6tTeFyruoWJ83KUg%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdf281f2d-FRA
cf-request-id: 086a356bed00001f2d51bd7000000001

GET
H2 404 infotip.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 1705ms
1699ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/infotip.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:25 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=my0hJAKjhJERhVFlA72TpUhIrBwdVyddW8TPVtt99DZw4HkpiEI7r5gz8p2DpjSdnj00ft%2FvwxuvmAv%2BsjroejeC%2BvmE8lAZLo8FP44QqvvzVvRUew%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdef71f2d-FRA
cf-request-id: 086a356be300001f2d51bd6000000001

GET
H2 404 locale_002.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 4496ms
4490ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/locale_002.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:28 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=miBMWbxklcpdRUlYpbbAnoCuyK2iOgc8q%2BEvMpiYqonFwyvu3BErPB%2FgU2fHn1HG0Jfg5o3qI3KyBB6hWlmpa5exIJHzG5ltbsa%2BIyWTj%2FWBAkla%2FQ%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdef91f2d-FRA
cf-request-id: 086a356be300001f2d64253000000001

GET
H2 404 page-inject-backend_002.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 5730ms
5724ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/page-inject-backend_002.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:30 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1AzOyvnoymYFCl26%2FoBpKHp67yQn54XZbfKRQAYy9cv0T0SJOuZoKNQSxf9gc9c%2BDk7kJ7%2FPEuAp3OgXKL%2BiBmI3js10WyFGtU993nYHCQleuLVIxA%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdefa1f2d-FRA
cf-request-id: 086a356be700001f2d64254000000001

GET
H2 404 rooting.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 4596ms
4590ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/rooting.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:28 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0LW5tutsRh4Wqg6E70szwdPL8XX6ckMxdxGE9rjVJ263lDjN9QX1i0EYF26JXpmzMQNo3lGxRRn7zQDjvy%2B5%2BgBfWo%2FLxV%2F125q9QyXx8TfisehuIw%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdefb1f2d-FRA
cf-request-id: 086a356be400001f2d679ed000000001

GET
H2 404 hashtable_002.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 4580ms
4574ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/hashtable_002.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:28 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4F7COIzuAq6gahFtgEwcgt7kAiV0Yw%2BiW2jZFqHUlcJ2CIwERFuWBCWNZHQoBnsXgdfeAAogdl17wSUImgSX4cLzN0n98rppUAmXctXkL1IbQSGZug%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdefc1f2d-FRA
cf-request-id: 086a356be400001f2d4a292000000001

GET
H2 404 deviceprint.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 5025ms
5020ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/deviceprint.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:29 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wqdGi1vB41oPd96SWrHhbfjm4usXPQzAqDqj2dfBBcu9oU0oyrpYcMGXuwXmwC9Pm5uDiZyWoIJL%2FhPx4N2vVCelmxUAWAimWRtE3wE%2FCAAKP7MDkQ%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfdefd1f2d-FRA
cf-request-id: 086a356be400001f2d8faf5000000001

GET
H/1.1 200
OK etc02.png
ebank.unicredit.it/EPP-ESA-WS/img/ 924 B
2 KB 1965ms
1801ms Image
image/png 213.134.65.21
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ebank.unicredit.it/EPP-ESA-WS/img/etc02.png?t=ok&031_public&v031u3&082024

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.134.65.21 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

ffa50281c94b5587181e3b9d4c53e8a12585bccc120394eb298723e733d24712

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' https://.unicredit.it https://.unicredit.eu https://.ucgstatic.eu https://chart-gimb-unicredit.inet.factsetdigitalsolutions.com https://.inet.factsetdigitalsolutions.com https://ubischartgimb.mdgms.com wcsscreensharing://; child-src 'self' https://.unicredit.it https://.unicredit.eu https://.ucgstatic.eu https://chart-gimb-unicredit.inet.factsetdigitalsolutions.com https://.inet.factsetdigitalsolutions.com https://ubischartgimb.mdgms.com wcsscreensharing://; frame-ancestors 'self' https://.unicredit.it https://.unicredit.eu https://.ucgstatic.eu https://chart-gimb-unicredit.inet.factsetdigitalsolutions.com https://.inet.factsetdigitalsolutions.com https://ubischartgimb.mdgms.com wcsscreensharing://*;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Last-Modified: Thu, 15 Dec 2016 18:11:28 GMT
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Language: en-US
Cache-Control: max-age=3600
Content-Security-Policy: frame-src 'self' https://*.unicredit.it https://*.unicredit.eu https://*.ucgstatic.eu https://chart-gimb-unicredit.inet.factsetdigitalsolutions.com https://*.inet.factsetdigitalsolutions.com https://ubischartgimb.mdgms.com wcsscreensharing://*; child-src 'self' https://*.unicredit.it https://*.unicredit.eu https://*.ucgstatic.eu https://chart-gimb-unicredit.inet.factsetdigitalsolutions.com https://*.inet.factsetdigitalsolutions.com https://ubischartgimb.mdgms.com wcsscreensharing://*; frame-ancestors 'self' https://*.unicredit.it https://*.unicredit.eu https://*.ucgstatic.eu https://chart-gimb-unicredit.inet.factsetdigitalsolutions.com https://*.inet.factsetdigitalsolutions.com https://ubischartgimb.mdgms.com wcsscreensharing://*;
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: image/png
Keep-Alive: timeout=10, max=100
Content-Length: 924
X-XSS-Protection: 1; mode=block
Expires: Mon, 22 Feb 2021 08:20:24 GMT

GET
H2 404 keep-alive.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 11ms
10ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/keep-alive.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0qL6aGteXY3AaGopjHqlNdAgnvFO5EsDW%2Fl0GU%2BdRK39YIWzh8Jrh37mgTIYJ%2BIe%2BFjzN%2BnDvufiNRMAC4hxLyCAwNUkpRlGeskjv766FNuOmfsQnQ%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfaebb1f2d-FRA
cf-request-id: 086a356bc500001f2d6f8d1000000001

GET
H2 404 placeholderCrmProducts.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 12ms
12ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/placeholderCrmProducts.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2KPe1orTlptqfE3h5RLAPhbh7ws%2FspsnL%2FKOqynwsrPaI25FSOlp3cuDdoPAGvnUMeDr158kIyLEANDrwKcIbL69BuU5Z%2BPlpuMT40pbJmVhl3KkxA%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1bfbed11f2d-FRA
cf-request-id: 086a356bd000001f2db3151000000001

GET
H/1.1 200
OK 1840x770_pir.jpg
content.unicredit.it/content/dam/ucpublic/it/HomePages/Privati/ 210 KB
211 KB 183ms
183ms Image
image/jpeg 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.unicredit.it/content/dam/ucpublic/it/HomePages/Privati/1840x770_pir.jpg

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

362316968a3859b4869551e66370c2339c3e35b1c1677dd7f8538d257768df70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Feb 2021 07:20:24 GMT
ETag: W/"34894"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 215188
VTS-H2: FP FD FR

GET
DATA 200
OK truncated
/ 26 KB
26 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da70ce90dde2976728a929557f1d44e35321319fc31c4401b295774d126b778c

Request headers

Origin: https://ofux.xyz
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H/1.1 200
OK IconWerk2-duo-v08.ttf
content.unicredit.it/etc/designs/ucpublic/it/css/fonts/ 17 KB
18 KB 240ms
122ms Font
application/x-font-ttf 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/ucpublic/it/css/fonts/IconWerk2-duo-v08.ttf?vlgucd

Requested by

Host: content.unicredit.it
URL: https://content.unicredit.it/etc/designs/ucpublic/it/css/font_multicolor.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

9938bcdb236bd8af9da997a7ca13043f2f3cf88ebba1b0a7e25a2b752234e041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ofux.xyz
Referer: https://content.unicredit.it/etc/designs/ucpublic/it/css/font_multicolor.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Sep 2020 20:05:14 GMT
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: *
Content-Disposition: attachment
Connection: Keep-Alive
Content-Type: application/x-font-ttf
Keep-Alive: timeout=5, max=15
Content-Length: 17872
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK unicredit-medium.otf
content.unicredit.it/etc/designs/ucpublic/it/css/fonts/ 114 KB
52 KB 172ms
54ms Font
text/plain 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/ucpublic/it/css/fonts/unicredit-medium.otf

Requested by

Host: content.unicredit.it
URL: https://content.unicredit.it/etc/designs/ucpublic/it/css/font-families.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

04128b81d8363303ec8d2724ec3892f00ba147ed86ef90d91e121c85476a1234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ofux.xyz
Referer: https://content.unicredit.it/etc/designs/ucpublic/it/css/font-families.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Feb 2021 00:01:04 GMT
ETag: "1c9fc-5bbe17f759000"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=25

GET
H/1.1 200
OK unicredit-regular.otf
content.unicredit.it/etc/designs/ucpublic/it/css/fonts/ 98 KB
47 KB 190ms
52ms Font
text/plain 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/ucpublic/it/css/fonts/unicredit-regular.otf

Requested by

Host: content.unicredit.it
URL: https://content.unicredit.it/etc/designs/ucpublic/it/css/font-families.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

963393f63d45aeaac62538ec34e43d160ee37b7f5de2aa13b3161ab432742d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ofux.xyz
Referer: https://content.unicredit.it/etc/designs/ucpublic/it/css/font-families.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Feb 2021 00:09:27 GMT
ETag: "186c0-5bbe19d76a257"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=91

GET
H/1.1 200
OK IconWerk2-mono-v06.ttf
content.unicredit.it/etc/designs/ucpublic/it/css/fonts/ 14 KB
15 KB 264ms
127ms Font
application/x-font-ttf 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/ucpublic/it/css/fonts/IconWerk2-mono-v06.ttf?97y653

Requested by

Host: content.unicredit.it
URL: https://content.unicredit.it/etc/designs/ucpublic/it/css/font_mono.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

655f30b383c1e6452509360273bfd8d4a78759e51567202ca1b851362a7d85c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ofux.xyz
Referer: https://content.unicredit.it/etc/designs/ucpublic/it/css/font_mono.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Sep 2020 20:05:14 GMT
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: *
Content-Disposition: attachment
Connection: Keep-Alive
Content-Type: application/x-font-ttf
Keep-Alive: timeout=5, max=87
Content-Length: 14572
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found 1840x770_HB_MyGenius_Desktop-premio.jpg
content.unicredit.it/content/dam/ucpublic/it/privati/images/conti-correnti/ 0
0 60ms
60ms Image
text/html 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.unicredit.it/content/dam/ucpublic/it/privati/images/conti-correnti/1840x770_HB_MyGenius_Desktop-premio.jpg
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK 1840x770_HB_NuovoMutuo_tasso_testi_noheadnocta_2.jpg
content.unicredit.it/content/dam/ucpublic/it/HomePages/Privati/ 305 KB
306 KB 104ms
104ms Image
image/jpeg 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.unicredit.it/content/dam/ucpublic/it/HomePages/Privati/1840x770_HB_NuovoMutuo_tasso_testi_noheadnocta_2.jpg

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

28ff46b4c993cae1d76603538bfafbaf76177affeb6a65ad824a6d73f10a93ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Feb 2021 07:20:24 GMT
ETag: W/"4c4c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=24
Content-Length: 312512
VTS-H2: FP FD FR

GET
H/1.1 200
OK 1840x770_HB_CEDNEW_Desktop.jpg
content.unicredit.it/content/dam/ucpublic/it/HomePages/Privati/ 276 KB
276 KB 145ms
144ms Image
image/jpeg 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.unicredit.it/content/dam/ucpublic/it/HomePages/Privati/1840x770_HB_CEDNEW_Desktop.jpg

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

ecf4e53872eb32826fcdec97245a2eed25d9447358dd2f48dde3ee6553f7671b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Feb 2021 07:20:24 GMT
ETag: W/"44e9d"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=12
Content-Length: 282269
VTS-H2: FP FD FR

GET
H2 404 c1fa4f6f-79cb-463b-86fe-22d3113388dd.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 17ms
16ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/c1fa4f6f-79cb-463b-86fe-22d3113388dd.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://ofux.xyz
Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KBuo2tGavhk56yFE8YgdO%2FyerrqD4jaiUBJSujeFdmbefmqnSrBtAoLq0l8Wnvbhg9rS38e0cCqdINWkT5GWohRVy1wsP2FdqqOdPvUw8mg3hUBzWg%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1c05f9c1f2d-FRA
cf-request-id: 086a356c3900001f2d8d20f000000001

GET
H/1.1 200
OK 1840x450_BOXH_desktop-Ti-presento-Subito-Casa.jpg
content.unicredit.it/content/dam/ucpublic/it/privati/images/ 147 KB
147 KB 70ms
69ms Image
image/jpeg 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.unicredit.it/content/dam/ucpublic/it/privati/images/1840x450_BOXH_desktop-Ti-presento-Subito-Casa.jpg

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

306663010e8e4216b6c8b50009ba7ac366a1d661f6d09a7db9b4996395a7fe09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Feb 2021 07:20:24 GMT
ETag: W/"24a96"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=49
Content-Length: 150166
VTS-H2: FP FD FR

GET
H/1.1 200
OK 1840x450_consulenzaunicredit.jpg
content.unicredit.it/content/dam/ucpublic/it/HomePages/Privati/ 157 KB
157 KB 88ms
88ms Image
image/jpeg 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.unicredit.it/content/dam/ucpublic/it/HomePages/Privati/1840x450_consulenzaunicredit.jpg

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

f11fb9c292333e7278709f1cd61525901ab31b3494285297d41f0ee598c4667e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Feb 2021 07:20:24 GMT
ETag: W/"27296"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=35
Content-Length: 160406
VTS-H2: FP FD FR

GET
H/1.1 200
OK 1840x450_BOXH_GuidaProtetta_desktop.jpg
content.unicredit.it/content/dam/ucpublic/it/HomePages/Privati/ 163 KB
164 KB 126ms
126ms Image
image/jpeg 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.unicredit.it/content/dam/ucpublic/it/HomePages/Privati/1840x450_BOXH_GuidaProtetta_desktop.jpg

Requested by

Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

653f09a5d85d51197045dc81f36e956e74081a08d30957fe6f098d1d5ad50aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Feb 2021 07:20:24 GMT
ETag: W/"28d5f"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 167263
VTS-H2: FP FD FR

GET
DATA 200
OK truncated
/ 26 KB
26 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ed4e687d0372417996e6b3023435865b27facbb60c6f54b69ccdaca66960f6d

Request headers

Origin: https://ofux.xyz
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H/1.1 200
OK unicredit-light.otf
content.unicredit.it/etc/designs/ucpublic/it/css/fonts/ 102 KB
48 KB 185ms
52ms Font
text/plain 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/ucpublic/it/css/fonts/unicredit-light.otf

Requested by

Host: content.unicredit.it
URL: https://content.unicredit.it/etc/designs/ucpublic/it/css/font-families.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

d2a581a44777e10ff328ea0bd91f0da802af4d9d8b5f5a7f3d5473560e338fb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ofux.xyz
Referer: https://content.unicredit.it/etc/designs/ucpublic/it/css/font-families.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Feb 2021 00:09:31 GMT
ETag: "19930-5bbe19db94a88"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=89

GET
H/1.1 200
OK unicredit-bold.otf
content.unicredit.it/etc/designs/ucpublic/it/css/fonts/ 111 KB
50 KB 185ms
51ms Font
text/plain 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.unicredit.it/etc/designs/ucpublic/it/css/fonts/unicredit-bold.otf

Requested by

Host: content.unicredit.it
URL: https://content.unicredit.it/etc/designs/ucpublic/it/css/font-families.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

20a3034e905881e96faa0cff71897a83ea1ec9c2e8e87bead74ec6e292e81f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ofux.xyz
Referer: https://content.unicredit.it/etc/designs/ucpublic/it/css/font-families.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Feb 2021 00:09:32 GMT
ETag: "1bc48-5bbe19dc56aa2"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=80

GET
H2 404 ChangeMonitor-latest.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 14ms
13ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/ChangeMonitor-latest.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MshxlMNBSDTw8cqL0G0IoiDcGjAxf5Hfx8wTV%2FQWjeM6GItP%2F3eccueF7xT6ZVsRiX3wwXJ0a0qJsrkvfHXAue1VqgoQPHTXTJ4%2BY0N7zXBU8wwX1g%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1c09fc11f2d-FRA
cf-request-id: 086a356c6100001f2d679f3000000001

GET
H2 404 login-common.css
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 19ms
19ms Stylesheet
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/login-common.css
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ghcsooybZr85qgEqrwaQVDOc0IU2GonUrsnAFtoc18CElNGVDj53S9zb5NTgT42os7hJyatSArfRwIpdhEyuOvokWJbA3ODLvObwKDnjNj5gW4y6bA%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1c0bfd01f2d-FRA
cf-request-id: 086a356c6f00001f2d39a86000000001

GET
H/1.1 200
OK sprite-common.png
content.unicredit.it/etc/designs/gimb/img/ 22 KB
23 KB 76ms
76ms Image
image/png 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.unicredit.it/etc/designs/gimb/img/sprite-common.png

Requested by

Host: content.unicredit.it
URL: https://content.unicredit.it/etc/designs/gimb/css/common.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

9ba28c18fb75f3a6fcee96df6421c475570a4161b0c59637b878d7b4520169c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://content.unicredit.it/etc/designs/gimb/css/common.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Feb 2021 00:01:48 GMT
ETag: "58ad"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=64
Content-Length: 22701
VTS-H2: FP FD FR

GET
H2 404 login.css
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 10ms
10ms Stylesheet
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/login.css
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zfngDJHB2vWXIVTK3U8HnFEx%2FkqA49bVh0mO27JSQgdQ4V5i3FwRPOGu5%2FlNR%2FqxyqiAZJUGWy%2FW69kXbBJSwkA%2BJo%2FeiOUFH7ve8k61aSMN9nbzCg%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1c0dfea1f2d-FRA
cf-request-id: 086a356c8300001f2da1912000000001

GET
H/1.1 200
OK ico-infologin.png
content.unicredit.it/etc/designs/gimb/img/ 2 KB
2 KB 46ms
46ms Image
image/png 213.134.65.20
UNICREDIT-AS-VR-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.unicredit.it/etc/designs/gimb/img/ico-infologin.png

Requested by

Host: content.unicredit.it
URL: https://content.unicredit.it/etc/designs/gimb/css/common.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

213.134.65.20 Milan, Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),

Reverse DNS

Software

Resource Hash

e41c557c2dcc8f98c3bb29c83a23b4cf79b4606e9fe6e692331e128ccecc51f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://content.unicredit.it/etc/designs/gimb/css/common.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 07:20:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Feb 2021 00:09:37 GMT
ETag: "647"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 1607
VTS-H2: FP FD FR

GET
H2 404 rooting.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 16ms
15ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/rooting.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nnCwhRq2dSba8gAZhAdRQDBO8Kh8nIL1NrxN57bqmXDBzBzc57ZO6OodOhzwHpsSkAj4WNyiYgFaR2Luq5OK%2FHSRngymyecv8ahVfTIvXYe%2BDdzpMQ%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1e3af011f2d-FRA
cf-request-id: 086a35824a00001f2d7c16c000000001

GET
H2 404 hashtable_002.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 14ms
13ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/hashtable_002.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ufQ7R2Zw%2BBJNPINpO%2B1PDzynWDeHTBAKEyV0BdGCFzuTfFg3Zl%2F682Lc2PYiNyLxMs%2BUfpFaCR3B1jz5KZBAP2i2olpoLt2QHRwX%2FVAPBruLtoRmBA%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1e3cf1b1f2d-FRA
cf-request-id: 086a35825d00001f2d92075000000001

GET
H2 404 deviceprint.js
ofux.xyz/scam/unic/Uni_fichiers/ 0
0 11ms
11ms Script
text/html 2606:4700:3030::6815:4320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofux.xyz/scam/unic/Uni_fichiers/deviceprint.js
Requested by: Host: ofux.xyz
URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 07:20:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YhHn%2BDRkppA7tthqyHG4tF1SMawVHGxtexGWSP5jbUtzEXnb%2BkfD19KVQpIZe7h7eZ2htORIq5zuJqHUsC82yKzPq9XvmxWs6I67uF2Tci8spn%2BDuQ%3D%3D"}]}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6256f1e3df371f2d-FRA
cf-request-id: 086a35826b00001f2d793d1000000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Unicredit (Banking)

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://content.unicredit.it/etc/designs/ucpublic/it/clientlibs/main.js(Line 16553) Message: clientlib started
console-api	log	URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164(Line 139) Message: segment&product3
console-api	log	URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164(Line 749) Message: ERRNGMNT
console-api	log	URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164(Line 846) Message: ERRNGMNT
console-api	log	URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164(Line 933) Message: ERRNGMNT
console-api	log	URL: https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164(Line 1089) Message: ERRNGMNT
console-api	log	URL: https://content.unicredit.it/etc/designs/gimb/js/infotip.js(Line 88) Message: tooltip init
console-api	log	URL: https://content.unicredit.it/etc/designs/gimb/js/infotip.js(Line 266) Message: init landscapeModeHelp
console-api	log	URL: https://content.unicredit.it/etc/designs/gimb/js/infotip.js(Line 266) Message: WINDOW ORIENTATION: undefined
console-api	log	URL: https://content.unicredit.it/etc/designs/gimb/js/infotip.js(Line 266) Message: is portrait? result:false
console-api	log	URL: https://content.unicredit.it/etc/designs/gimb/js/infotip.js(Line 266) Message: ok hideLandscapeModeHelp
console-api	warning	URL: https://content.unicredit.it/etc/designs/ucpublic/it/clientlibs/main.js(Line 4065) Message: jQuery.Deferred exception: Cannot read property 'setItem' of null TypeError: Cannot read property 'setItem' of null at HTMLDocument.<anonymous> (https://content.unicredit.it/etc/designs/gimb/js/CampaignAttributeManagement.js:60:15) at mightThrow (https://content.unicredit.it/etc/designs/ucpublic/it/clientlibs/main.js:3781:29) at process (https://content.unicredit.it/etc/designs/ucpublic/it/clientlibs/main.js:3849:12) undefined
console-api	warning	URL: https://content.unicredit.it/etc/designs/ucpublic/it/clientlibs/main.js(Line 4065) Message: jQuery.Deferred exception: startCrmProduct is not defined ReferenceError: startCrmProduct is not defined at HTMLDocument.<anonymous> (https://ofux.xyz/scam/unic/web.php?ip=172.68.10.164:142:9) at mightThrow (https://content.unicredit.it/etc/designs/ucpublic/it/clientlibs/main.js:3781:29) at process (https://content.unicredit.it/etc/designs/ucpublic/it/clientlibs/main.js:3849:12) undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

content.unicredit.it
ebank.unicredit.it
ofux.xyz
213.134.65.20
213.134.65.21
2606:4700:3030::6815:4320
04128b81d8363303ec8d2724ec3892f00ba147ed86ef90d91e121c85476a1234
04209d703002badaf98089a660f0ec892c5e48656f173a731be83ed3b47f5a23
0b355889ce41dc787839ca9c6c6e6e7e6a7cca98e78c6778de78d9238c82077a
0caa580cfb101af5584b2636965829b0b8be12959bbc186c2a9b4159c0658723
102481f4363d9070b4bf992b3c1d6c4d3e59f41e1a5384eb7cc56b2fa0a03da2
1ed4e687d0372417996e6b3023435865b27facbb60c6f54b69ccdaca66960f6d
20a3034e905881e96faa0cff71897a83ea1ec9c2e8e87bead74ec6e292e81f92
25276820517cd93c93d58c13cc4641a943bfcb85dde8494cad06da61ceb2124f
28ff46b4c993cae1d76603538bfafbaf76177affeb6a65ad824a6d73f10a93ae
306663010e8e4216b6c8b50009ba7ac366a1d661f6d09a7db9b4996395a7fe09
33dab4eb3a92482076a0670dfe1737198c2d9952d446a64bb0e5cc79216f5205
362316968a3859b4869551e66370c2339c3e35b1c1677dd7f8538d257768df70
3d5ae598a7eb6da24443442a121a2315f994537592afbbb35cc9866cec217b97
415e3c557d74388c551d77497112a216601c88025d95e3c28b3fad4082d8863e
4c9fd0a58c6260cedd14670e551618e69ebb0b1b4f731fc91a13a7c8bab14fd1
52704374a2f9953f76f3a435e43bb4bef71ced63d0be8a4f843e374dd76814ba
58b092284e9a5001d629b3d304c97dd3d5c2c9db08e180b131d8d1828225560b
58c68e54fa22256230a3fdf653b42eea2488d91bb34fc4a50c756d1030b7f210
5d016ed1e0779e403380c81ec700c1d8e15a210b6c99a93f1e1e9f0e1a281c55
646c9c32d3ee56d31223b770121c5cd04379726f4db9c0cd9a4390a557aa16a6
653f09a5d85d51197045dc81f36e956e74081a08d30957fe6f098d1d5ad50aac
655f30b383c1e6452509360273bfd8d4a78759e51567202ca1b851362a7d85c3
7840a0189a3f40d335e47aa8e2c5b6e97a94881fc4e3812e654dcf7fab4a8d82
84aac2bcdfe16fbbb3366891ce10865af89b1e213387419e7b246931d0cb63ea
8cc47268cb93de1a0ec156c2bc0027836df8e4237b48a1b8f3dc7a5047d6f451
963393f63d45aeaac62538ec34e43d160ee37b7f5de2aa13b3161ab432742d9f
9938bcdb236bd8af9da997a7ca13043f2f3cf88ebba1b0a7e25a2b752234e041
9a7ac62cc77451f48ba86d34c290f3e9d8d24b1307c4ab65e72729c7e17cdc42
9ba28c18fb75f3a6fcee96df6421c475570a4161b0c59637b878d7b4520169c3
ae2dd0d0af6f700f6439b9ba45edfd63098c9eae25e5c33ead633eaba38f9a52
b01a132d67911824c606f6138c75960eb09ce8e4ad06c0045518603dcd2e4afc
ba897478536f33a2b28250672b30d4194ef073cfc7e928a1c6c4cfb19689b278
c6e655fb906975abfe68518cc3d0fdf5b7a4cf703af2f15ef24671e2805a96bc
cf56a2f91b7520139d658bff6bbca2ea7d59256955615e6597f3a0a823de8a1b
d2a581a44777e10ff328ea0bd91f0da802af4d9d8b5f5a7f3d5473560e338fb6
da70ce90dde2976728a929557f1d44e35321319fc31c4401b295774d126b778c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41c557c2dcc8f98c3bb29c83a23b4cf79b4606e9fe6e692331e128ccecc51f6
e5a6c207a3153f5650a788e557e1d67626f2f6035f602503b1d54d6a8151e95a
ecf4e53872eb32826fcdec97245a2eed25d9447358dd2f48dde3ee6553f7671b
ef62646b0b21053bd22e4069e956d629cd4a64b4e35aeaaca0b522123b242c29
efef210198a75adacd0d3e726500fde192fc94320e4acbf90eb3a4d877215a2d
f11fb9c292333e7278709f1cd61525901ab31b3494285297d41f0ee598c4667e
f6d91c956229c639db9742a86d72121021f2abe4a2a6ee502a4d74bab3dd2669
fd1e4f1e34d953e02687a8ac674f787ad7472846c2297d1491f312288d45378b
ffa50281c94b5587181e3b9d4c53e8a12585bccc120394eb298723e733d24712

ofux.xyz Open in urlscan Pro 2606:4700:3030::6815:4320 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

95 Requests

100 %HTTPS

33 %IPv6

2 Domains

3 Subdomains

4 IPs

2 Countries

2242 kBTransfer

4468 kBSize

0 Cookies

84 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ofux.xyz Open in urlscan Pro
2606:4700:3030::6815:4320 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

2242 kB
Transfer

4468 kB
Size

0
Cookies

95 HTTP transactions
2 data transactions