urlscan.io logo urlscan.io
SecurityTrails logo

vgq.qjv.mybluehost.me Open in urlscan Pro
50.87.227.169  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
Submission: On August 27 via automatic, source openphish — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 31 HTTP transactions. The main IP is 50.87.227.169, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is vgq.qjv.mybluehost.me.
TLS certificate: Issued by R10 on July 30th 2024. Valid for: 3 months.
This is the only time vgq.qjv.mybluehost.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telecom Italia (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
14 50.87.227.169 46606 (UNIFIEDLA...)
5 184.30.16.231 16625 (AKAMAI-AS)
1 81.74.225.6 3269 (ASN-IBSNAZ)
2 52.215.66.230 16509 (AMAZON-02)
2 146.75.117.230 54113 (FASTLY)
2 147.75.180.60 30109 (MEDALLIA-INC)
1 35.241.45.82 15169 (GOOGLE)
1 54.228.154.232 16509 (AMAZON-02)
1 1 52.212.226.55 16509 (AMAZON-02)
31 9
14    50.87.227.169 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box2407.bluehost.com
vgq.qjv.mybluehost.me
5    184.30.16.231 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-231.deploy.static.akamaitechnologies.com
assets.adobedtm.com
1    81.74.225.6 (Italy)

ASN3269 (ASN-IBSNAZ, IT)
PTR: se-rm4-7.cdn.interbusiness.it
risorse.tim.it
2    52.215.66.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-66-230.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    146.75.117.230 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
resources.digital-cloud.medallia.eu
2    147.75.180.60 (United States)

ASN30109 (MEDALLIA-INC, US)
analytics-fe.digital-cloud.medallia.eu
1    35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
1    54.228.154.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-154-232.eu-west-1.compute.amazonaws.com
telecomitalia.demdex.net
1    52.212.226.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-226-55.eu-west-1.compute.amazonaws.com
cm.everesttech.net
Apex Domain
Subdomains		 Transfer
14 mybluehost.me
vgq.qjv.mybluehost.me
344 KB
5 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 521
100 KB
4 medallia.eu
resources.digital-cloud.medallia.eu — Cisco Umbrella Rank: 30985
analytics-fe.digital-cloud.medallia.eu — Cisco Umbrella Rank: 75911
93 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 319
telecomitalia.demdex.net
2 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 2184
490 B
1 kampyle.com
udc-neb.kampyle.com — Cisco Umbrella Rank: 3965
318 B
1 tim.it
risorse.tim.it — Cisco Umbrella Rank: 676045
6 KB
31 7
Domain Requested by
14 vgq.qjv.mybluehost.me vgq.qjv.mybluehost.me
5 assets.adobedtm.com vgq.qjv.mybluehost.me
assets.adobedtm.com
2 analytics-fe.digital-cloud.medallia.eu resources.digital-cloud.medallia.eu
2 resources.digital-cloud.medallia.eu assets.adobedtm.com
resources.digital-cloud.medallia.eu
2 dpm.demdex.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 telecomitalia.demdex.net assets.adobedtm.com
1 udc-neb.kampyle.com
1 risorse.tim.it vgq.qjv.mybluehost.me
31 9

This site contains no links.

Subject Issuer Validity Valid
webdisk.vgq.qjv.mybluehost.me
R10		 2024-07-30 -
2024-10-28		 3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-09 -
2025-08-09		 a year crt.sh
risorse.tim.it
TI Trust Technologies OV CA		 2023-09-27 -
2024-10-27		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
*.digital-cloud.medallia.eu
SSL.com RSA SSL subCA		 2023-11-06 -
2024-12-06		 a year crt.sh
*.kampyle.com
SSL.com RSA SSL subCA		 2023-11-07 -
2024-12-07		 a year crt.sh

This page contains 2 frames:

Primary Page: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
Frame ID: DA480F2E0B231C8289F65AF354E7F765
Requests: 30 HTTP requests in this frame

Frame: https://telecomitalia.demdex.net/dest5.html?d_nsid=0
Frame ID: 371947C371C8F27586970287526F6B78
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MyTIM

Page Statistics

31
Requests

87 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

9
IPs

4
Countries

545 kB
Transfer

1745 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://cm.everesttech.net/cm/dd?d_uuid=71466626275393065421459196781271807951 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zs05bAAAAMjR0gOV

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request troidd.html
vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/ 		129 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.227.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2407.bluehost.com
Software
nginx/1.21.6 /
Resource Hash
869c92af5e64d7f073c7465214e6833a2ac0028579a665bdf848f8f772b00f50

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
max-age=7200
content-encoding
gzip
content-type
text/html
date
Tue, 27 Aug 2024 02:26:49 GMT
expires
Tue, 27 Aug 2024 04:26:49 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Thu, 21 Mar 2024 17:28:34 GMT
server
nginx/1.21.6
vary
Accept-Encoding
x-newfold-cache-level
2
x-proxy-cache
EXPIRED
x-server-cache
true
launch-1e1113ae278e.min.js
assets.adobedtm.com/1eecba5bc341/a1ad791924b5/ 		306 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/launch-1e1113ae278e.min.js
Requested by
Host: vgq.qjv.mybluehost.me
URL: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.16.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-231.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
486dc28c944345b6c425f45634c495a8e60edf6c76545a4b4365a866133c647c

Request headers

Referer
https://vgq.qjv.mybluehost.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 02:26:51 GMT
content-encoding
gzip
last-modified
Thu, 16 May 2024 07:49:47 GMT
server
AkamaiNetStorage
etag
"82eaf33a15d5d1968b72092653ee7525:1715845787.371402"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://vgq.qjv.mybluehost.me
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
86771
expires
Tue, 27 Aug 2024 03:26:51 GMT
style.css
vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/css/ 		508 KB
113 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/css/style.css
Requested by
Host: vgq.qjv.mybluehost.me
URL: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.227.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2407.bluehost.com
Software
Apache /
Resource Hash
ecaa1db11a567e93b32edf81b1b8df62ce1ba679c33bfd4520c25b3615620f97

Request headers

Referer
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 02:26:50 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 17:28:34 GMT
server
Apache
vary
Accept-Encoding
x-newfold-cache-level
2
content-type
text/css
cache-control
max-age=86400
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires
Wed, 28 Aug 2024 02:26:50 GMT
ss.css
vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/css/ss.css
Requested by
Host: vgq.qjv.mybluehost.me
URL: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.227.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2407.bluehost.com
Software
Apache /
Resource Hash
cd657a94e4f36d8e4bb5f4744d83773a2870425f3b7982cfa66314bc2d1a792e

Request headers

Referer
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 02:26:50 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 17:28:34 GMT
server
Apache
vary
Accept-Encoding
x-newfold-cache-level
2
content-type
text/css
cache-control
max-age=86400
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
1288
expires
Wed, 28 Aug 2024 02:26:50 GMT
us.svg
vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/us.svg
Requested by
Host: vgq.qjv.mybluehost.me
URL: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.227.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2407.bluehost.com
Software
Apache /
Resource Hash
bb462a24eef290bb508dfd155c8d94e5220b203109f6574184723f9ea252f9e9

Request headers

Referer
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 02:26:50 GMT
last-modified
Thu, 21 Mar 2024 17:28:34 GMT
server
Apache
x-newfold-cache-level
2
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
4592
expires
Wed, 28 Aug 2024 02:26:50 GMT
d.PNG
vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/css/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/css/d.PNG
Requested by
Host: vgq.qjv.mybluehost.me
URL: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.227.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2407.bluehost.com
Software
nginx/1.21.6 /
Resource Hash
5714f341ed24371158626a5e8d7c6c1a9504319d3425a235f2b2b478c65a74e1

Request headers

Referer
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Tue, 27 Aug 2024 02:26:50 GMT
last-modified
Thu, 21 Mar 2024 17:28:34 GMT
server
nginx/1.21.6
x-server-cache
true
x-newfold-cache-level
2
content-type
image/png
cache-control
max-age=86400
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges
bytes
content-length
74531
expires
Tue, 27 Aug 2024 23:25:29 GMT
sms.png
vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/css/ 		592 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/css/sms.png
Requested by
Host: vgq.qjv.mybluehost.me
URL: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.227.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2407.bluehost.com
Software
Apache /
Resource Hash
7ae3034d6d7930ffe04915093a2cc90613fa3844a79e9cd5f86cedbc597bbd9b

Request headers

Referer
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 02:26:50 GMT
last-modified
Thu, 21 Mar 2024 17:28:34 GMT
server
Apache
x-newfold-cache-level
2
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
592
expires
Wed, 28 Aug 2024 02:26:50 GMT
mat.png
vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/mat.png
Requested by
Host: vgq.qjv.mybluehost.me
URL: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.227.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2407.bluehost.com
Software
Apache /
Resource Hash
0299943aa70863f3e9d2bc355578df5b658f97199b1e0a6c77d286d5b158cec1

Request headers

Referer
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 02:26:50 GMT
last-modified
Thu, 21 Mar 2024 17:28:34 GMT
server
Apache
x-newfold-cache-level
2
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
73776
expires
Wed, 28 Aug 2024 02:26:50 GMT
qr-code-mytim.png
risorse.tim.it/content/dam/caring-login/ 		13 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://risorse.tim.it/content/dam/caring-login/qr-code-mytim.png
Requested by
Host: vgq.qjv.mybluehost.me
URL: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.74.225.6 , Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
se-rm4-7.cdn.interbusiness.it
Software
Apache /
Resource Hash
f673c7be1f8c23f184eb30093e4e17f454e3576db7257ecb3198c550181c7efc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://vgq.qjv.mybluehost.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 02:18:12 GMT
strict-transport-security
max-age=31536000; preload
content-encoding
gzip
via
http/1.1 se-mi1-18.cdn.interbusiness.it (), http/1.1 se-rm4-7.cdn.interbusiness.it ()
age
518
content-length
6088
last-modified
Sun, 28 Jul 2024 02:13:33 GMT
server
Apache
etag
"32a0-61e454a9395bd-gzip"
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/png
vary
Origin
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
expires
Tue, 27 Aug 2024 02:40:20 GMT
app.png
vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/app.png
Requested by
Host: vgq.qjv.mybluehost.me
URL: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.227.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2407.bluehost.com
Software
Apache /
Resource Hash
e2d85c9fc310dabc3194fe7903fb5154eb8a1211bea01de21c902fee38659e5e

Request headers

Referer
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 02:26:50 GMT
last-modified
Thu, 21 Mar 2024 17:28:34 GMT
server
Apache
x-newfold-cache-level
2
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
4454
expires
Wed, 28 Aug 2024 02:26:50 GMT
play.png
vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/play.png
Requested by
Host: vgq.qjv.mybluehost.me
URL: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.227.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2407.bluehost.com
Software
Apache /
Resource Hash
c13127a197bfcf9b9389ac2d8bbbd44e945423f3b84b88e8ca1c1fc4066abeb3

Request headers

Referer
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 02:26:50 GMT
last-modified
Thu, 21 Mar 2024 17:28:34 GMT
server
Apache
x-newfold-cache-level
2
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
6414
expires
Wed, 28 Aug 2024 02:26:50 GMT
caring-login-banner-app.min.css
risorse.tim.it/etc.clientlibs/caring-login/clientlibs/1.0.69/ 		0
0
caring-login-cookie.min.css
risorse.tim.it/etc.clientlibs/caring-login/clientlibs/1.0.69/ 		0
0
clientlib-wcb.min.css
risorse.tim.it/etc.clientlibs/caring-login/clientlibs/1.0.69/ 		0
0
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c98f3c5f9421f8b30307d17a4c6c77aa583dbace4d69fd737d43acf336d52dc

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
TIMSans-Light.woff2
vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/font/tim-sans/TIMSans-Light/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/font/tim-sans/TIMSans-Light/TIMSans-Light.woff2
Requested by
Host: vgq.qjv.mybluehost.me
URL: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.227.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2407.bluehost.com
Software
Apache /
Resource Hash

Request headers

Referer
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/css/style.css
Origin
https://vgq.qjv.mybluehost.me
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 02:26:51 GMT
server
Apache
content-length
315
content-type
text/html; charset=iso-8859-1
TIMSans-Medium.woff2
vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/font/tim-sans/TIMSans-Medium/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/font/tim-sans/TIMSans-Medium/TIMSans-Medium.woff2
Requested by
Host: vgq.qjv.mybluehost.me
URL: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.227.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2407.bluehost.com
Software
Apache /
Resource Hash

Request headers

Referer
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/css/style.css
Origin
https://vgq.qjv.mybluehost.me
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 02:26:51 GMT
server
Apache
content-length
315
content-type
text/html; charset=iso-8859-1
id
dpm.demdex.net/ 		372 B
922 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1AD1154452F152C00A490D4C%40AdobeOrg&d_nsid=0&ts=1724725611318
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/launch-1e1113ae278e.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.215.66.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-66-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
24efe4fcbe12041de6201ef3f8b3df089613aa461a90dd5b942b231a7f157fdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://vgq.qjv.mybluehost.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-irl1-2-v065-0b320fe1c.edge-irl1.demdex.com 1 ms
pragma
no-cache
date
Tue, 27 Aug 2024 02:26:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
6o7pGSRaQxU=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://vgq.qjv.mybluehost.me
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
312
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP6989456eab6f4f618b15e82840ffd69b/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP6989456eab6f4f618b15e82840ffd69b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/launch-1e1113ae278e.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.16.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-231.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d8b202fcb71f89cc175a962403911ee3da6d9736dd79b4ae3f4d5b972400bee2

Request headers

Referer
https://vgq.qjv.mybluehost.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 02:26:51 GMT
content-encoding
gzip
last-modified
Wed, 17 Jul 2019 21:32:04 GMT
server
AkamaiNetStorage
etag
"fdc98c35f4bd77deab73aab133e4f8bd:1563399124"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://vgq.qjv.mybluehost.me
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
13098
expires
Tue, 27 Aug 2024 03:26:51 GMT
TIMSans-Medium.woff
vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/font/tim-sans/TIMSans-Medium/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/font/tim-sans/TIMSans-Medium/TIMSans-Medium.woff
Requested by
Host: vgq.qjv.mybluehost.me
URL: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.227.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2407.bluehost.com
Software
Apache /
Resource Hash

Request headers

Referer
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/css/style.css
Origin
https://vgq.qjv.mybluehost.me
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 02:26:51 GMT
server
Apache
content-length
315
content-type
text/html; charset=iso-8859-1
TIMSans-Light.woff
vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/font/tim-sans/TIMSans-Light/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/font/tim-sans/TIMSans-Light/TIMSans-Light.woff
Requested by
Host: vgq.qjv.mybluehost.me
URL: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.227.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2407.bluehost.com
Software
Apache /
Resource Hash

Request headers

Referer
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/css/style.css
Origin
https://vgq.qjv.mybluehost.me
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 02:26:51 GMT
server
Apache
content-length
315
content-type
text/html; charset=iso-8859-1
RC284720c4b7dd4a38b1a9ef8d1e5b337f-source.min.js
assets.adobedtm.com/1eecba5bc341/a1ad791924b5/e3019ec145f7/ 		316 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/e3019ec145f7/RC284720c4b7dd4a38b1a9ef8d1e5b337f-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/launch-1e1113ae278e.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.16.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-231.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5bebdcbd9f94951b7de0d18e2009ad9f7805dd06ffe2728113b82d6a16fb9971

Request headers

Referer
https://vgq.qjv.mybluehost.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 02:26:51 GMT
content-encoding
gzip
last-modified
Thu, 16 May 2024 07:49:48 GMT
server
AkamaiNetStorage
etag
"906d68dd45e061111a2e5b72293887e9:1715845788.954685"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://vgq.qjv.mybluehost.me
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
200
expires
Tue, 27 Aug 2024 03:26:51 GMT
embed.js
resources.digital-cloud.medallia.eu/wdceu/78556/onsite/ 		1 KB
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.digital-cloud.medallia.eu/wdceu/78556/onsite/embed.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/launch-1e1113ae278e.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.117.230 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3598ba407a625e5aa4723cc1b87eb7fbf333e001c735a3df03ff9b1189900135
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://vgq.qjv.mybluehost.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
FqnTE1_hsnoHG1.94YqS80fEQ8mUIE_a
content-encoding
gzip
via
1.1 varnish
date
Tue, 27 Aug 2024 02:26:51 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
KNNXZXDKEW9VGHSW
age
948547
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
528
x-amz-id-2
mtlT74lOQYn5dpaxMzcmZdsoBf9mMYDTc2UteO5FKiqyzn0PuiKpmASkqYtVcfzzCoqv4ro/xQs=
x-served-by
cache-fra-eddf8230153-FRA
last-modified
Mon, 12 Aug 2024 13:41:54 GMT
server
AmazonS3
x-timer
S1724725612.581572,VS0,VE0
etag
"4679370f5805d38eb6673c0dedad2fa5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
5
RC0f3b8492209f4093a6680e21b2ad33b4-source.min.js
assets.adobedtm.com/1eecba5bc341/a1ad791924b5/e3019ec145f7/ 		907 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/e3019ec145f7/RC0f3b8492209f4093a6680e21b2ad33b4-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/launch-1e1113ae278e.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.16.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-231.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9642c8cf4e09688f58f67e0b0fef231675cd28b28ecb86899310f30b25efb422

Request headers

Referer
https://vgq.qjv.mybluehost.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 02:26:51 GMT
content-encoding
gzip
last-modified
Thu, 16 May 2024 07:49:48 GMT
server
AkamaiNetStorage
etag
"906d68dd45e061111a2e5b72293887e9:1715845788.954685"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://vgq.qjv.mybluehost.me
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
382
expires
Tue, 27 Aug 2024 03:26:51 GMT
RCec0e107b214a4f73b359a943cd2ae887-source.min.js
assets.adobedtm.com/1eecba5bc341/a1ad791924b5/e3019ec145f7/ 		919 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/e3019ec145f7/RCec0e107b214a4f73b359a943cd2ae887-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/launch-1e1113ae278e.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.16.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-231.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ab86b8713311d8c41e65f1e77f06bff89f5df02dac2c73bcc239941a88bf2d3a

Request headers

Referer
https://vgq.qjv.mybluehost.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 02:26:51 GMT
content-encoding
gzip
last-modified
Thu, 16 May 2024 07:49:48 GMT
server
AkamaiNetStorage
etag
"906d68dd45e061111a2e5b72293887e9:1715845788.954685"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://vgq.qjv.mybluehost.me
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
383
expires
Tue, 27 Aug 2024 03:26:51 GMT
generic1723470113034.js
resources.digital-cloud.medallia.eu/wdceu/78556/onsite/ 		560 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.digital-cloud.medallia.eu/wdceu/78556/onsite/generic1723470113034.js
Requested by
Host: resources.digital-cloud.medallia.eu
URL: https://resources.digital-cloud.medallia.eu/wdceu/78556/onsite/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.117.230 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b80283aefbd8fdd80810666dd35dc435954352fe27649dc18ead66d55d05cdb
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://vgq.qjv.mybluehost.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
ifl3Aq7gjoGvkSjp8kv1.K5qJS0yT8at
content-encoding
gzip
via
1.1 varnish
date
Tue, 27 Aug 2024 02:26:51 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
DYS86RGJQ1JQDNQK
age
957233
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
94204
x-amz-id-2
EK4nUhMdwokjR3em/cXY2i8edTRSHaH3QgcdoLuKc5L13dwkKhA4IewVRHL/YZGwA4kD+3jrY+UHG1RmcTgXNt5hVd+Oj4BZ
x-served-by
cache-fra-eddf8230153-FRA
last-modified
Mon, 12 Aug 2024 13:41:54 GMT
server
AmazonS3
x-timer
S1724725612.655944,VS0,VE0
etag
"633387789784eb2afaecc16306aeac83"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
5
fav.ico
vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/css/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/css/fav.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.227.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2407.bluehost.com
Software
nginx/1.21.6 /
Resource Hash
90ebf40b3c70c3e990753e80c01d6f3d04d8f6e12f6e5f260148ad9a462e0f87

Request headers

Referer
https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/troidd.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 02:26:51 GMT
last-modified
Thu, 21 Mar 2024 17:28:34 GMT
server
nginx/1.21.6
x-server-cache
false
x-newfold-cache-level
2
content-type
image/x-icon
cache-control
max-age=31536000
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
15086
expires
Wed, 27 Aug 2025 02:26:51 GMT
events
analytics-fe.digital-cloud.medallia.eu/api/web/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://analytics-fe.digital-cloud.medallia.eu/api/web/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.180.60 , United States, ASN30109 (MEDALLIA-INC, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
charset,content-type,mec-integration-id
Access-Control-Request-Method
POST
Origin
https://vgq.qjv.mybluehost.me
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
charset, content-type, mec-integration-id
access-control-allow-methods
OPTIONS,GET,POST
access-control-allow-origin
https://vgq.qjv.mybluehost.me
access-control-max-age
1800
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
expires
0
pragma
no-cache
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
0
events
analytics-fe.digital-cloud.medallia.eu/api/web/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-fe.digital-cloud.medallia.eu/api/web/events
Requested by
Host: resources.digital-cloud.medallia.eu
URL: https://resources.digital-cloud.medallia.eu/wdceu/78556/onsite/generic1723470113034.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.180.60 , United States, ASN30109 (MEDALLIA-INC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

charset
UTF-8
Referer
https://vgq.qjv.mybluehost.me/
Mec-Integration-Id
tim-ger-medallia-eu-tim
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://vgq.qjv.mybluehost.me
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
0
expires
0
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI4LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiTXlUSU0iLCJwYWdlX3VybCI6ICJodHRwczovL3ZncS5xanYubXlibHVlaG9zdC5tZS9pdDt0aW0vVGltLWl0L3RpbS90cm9pZGQuaHRtbCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNzI0NzI1NjExNzUyIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMiwidXNlcl9pZCI6ICIxOTE5MWE4NGNkY2EwMy0wY2VhNDdmNTY4YWI5Yy0xZjQ2MmM2Zi0xZDRjMDAtMTkxOTFhODRjZGQ5ZCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC1ldSIsImFjY291bnRJZCI6IDc4NTU0LCJ1cmwiOiAiaHR0cHM6Ly92Z3EucWp2Lm15Ymx1ZWhvc3QubWUvaXQ7dGltL1RpbS1pdC90aW0vdHJvaWRkLmh0bWwiLCJ3ZWJzaXRlSWQiOiA3ODU1NiwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiZmEzZC1jNzg3LTgxZjMtMmE3ZS00YjhhLTQ2YjktOTE0MS1mNGEwIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE3MjQ3MjU2MTE3NTAiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogMzI5LCJrYW1weWxlX3ZlcnNpb24iOiAiMi41NS4xIiwib25zaXRlX3ZlcnNpb24iOiAiMi41NS4xIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNzI0NzI1NjExNzUyLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vgq.qjv.mybluehost.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-99cg
date
Tue, 27 Aug 2024 02:26:52 GMT
via
1.1 google
alt-svc
clear
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
dest5.html
telecomitalia.demdex.net/ Frame 3719 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://telecomitalia.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/launch-1e1113ae278e.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.228.154.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-154-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://vgq.qjv.mybluehost.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 27 Aug 2024 02:26:52 GMT
dcs
dcs-prod-irl1-1-v065-034528526.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 19 Aug 2024 11:56:33 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
4MkArty/Reo=
ibs:dpid=411&dpuuid=Zs05bAAAAMjR0gOV
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=71466626275393065421459196781271807951
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zs05bAAAAMjR0gOV
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zs05bAAAAMjR0gOV
Protocol
H2
Server
52.215.66.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-66-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://vgq.qjv.mybluehost.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v065-00d999af9.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Tue, 27 Aug 2024 02:26:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
2IMfhpNaQow=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zs05bAAAAMjR0gOV
Date
Tue, 27 Aug 2024 02:26:52 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
risorse.tim.it
URL
https://risorse.tim.it/etc.clientlibs/caring-login/clientlibs/1.0.69/caring-login-banner-app.min.css
Domain
risorse.tim.it
URL
https://risorse.tim.it/etc.clientlibs/caring-login/clientlibs/1.0.69/caring-login-cookie.min.css
Domain
risorse.tim.it
URL
https://risorse.tim.it/etc.clientlibs/caring-login/clientlibs/1.0.69/clientlib-wcb.min.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telecom Italia (Telecommunication)

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| adformProvider object| targetGlobalSettings object| rtdmProviderTarget object| initSite object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq boolean| isLoggedIn object| KAMPYLE_EMBED object| _c_medallia object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata object| kampyle boolean| dxa_digital_listener_disabled object| _da_readyArray

10 Cookies

Domain/Path Name / Value
.mybluehost.me/ Name: at_check
Value: true
vgq.qjv.mybluehost.me/ Name: mdLogger
Value: false
vgq.qjv.mybluehost.me/ Name: kampyle_userid
Value: fa3d-c787-81f3-2a7e-4b8a-46b9-9141-f4a0
vgq.qjv.mybluehost.me/ Name: kampyleUserSession
Value: 1724725611750
vgq.qjv.mybluehost.me/ Name: kampyleUserSessionsCount
Value: 1
vgq.qjv.mybluehost.me/ Name: kampyleSessionPageCounter
Value: 1
.demdex.net/ Name: demdex
Value: 71466626275393065421459196781271807951
.mybluehost.me/ Name: AMCVS_1AD1154452F152C00A490D4C%40AdobeOrg
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 71466626275393065421459196781271807951
.mybluehost.me/ Name: AMCV_1AD1154452F152C00A490D4C%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19963%7CMCMID%7C79499397583442793791818834540182809266%7CMCAAMLH-1725330411%7C6%7CMCAAMB-1725330411%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1724732811s%7CNONE%7CMCSYNCSOP%7C411-19970%7CvVersion%7C5.5.0

4 Console Messages

Source Level URL
Text
network error URL: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/font/tim-sans/TIMSans-Medium/TIMSans-Medium.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/font/tim-sans/TIMSans-Light/TIMSans-Light.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/font/tim-sans/TIMSans-Light/TIMSans-Light.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://vgq.qjv.mybluehost.me/it;tim/Tim-it/tim/font/tim-sans/TIMSans-Medium/TIMSans-Medium.woff
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics-fe.digital-cloud.medallia.eu
assets.adobedtm.com
cm.everesttech.net
dpm.demdex.net
resources.digital-cloud.medallia.eu
risorse.tim.it
telecomitalia.demdex.net
udc-neb.kampyle.com
vgq.qjv.mybluehost.me
risorse.tim.it
146.75.117.230
147.75.180.60
184.30.16.231
35.241.45.82
50.87.227.169
52.212.226.55
52.215.66.230
54.228.154.232
81.74.225.6
0299943aa70863f3e9d2bc355578df5b658f97199b1e0a6c77d286d5b158cec1
0b80283aefbd8fdd80810666dd35dc435954352fe27649dc18ead66d55d05cdb
24efe4fcbe12041de6201ef3f8b3df089613aa461a90dd5b942b231a7f157fdb
3598ba407a625e5aa4723cc1b87eb7fbf333e001c735a3df03ff9b1189900135
486dc28c944345b6c425f45634c495a8e60edf6c76545a4b4365a866133c647c
5714f341ed24371158626a5e8d7c6c1a9504319d3425a235f2b2b478c65a74e1
5bebdcbd9f94951b7de0d18e2009ad9f7805dd06ffe2728113b82d6a16fb9971
7ae3034d6d7930ffe04915093a2cc90613fa3844a79e9cd5f86cedbc597bbd9b
869c92af5e64d7f073c7465214e6833a2ac0028579a665bdf848f8f772b00f50
90ebf40b3c70c3e990753e80c01d6f3d04d8f6e12f6e5f260148ad9a462e0f87
9642c8cf4e09688f58f67e0b0fef231675cd28b28ecb86899310f30b25efb422
9c98f3c5f9421f8b30307d17a4c6c77aa583dbace4d69fd737d43acf336d52dc
ab86b8713311d8c41e65f1e77f06bff89f5df02dac2c73bcc239941a88bf2d3a
bb462a24eef290bb508dfd155c8d94e5220b203109f6574184723f9ea252f9e9
c13127a197bfcf9b9389ac2d8bbbd44e945423f3b84b88e8ca1c1fc4066abeb3
cd657a94e4f36d8e4bb5f4744d83773a2870425f3b7982cfa66314bc2d1a792e
d8b202fcb71f89cc175a962403911ee3da6d9736dd79b4ae3f4d5b972400bee2
e2d85c9fc310dabc3194fe7903fb5154eb8a1211bea01de21c902fee38659e5e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecaa1db11a567e93b32edf81b1b8df62ce1ba679c33bfd4520c25b3615620f97
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f673c7be1f8c23f184eb30093e4e17f454e3576db7257ecb3198c550181c7efc