bernardoballester.com Open in urlscan Pro
213.158.93.12 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ppt.cc/fKptwx
Effective URL:
https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmS...
Submission: On July 11 via manual (July 11th 2024, 3:01:26 pm UTC) from GB — Scanned from GB

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 4 countries across 5 domains to perform 26 HTTP transactions. The main IP is 213.158.93.12, located in Italy and belongs to COMBELL-AS, BE. The main domain is bernardoballester.com.
TLS certificate: Issued by R11 on July 9th 2024. Valid for: 3 months.

This is the only time bernardoballester.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Hermes (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	59.120.118.168 59.120.118.168	3462 (HINET Dat...) (HINET Data Communication Business Group)
2 2	204.44.192.34 204.44.192.34	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
2 2	216.218.206.61 216.218.206.61	6939 (HURRICANE) (HURRICANE)
2 2	66.165.234.210 66.165.234.210	29802 (HVC-AS) (HVC-AS)
2 28	213.158.93.12 213.158.93.12	34762 (COMBELL-AS) (COMBELL-AS)
26	1

1 59.120.118.168 (Kaohsiung City, Taiwan) 1 redirects

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 59-120-118-168.hinet-ip.hinet.net

ppt.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.44.192.34 (Canada) 2 redirects

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: s119.servername.online

aim-projects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.218.206.61 (Cazadero, United States) 2 redirects

ASN6939 (HURRICANE, US)
PTR: fmt14.web.com.ph

leitzgo.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.165.234.210 (New York, United States) 2 redirects

ASN29802 (HVC-AS, US)
PTR: guarani.lineadns.com

www.aaa.org.uy	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 213.158.93.12 (Italy) 2 redirects

ASN34762 (COMBELL-AS, BE)
PTR: 213.158.93.12.static.teamblue-ops.net

bernardoballester.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	bernardoballester.com 2 redirects bernardoballester.com	613 KB
2	aaa.org.uy 2 redirects www.aaa.org.uy	622 B
2	leitzgo.ph 2 redirects leitzgo.ph	703 B
2	aim-projects.com 2 redirects aim-projects.com	553 B
1	ppt.cc 1 redirects ppt.cc	320 B
26	5

	Domain	Requested by
28	bernardoballester.com	2 redirects bernardoballester.com
2	www.aaa.org.uy	2 redirects
2	leitzgo.ph	2 redirects
2	aim-projects.com	2 redirects
1	ppt.cc	1 redirects
26	5

This site contains no links.

Subject Issuer	Validity	Valid
bernardoballester.com R11	`2024-07-09` - `2024-10-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4
Frame ID: 5D8CEE7EC04F08423CCDA1AE9B5F3F96
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Parcel Tracking UK | Track My Parcel | Evri

Page URL History Show full URLs

https://ppt.cc/fKptwx HTTP 302
https://aim-projects.com/block HTTP 301
https://aim-projects.com/block/ HTTP 302
https://leitzgo.ph/assets/block HTTP 301
https://leitzgo.ph/assets/block/ HTTP 302
https://www.aaa.org.uy/wp-includes/blocks/re HTTP 301
https://www.aaa.org.uy/wp-includes/blocks/re/ HTTP 302
https://bernardoballester.com/nu/evri HTTP 301
http://bernardoballester.com/nu/evri/ HTTP 307
https://bernardoballester.com/nu/evri/ HTTP 302
https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl1... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*id="__nuxt"

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

1
IPs

4
Countries

613 kB
Transfer

787 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ppt.cc/fKptwx HTTP 302
https://aim-projects.com/block HTTP 301
https://aim-projects.com/block/ HTTP 302
https://leitzgo.ph/assets/block HTTP 301
https://leitzgo.ph/assets/block/ HTTP 302
https://www.aaa.org.uy/wp-includes/blocks/re HTTP 301
https://www.aaa.org.uy/wp-includes/blocks/re/ HTTP 302
https://bernardoballester.com/nu/evri HTTP 301
http://bernardoballester.com/nu/evri/ HTTP 307
https://bernardoballester.com/nu/evri/ HTTP 302
https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request evPostcode.php Show response bernardoballester.com/nu/evri/ Redirect Chain https://ppt.cc/fKptwx https://aim-projects.com/block https://aim-projects.com/block/ https://leitzgo.ph/assets/block https://leitzgo.ph/assets/block/ https://www.aaa.org.uy/wp-includes/blocks/re https://www.aaa.org.uy/wp-includes/blocks/re/ https://bernardoballester.com/nu/evri http://bernardoballester.com/nu/evri/ https://bernardoballester.com/nu/evri/ https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60Gt...	86 KB 18 KB	39ms 38ms	Document text/html	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `fb80823e63872a7b009f31f8151f0e1709a6dab4fd1064b67286907af6d38476` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers cache-control no-store, no-cache, must-revalidate content-encoding br content-type text/html; charset=UTF-8 date Thu, 11 Jul 2024 15:01:16 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx Redirect headers cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 date Thu, 11 Jul 2024 15:01:16 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 pragma no-cache server nginx
GET H2	200	c2077bd.css bernardoballester.com/nu/evri/evv_assetz/css/	43 KB 8 KB	42ms 38ms	Stylesheet text/css	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://bernardoballester.com/nu/evri/evv_assetz/css/c2077bd.css Requested by Host: bernardoballester.com URL: https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `ce6a1a1065dd43f61036e4df46e4c48ec93a64929f6f2906d8a51104921dfd9e` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-acea" content-type text/css
GET H2	200	6711dc2.css bernardoballester.com/nu/evri/evv_assetz/css/	21 KB 4 KB	42ms 38ms	Stylesheet text/css	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://bernardoballester.com/nu/evri/evv_assetz/css/6711dc2.css Requested by Host: bernardoballester.com URL: https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `1e96dc039f74cd11bf5098a94bb5bf1476aa53d0653254da8d4062e2bb3aa4c9` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-549f" content-type text/css
GET H2	200	24c52d8.css bernardoballester.com/nu/evri/evv_assetz/css/	1 KB 686 B	46ms 42ms	Stylesheet text/css	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://bernardoballester.com/nu/evri/evv_assetz/css/24c52d8.css Requested by Host: bernardoballester.com URL: https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `68bfa84654289be09858a11e3aa032af1e48a31f3c2aeaff65a777130b573ba9` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-571" content-type text/css
GET H2	200	4ded54c.css bernardoballester.com/nu/evri/evv_assetz/css/	3 KB 1 KB	46ms 42ms	Stylesheet text/css	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://bernardoballester.com/nu/evri/evv_assetz/css/4ded54c.css Requested by Host: bernardoballester.com URL: https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `38159f6cbad6a5fe64ab38c7ccd2698810d77141378d6f617da357c41fadce7f` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-b77" content-type text/css
GET H2	200	e1ff434.css bernardoballester.com/nu/evri/evv_assetz/css/	8 KB 2 KB	47ms 44ms	Stylesheet text/css	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://bernardoballester.com/nu/evri/evv_assetz/css/e1ff434.css Requested by Host: bernardoballester.com URL: https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `7f841ee26c544975d1d31f87ecbf2995c888b3f1ee7aed213a09bffd6818f1fd` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-1e12" content-type text/css
GET H2	200	5384f4c.css bernardoballester.com/nu/evri/evv_assetz/css/	3 KB 1017 B	66ms 63ms	Stylesheet text/css	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://bernardoballester.com/nu/evri/evv_assetz/css/5384f4c.css Requested by Host: bernardoballester.com URL: https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `154373ff1eeba51fdb467428c9cf2d3e968ee102408c786e41ff01114fbf1f48` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-d3e" content-type text/css
GET H2	200	2fa3c1e.css bernardoballester.com/nu/evri/evv_assetz/css/	5 KB 1 KB	66ms 63ms	Stylesheet text/css	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://bernardoballester.com/nu/evri/evv_assetz/css/2fa3c1e.css Requested by Host: bernardoballester.com URL: https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `349105090787437ba498fdfb21c48559b3834461bfff8282fbe2b0f278452c66` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-121b" content-type text/css
GET H2	200	6b5e13a.css bernardoballester.com/nu/evri/evv_assetz/css/	4 KB 1 KB	65ms 62ms	Stylesheet text/css	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://bernardoballester.com/nu/evri/evv_assetz/css/6b5e13a.css Requested by Host: bernardoballester.com URL: https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `26732190d7470ef90f27f0b4dddb5f9fd9e82c5c6aae6a233108383cc4c87f5f` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-110c" content-type text/css
GET H2	200	3e3d0a7.css bernardoballester.com/nu/evri/evv_assetz/css/	5 KB 1 KB	80ms 78ms	Stylesheet text/css	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://bernardoballester.com/nu/evri/evv_assetz/css/3e3d0a7.css Requested by Host: bernardoballester.com URL: https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `c9ce5009171219035a75d24a565f1e3dbf5fe9a54823e4620779f9d5de76fdb5` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-13bf" content-type text/css
GET H2	200	0fba873.css bernardoballester.com/nu/evri/evv_assetz/css/	2 KB 660 B	82ms 79ms	Stylesheet text/css	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://bernardoballester.com/nu/evri/evv_assetz/css/0fba873.css Requested by Host: bernardoballester.com URL: https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `fc5353130a076a7ab678bdbc213fa9c539e4c9ab4be1e19fc284f55a08209723` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-7c4" content-type text/css
GET H2	200	2fa3c1e(1).css bernardoballester.com/nu/evri/evv_assetz/css/	5 KB 1 KB	80ms 78ms	Stylesheet text/css	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://bernardoballester.com/nu/evri/evv_assetz/css/2fa3c1e(1).css Requested by Host: bernardoballester.com URL: https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `349105090787437ba498fdfb21c48559b3834461bfff8282fbe2b0f278452c66` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-121b" content-type text/css
GET H2	200	6b5e13a(1).css bernardoballester.com/nu/evri/evv_assetz/css/	4 KB 1 KB	81ms 79ms	Stylesheet text/css	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://bernardoballester.com/nu/evri/evv_assetz/css/6b5e13a(1).css Requested by Host: bernardoballester.com URL: https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `26732190d7470ef90f27f0b4dddb5f9fd9e82c5c6aae6a233108383cc4c87f5f` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-110c" content-type text/css
GET H2	200	3e3d0a7(1).css bernardoballester.com/nu/evri/evv_assetz/css/	5 KB 1 KB	82ms 81ms	Stylesheet text/css	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://bernardoballester.com/nu/evri/evv_assetz/css/3e3d0a7(1).css Requested by Host: bernardoballester.com URL: https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `c9ce5009171219035a75d24a565f1e3dbf5fe9a54823e4620779f9d5de76fdb5` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-13bf" content-type text/css
GET H2	200	0fba873(1).css bernardoballester.com/nu/evri/evv_assetz/css/	2 KB 660 B	82ms 81ms	Stylesheet text/css	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://bernardoballester.com/nu/evri/evv_assetz/css/0fba873(1).css Requested by Host: bernardoballester.com URL: https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `fc5353130a076a7ab678bdbc213fa9c539e4c9ab4be1e19fc284f55a08209723` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-7c4" content-type text/css
GET H2	200	7dccfde.css bernardoballester.com/nu/evri/evv_assetz/css/	10 KB 2 KB	83ms 81ms	Stylesheet text/css	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://bernardoballester.com/nu/evri/evv_assetz/css/7dccfde.css Requested by Host: bernardoballester.com URL: https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `63cdd20cbfcac91ad58c1a088889d0bd80970a7e5d15b7fd1894c2ee0ffcd782` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-272a" content-type text/css
GET H2	200	poppins-semibold-webfont.392d12d.woff2 bernardoballester.com/nu/evri/evv_assetz/fonts/	19 KB 20 KB	102ms 101ms	Font font/woff2	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://bernardoballester.com/nu/evri/evv_assetz/fonts/poppins-semibold-webfont.392d12d.woff2 Requested by Host: bernardoballester.com URL: https://bernardoballester.com/nu/evri/evv_assetz/css/c2077bd.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `067b66273ba2a156d2f6ca5529e4aeb9949408e47e06bd2d38e2093edc3bbab1` Request headers Referer https://bernardoballester.com/nu/evri/evv_assetz/css/c2077bd.css Origin https://bernardoballester.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-4d74" content-type font/woff2
GET H2	200	poppins-regular-webfont.7930357.woff2 bernardoballester.com/nu/evri/evv_assetz/fonts/	19 KB 19 KB	102ms 102ms	Font font/woff2	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://bernardoballester.com/nu/evri/evv_assetz/fonts/poppins-regular-webfont.7930357.woff2 Requested by Host: bernardoballester.com URL: https://bernardoballester.com/nu/evri/evv_assetz/css/c2077bd.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `5805b5c786e9d2a4ef962597ae6f2ad133b015b182ab5ff0747e1ae373a20c26` Request headers Referer https://bernardoballester.com/nu/evri/evv_assetz/css/c2077bd.css Origin https://bernardoballester.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-4cd0" content-type font/woff2
GET H2	200	d9d833c5-7e4f-479f-bf68-52d33b648f94_track-landing.svg bernardoballester.com/nu/evri/evv_assetz/img/	7 KB 4 KB	96ms 95ms	Image image/svg+xml	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bernardoballester.com/nu/evri/evv_assetz/img/d9d833c5-7e4f-479f-bf68-52d33b648f94_track-landing.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `c2cb70ff9dbbd78f4573e51c58643faf642eae63ee2bb8ef525c29053647bab7` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-1d8d" content-type image/svg+xml
GET H2	200	04410bfb-dbe7-4036-8ac9-9795932c4fbe_my-places.svg bernardoballester.com/nu/evri/evv_assetz/img/	2 KB 893 B	118ms 117ms	Image image/svg+xml	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bernardoballester.com/nu/evri/evv_assetz/img/04410bfb-dbe7-4036-8ac9-9795932c4fbe_my-places.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `1e1aeafacba1cc56db1719fb59ff474a17c92a25431dec9151476012a0f6b96b` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-69e" content-type image/svg+xml
GET H2	200	c617b390-f0c4-46b4-80de-91649bd81367_divert-your-parcel.svg bernardoballester.com/nu/evri/evv_assetz/img/	11 KB 5 KB	119ms 117ms	Image image/svg+xml	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bernardoballester.com/nu/evri/evv_assetz/img/c617b390-f0c4-46b4-80de-91649bd81367_divert-your-parcel.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `d8821e1bad4d7e8a329e2decb9229740b8e9446d8362063c629e55b9733b8490` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-2b36" content-type image/svg+xml
GET H2	200	0966996d-ba7a-4c24-a313-0a1671b3fb5a_need-help-tracking.svg bernardoballester.com/nu/evri/evv_assetz/img/	2 KB 1 KB	119ms 118ms	Image image/svg+xml	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bernardoballester.com/nu/evri/evv_assetz/img/0966996d-ba7a-4c24-a313-0a1671b3fb5a_need-help-tracking.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `e290bdbff0b796f7f57499534d28ffb583fe6f8c6e45f56b3ce3da7244976275` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-756" content-type image/svg+xml
GET H2	200	9c7da113-f365-4237-a354-013bc51f4942_courier+holding+parcels+whole+walking+down+street.jpg bernardoballester.com/nu/evri/evv_assetz/img/	140 KB 140 KB	119ms 118ms	Image image/jpeg	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bernardoballester.com/nu/evri/evv_assetz/img/9c7da113-f365-4237-a354-013bc51f4942_courier+holding+parcels+whole+walking+down+street.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `b098fd9c15a65107f902f2992c277043b866eb2402880c8ca5837eb4f870a25b` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx accept-ranges bytes etag "668fba57-22f2a" content-length 143146 content-type image/jpeg
GET H2	200	070fb904-68fe-40d8-a7c0-88e1b3e33e2f_Customer+using+app.jpg bernardoballester.com/nu/evri/evv_assetz/img/	213 KB 213 KB	178ms 177ms	Image image/jpeg	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bernardoballester.com/nu/evri/evv_assetz/img/070fb904-68fe-40d8-a7c0-88e1b3e33e2f_Customer+using+app.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `0f23068adfcb216dd91d3f94e19eb86652afd5a8a31e0d47b77b944993e9ec54` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx accept-ranges bytes etag "668fba57-35459" content-length 218201 content-type image/jpeg
GET H2	200	0a4cb457-32eb-4ca9-bc8c-7e73bae98e53_courier+scanning+parcel+with+smartphone+outdoors.jpg bernardoballester.com/nu/evri/evv_assetz/img/	163 KB 164 KB	188ms 187ms	Image image/jpeg	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bernardoballester.com/nu/evri/evv_assetz/img/0a4cb457-32eb-4ca9-bc8c-7e73bae98e53_courier+scanning+parcel+with+smartphone+outdoors.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `06e065bab5a4cb362d4d00864f36088f0053b372598f7a7ad7edbad73712112f` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx accept-ranges bytes etag "668fba57-28d61" content-length 167265 content-type image/jpeg
GET H2	200	favicon.ico bernardoballester.com/nu/evri/evv_assetz/img/	4 KB 1 KB	187ms 186ms	Other image/x-icon	213.158.93.12 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://bernardoballester.com/nu/evri/evv_assetz/img/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.158.93.12 , Italy, ASN34762 (COMBELL-AS, BE), Reverse DNS 213.158.93.12.static.teamblue-ops.net Software nginx / Resource Hash `ffb81e3b15f8ac3722236fb7793dc196c9e7ad850904d98b9c874aa61d9aab84` Request headers Referer https://bernardoballester.com/nu/evri/evPostcode.php?sslchannel=true&sessionid=oZkHbEqvFaaXQ9ErVhJsV3jecl12VyG7yBxbS9Bn8H0DPmStk9pPY1OX7oTM8oQZbBfHd39f0l5oDU4VADwcv9EP1sIQYCg1i2VGfFDS0lKVmJ0yPZ60GtiwghBJywV2B4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:01:16 GMT content-encoding br last-modified Thu, 11 Jul 2024 10:56:23 GMT server nginx etag W/"668fba57-10be" content-type image/x-icon

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Hermes (Transportation)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ppt.cc/	1969-12-31 23:59:59	Name: PHPSESSID Value: qis584ng25knmf9qeko5sg16r0
aim-projects.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 70dde005b92d10ac88a496e5b1702c3d
leitzgo.ph/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8566193fd52a77ab125ec3d06a2a90eb
www.aaa.org.uy/	1969-12-31 23:59:59	Name: PHPSESSID Value: e250cc7f210152e4cc489721170d4459
bernardoballester.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: v526109v54aon5mrtnoegq6100

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aim-projects.com
bernardoballester.com
leitzgo.ph
ppt.cc
www.aaa.org.uy
204.44.192.34
213.158.93.12
216.218.206.61
59.120.118.168
66.165.234.210
067b66273ba2a156d2f6ca5529e4aeb9949408e47e06bd2d38e2093edc3bbab1
06e065bab5a4cb362d4d00864f36088f0053b372598f7a7ad7edbad73712112f
0f23068adfcb216dd91d3f94e19eb86652afd5a8a31e0d47b77b944993e9ec54
154373ff1eeba51fdb467428c9cf2d3e968ee102408c786e41ff01114fbf1f48
1e1aeafacba1cc56db1719fb59ff474a17c92a25431dec9151476012a0f6b96b
1e96dc039f74cd11bf5098a94bb5bf1476aa53d0653254da8d4062e2bb3aa4c9
26732190d7470ef90f27f0b4dddb5f9fd9e82c5c6aae6a233108383cc4c87f5f
349105090787437ba498fdfb21c48559b3834461bfff8282fbe2b0f278452c66
38159f6cbad6a5fe64ab38c7ccd2698810d77141378d6f617da357c41fadce7f
5805b5c786e9d2a4ef962597ae6f2ad133b015b182ab5ff0747e1ae373a20c26
63cdd20cbfcac91ad58c1a088889d0bd80970a7e5d15b7fd1894c2ee0ffcd782
68bfa84654289be09858a11e3aa032af1e48a31f3c2aeaff65a777130b573ba9
7f841ee26c544975d1d31f87ecbf2995c888b3f1ee7aed213a09bffd6818f1fd
b098fd9c15a65107f902f2992c277043b866eb2402880c8ca5837eb4f870a25b
c2cb70ff9dbbd78f4573e51c58643faf642eae63ee2bb8ef525c29053647bab7
c9ce5009171219035a75d24a565f1e3dbf5fe9a54823e4620779f9d5de76fdb5
ce6a1a1065dd43f61036e4df46e4c48ec93a64929f6f2906d8a51104921dfd9e
d8821e1bad4d7e8a329e2decb9229740b8e9446d8362063c629e55b9733b8490
e290bdbff0b796f7f57499534d28ffb583fe6f8c6e45f56b3ce3da7244976275
fb80823e63872a7b009f31f8151f0e1709a6dab4fd1064b67286907af6d38476
fc5353130a076a7ab678bdbc213fa9c539e4c9ab4be1e19fc284f55a08209723
ffb81e3b15f8ac3722236fb7793dc196c9e7ad850904d98b9c874aa61d9aab84

bernardoballester.com Open in urlscan Pro 213.158.93.12 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

1 IPs

4 Countries

613 kBTransfer

787 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

bernardoballester.com Open in urlscan Pro
213.158.93.12 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

1
IPs

4
Countries

613 kB
Transfer

787 kB
Size

5
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!