thespiritualtransformation.com Open in urlscan Pro
192.185.41.254 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3Fb9f8F
Effective URL:
https://thespiritualtransformation.com/
Submission: On November 12 via automatic, source phishtank (November 12th 2021, 10:11:39 am UTC) — Scanned from DE

Summary HTTP 21 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 21 HTTP transactions. The main IP is 192.185.41.254, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is thespiritualtransformation.com.
TLS certificate: Issued by R3 on October 3rd 2021. Valid for: 3 months.

This is the only time thespiritualtransformation.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banca Monte dei Paschi (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1	192.185.41.254 192.185.41.254	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
8	81.26.195.203 81.26.195.203	13018 (Banca Mon...) (Banca Monte Dei Paschi Di Siena)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.158.223.247 35.158.223.247	16509 (AMAZON-02) (AMAZON-02)
6	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 ^_^) (CDN77 ^_^)
21	7

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.185.41.254 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: tex-care.net

thespiritualtransformation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 81.26.195.203 (Italy)

ASN13018 (Banca Monte Dei Paschi Di Siena, IT)
PTR: digital.mps.it

digital.mps.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

www.smartsuppchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.223.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-223-247.eu-central-1.compute.amazonaws.com

bootstrap.smartsuppchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

widget-v2.smartsuppcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	mps.it digital.mps.it	48 KB
6	smartsuppcdn.com widget-v2.smartsuppcdn.com	217 KB
2	smartsuppchat.com www.smartsuppchat.com bootstrap.smartsuppchat.com	8 KB
1	jquery.com code.jquery.com	33 KB
1	thespiritualtransformation.com thespiritualtransformation.com	41 KB
1	bit.ly 1 redirects bit.ly	258 B
21	6

	Domain	Requested by
8	digital.mps.it	thespiritualtransformation.com digital.mps.it
6	widget-v2.smartsuppcdn.com	www.smartsuppchat.com widget-v2.smartsuppcdn.com
1	bootstrap.smartsuppchat.com	www.smartsuppchat.com
1	www.smartsuppchat.com	thespiritualtransformation.com
1	code.jquery.com	thespiritualtransformation.com
1	thespiritualtransformation.com
1	bit.ly	1 redirects
21	7

This site contains links to these domains. Also see Links.

Domain
aziendaonline.mps.it
ib.mps.it
www.cartetitolari.mps.it
www.carteaziende.mps.it
www.mpshop.mps.it
www.mps.it

Subject Issuer	Validity	Valid
thespiritualtransformation.com R3	`2021-10-03` - `2022-01-01`	3 months	crt.sh
digital.mps.it Sectigo RSA Extended Validation Secure Server CA	`2020-03-25` - `2022-04-27`	2 years	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.smartsuppchat.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-12-02` - `2021-12-30`	a year	crt.sh
*.smartsuppcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-12-04`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://thespiritualtransformation.com/
Frame ID: 8FC60E6C272184A185C0B4B5EBE37DC9
Requests: 15 HTTP requests in this frame

Frame: https://digital.mps.it/login.html
Frame ID: 7E26035AC1B80B4CA452A760DAF8C4E0
Requests: 1 HTTP requests in this frame

Frame: https://widget-v2.smartsuppcdn.com/static/js/runtime-main.a0d61be9.js
Frame ID: 61AEA8FEEECEA293C14E1BB611900D60
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Banca MPS

Page URL History Show full URLs

https://bit.ly/3Fb9f8F HTTP 301
https://thespiritualtransformation.com/ Page URL

Page Statistics

21
Requests

86 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

346 kB
Transfer

1164 kB
Size

3
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://aziendaonline.mps.it/
Title: PASKEY AZIENDAONLINE Corporate banking

Search URL Search Domain Scan URL

URL: https://aziendaonline.mps.it/tesorerie
Title: PASKEY TESORERIA ONLINE E TRIBUNALI ONLINE Enti e istituzioni

Search URL Search Domain Scan URL

URL: https://ib.mps.it/web/ib/login
Title: PASKEY INTERNET BANKING Vecchia piattaforma

Search URL Search Domain Scan URL

URL: https://www.cartetitolari.mps.it/portaleTitolari/titolari.html
Title: PORTALE CARTA MONTEPASCHI TITOLARI

Search URL Search Domain Scan URL

URL: https://www.carteaziende.mps.it/portal/server.pt
Title: PORTALE CARTA MONTEPASCHI AZIENDE

Search URL Search Domain Scan URL

URL: https://www.mpshop.mps.it/portal/server.pt
Title: PORTALE ESERCENTI

Search URL Search Domain Scan URL

URL: https://www.mps.it/carte-pos/Pagine/saldo-carte-prepagate.aspx
Title: SALDO CARTA PREPAGATA

Search URL Search Domain Scan URL

URL: https://www.mps.it/sicurezza/Pagine/default.aspx
Title: DIFENDITI DALLE TRUFFE

Search URL Search Domain Scan URL

URL: https://ib.mps.it/
Title: HAI BISOGNO DI AIUTO?

Search URL Search Domain Scan URL

URL: https://www.mps.it/informazioni-legali/Pagine/default.aspx
Title: Banca Monte dei Paschi di Siena S.p.A. GRUPPO IVA MPS - Partita IVA 01483500524

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3Fb9f8F HTTP 301
https://thespiritualtransformation.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
thespiritualtransformation.com/
Redirect Chain

https://bit.ly/3Fb9f8F
https://thespiritualtransformation.com/

181 KB
41 KB

477ms
188ms

Document
text/html

192.185.41.254
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://thespiritualtransformation.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.41.254 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

tex-care.net

Software

Apache /

Resource Hash

fbada2455fee9aca709cc4d9fc879bca09ae9df11ea93a39b0b9783277f43c40

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 12 Nov 2021 10:11:35 GMT
server: Apache
content-type: text/html
last-modified: Wed, 11 Nov 2020 06:10:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-server-cache: false

Redirect headers

server: nginx
date: Fri, 12 Nov 2021 10:11:34 GMT
content-type: text/html; charset=utf-8
content-length: 126
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://thespiritualtransformation.com/
referrer-policy: unsafe-url
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK w.login.digitalBanking.min.css
digital.mps.it/cmn/assets/css/catalogo/ 47 KB
11 KB 223ms
39ms Stylesheet
text/css 81.26.195.203
Banca Monte Dei P...

General

Check archive.org

Show headers Download Go to

Full URL

https://digital.mps.it/cmn/assets/css/catalogo/w.login.digitalBanking.min.css?vers=1131606

Requested by

Host: thespiritualtransformation.com
URL: https://thespiritualtransformation.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.26.195.203 , Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),

Reverse DNS

digital.mps.it

Software

Resource Hash

7b487c27e8f58205e6365f7eb2201d9b33c0708ce8580abdce450e3be84e9fdb

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com https://zncveh3lu3fyce1re-mps.siteintercept.qualtrics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thespiritualtransformation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 10:11:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
X-Original-Content-Length: 47636
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 9604
X-Xss-Protection: 1; mode=block
Access-Control-Allow-Headers: Content-Type
Last-Modified: Tue, 28 Sep 2021 13:06:00 GMT
X-Frame-Options: SAMEORIGIN
Etag: W/"PSA-FVzCgDKGRW"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=2592000
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com https://zncveh3lu3fyce1re-mps.siteintercept.qualtrics.com;
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Expires: Sun, 12 Dec 2021 09:41:41 GMT

GET
H2 200 jquery-latest.min.js Show response
code.jquery.com/ 94 KB
33 KB 62ms
23ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-latest.min.js
Requested by: Host: thespiritualtransformation.com
URL: https://thespiritualtransformation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thespiritualtransformation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 10:11:35 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1762a"
vary: Accept-Encoding
x-hw: 1636711895.dop203.ml1.t,1636711895.cds220.ml1.hn,1636711895.cds209.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33202

GET
H/1.1 200
OK jquery-ext.js Show response
digital.mps.it/cmn/assets/js/ 25 KB
11 KB 222ms
38ms Script
text/javascript 81.26.195.203
Banca Monte Dei P...

General

Check archive.org

Show headers Download Go to

Full URL

https://digital.mps.it/cmn/assets/js/jquery-ext.js?vers=1131606

Requested by

Host: thespiritualtransformation.com
URL: https://thespiritualtransformation.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.26.195.203 , Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),

Reverse DNS

digital.mps.it

Software

Resource Hash

4cc5538409245f39f02560f6819be202d962c4dc0920ed4d8004571e1af8faa4

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com https://zncveh3lu3fyce1re-mps.siteintercept.qualtrics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thespiritualtransformation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 10:11:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
X-Original-Content-Length: 25288
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 9429
X-Xss-Protection: 1; mode=block
Access-Control-Allow-Headers: Content-Type
Last-Modified: Tue, 28 Sep 2021 13:06:40 GMT
X-Frame-Options: SAMEORIGIN
Etag: W/"PSA-lw9dKP2uKY"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=2592000
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com https://zncveh3lu3fyce1re-mps.siteintercept.qualtrics.com;
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Expires: Sun, 12 Dec 2021 09:58:02 GMT

GET
H/1.1 200
OK iconaSpeechAssistantred.png
digital.mps.it/libs/img/loginBI/ 2 KB
4 KB 34ms
34ms Image
image/png 81.26.195.203
Banca Monte Dei P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital.mps.it/libs/img/loginBI/iconaSpeechAssistantred.png

Requested by

Host: thespiritualtransformation.com
URL: https://thespiritualtransformation.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.26.195.203 , Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),

Reverse DNS

digital.mps.it

Software

Resource Hash

d46dda2fab1d8fe763cec3ef41291116c4df2667bdb89448b37fbc342249924a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com https://zncveh3lu3fyce1re-mps.siteintercept.qualtrics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thespiritualtransformation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com https://zncveh3lu3fyce1re-mps.siteintercept.qualtrics.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Date: Fri, 12 Nov 2021 10:11:35 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Xss-Protection: 1; mode=block
Cache-Control: max-age=2590764
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 2394
Etag: W/"PSA-aj-ym2Ym0rtFb"
Keep-Alive: timeout=15, max=100
Expires: Sun, 12 Dec 2021 09:51:00 GMT

GET
H/1.1 200
OK login.html
digital.mps.it/ Frame 7E26 0
0 42ms
42ms Document
text/html 81.26.195.203
Banca Monte Dei P...

General

Check archive.org

Show headers Download Go to

Full URL

https://digital.mps.it/login.html

Requested by

Host: thespiritualtransformation.com
URL: https://thespiritualtransformation.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.26.195.203 , Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),

Reverse DNS

digital.mps.it

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com https://zncveh3lu3fyce1re-mps.siteintercept.qualtrics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thespiritualtransformation.com/

Response headers

Date: Fri, 12 Nov 2021 10:11:35 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
Accept-Ranges: bytes
X-Mod-Pagespeed: 1.11.33.2-0
Cache-Control: max-age=0, no-cache
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com https://zncveh3lu3fyce1re-mps.siteintercept.qualtrics.com;
Access-Control-Allow-Headers: Content-Type
Content-Length: 13
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK montedeipaschi_logo_hd.png
digital.mps.it/libs/img/ 11 KB
12 KB 57ms
42ms Image
image/jpeg 81.26.195.203
Banca Monte Dei P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital.mps.it/libs/img/montedeipaschi_logo_hd.png

Requested by

Host: thespiritualtransformation.com
URL: https://thespiritualtransformation.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.26.195.203 , Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),

Reverse DNS

digital.mps.it

Software

Resource Hash

0a0c6433b58c72136375414d6f7a6a511932eeaac396f7c0991a2b953fa2eaaa

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com https://zncveh3lu3fyce1re-mps.siteintercept.qualtrics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thespiritualtransformation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com https://zncveh3lu3fyce1re-mps.siteintercept.qualtrics.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Date: Fri, 12 Nov 2021 10:11:35 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-Xss-Protection: 1; mode=block
Cache-Control: max-age=2589844
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 10960
Etag: W/"PSA-aj-I0rwWqEAus"
Keep-Alive: timeout=15, max=100
Expires: Sun, 12 Dec 2021 09:35:40 GMT

GET text-security-disc.woff2
digital.mps.it/cmn/font/ 0
0

GET
H/1.1 200
OK info%20tooltip_UI.svg
digital.mps.it/cmn/assets/icons/catalogo/ 999 B
3 KB 38ms
37ms Image
image/svg+xml 81.26.195.203
Banca Monte Dei P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital.mps.it/cmn/assets/icons/catalogo/info%20tooltip_UI.svg

Requested by

Host: thespiritualtransformation.com
URL: https://thespiritualtransformation.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.26.195.203 , Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),

Reverse DNS

digital.mps.it

Software

Resource Hash

9c9b26055379437522e81d6ad02ec43de51199f7ee3ad2fb8a7f6ab3a44efccf

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com https://zncveh3lu3fyce1re-mps.siteintercept.qualtrics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thespiritualtransformation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 10:11:35 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 999
X-Xss-Protection: 1; mode=block
Access-Control-Allow-Headers: Content-Type
Last-Modified: Tue, 28 Sep 2021 13:04:46 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com https://zncveh3lu3fyce1re-mps.siteintercept.qualtrics.com;
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Expires: Sun, 12 Dec 2021 10:11:35 GMT

GET
H/1.1 200
OK ico_carte.svg
digital.mps.it/libs/img/loginBI/ 1 KB
3 KB 31ms
31ms Image
image/svg+xml 81.26.195.203
Banca Monte Dei P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital.mps.it/libs/img/loginBI/ico_carte.svg

Requested by

Host: thespiritualtransformation.com
URL: https://thespiritualtransformation.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.26.195.203 , Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),

Reverse DNS

digital.mps.it

Software

Resource Hash

b989e87444353500fa31829b5814b69d053f5e5553bfff4fcb26a38f76e0f08e

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com https://zncveh3lu3fyce1re-mps.siteintercept.qualtrics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thespiritualtransformation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 10:11:35 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 1330
X-Xss-Protection: 1; mode=block
Access-Control-Allow-Headers: Content-Type
Last-Modified: Tue, 28 Sep 2021 13:05:28 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com https://zncveh3lu3fyce1re-mps.siteintercept.qualtrics.com;
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Expires: Sun, 12 Dec 2021 10:11:35 GMT

GET
H/1.1 200
OK ico_informazioni.svg
digital.mps.it/libs/img/loginBI/ 2 KB
4 KB 66ms
47ms Image
image/svg+xml 81.26.195.203
Banca Monte Dei P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital.mps.it/libs/img/loginBI/ico_informazioni.svg

Requested by

Host: thespiritualtransformation.com
URL: https://thespiritualtransformation.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.26.195.203 , Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),

Reverse DNS

digital.mps.it

Software

Resource Hash

0723be3bac2e41d6d7aa267af24f45a7240d74ead82a130765f83fc6fbf19723

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com https://zncveh3lu3fyce1re-mps.siteintercept.qualtrics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thespiritualtransformation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 10:11:35 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 2448
X-Xss-Protection: 1; mode=block
Access-Control-Allow-Headers: Content-Type
Last-Modified: Tue, 28 Sep 2021 13:05:27 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com https://zncveh3lu3fyce1re-mps.siteintercept.qualtrics.com;
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Expires: Sun, 12 Dec 2021 10:11:35 GMT

GET
H2 200 loader.js Show response
www.smartsuppchat.com/ 22 KB
7 KB 44ms
13ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.smartsuppchat.com/loader.js?
Requested by: Host: thespiritualtransformation.com
URL: https://thespiritualtransformation.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0a1fe617ca1de2aeb75c6be7a632e41e62bff7bbb680dd81c91ba4d0b9b65f62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thespiritualtransformation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-77-nzt: AcO1ryxfDtv/DQAAAA==
x-accel-expires: @1636711942
date: Fri, 12 Nov 2021 10:11:35 GMT
content-encoding: br
etag: W/"6141f7bc-56e8"
last-modified: Wed, 15 Sep 2021 13:40:12 GMT
server: CDN77-Turbo
x-77-nzt-ray: cfm1cfBce8Q=
x-77-cache: HIT
content-type: application/javascript
cache-control: max-age=300, public, s-maxage=60
x-cache: HIT
x-age: 13
x-77-pop: frankfurtDE
expires: Wed, 15 Sep 2021 13:45:35 GMT

GET
H2 200 76c55fb536a8a3965c8cd8c28546bd2c38f6704f.json Show response
bootstrap.smartsuppchat.com/widget/ 909 B
1 KB 28ms
10ms XHR
application/json 35.158.223.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bootstrap.smartsuppchat.com/widget/76c55fb536a8a3965c8cd8c28546bd2c38f6704f.json
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.223.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-223-247.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 417d265ce08f6c92bcc81ca3ecac4ae5fdda347e41ee667bb02061ced0256356

Request headers

Referer: https://thespiritualtransformation.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

x-version: dd7aa3fd74890dee45e641d61fd476758d95b5cd
date: Fri, 12 Nov 2021 10:11:35 GMT
x-hit: redis
etag: "38d-Ga0F4g8l9lvbyhAFCHWgTFEEymw"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0, must-revalidate
content-length: 909

GET text-security-disc.woff
digital.mps.it/cmn/font/ 0
0

GET
H2 200 asset-manifest.json Show response
widget-v2.smartsuppcdn.com/ 2 KB
673 B 46ms
13ms XHR
application/json 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v2.smartsuppcdn.com/asset-manifest.json
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 95805bdc82382a9d54ddf70102a6a3480726f312321901791dcff076147a6843

Request headers

Referer: https://thespiritualtransformation.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

x-77-pop: frankfurtDE
date: Fri, 12 Nov 2021 10:11:35 GMT
content-encoding: br
x-77-nzt-ray: vq2Ui22B9UM=
x-77-cache: HIT
x-cache: HIT
x-age: 17
x-77-nzt: AcO1ry/QMBL/EQAAAA==
x-accel-expires: @1636711938
last-modified: Thu, 11 Nov 2021 10:23:59 GMT
server: CDN77-Turbo
etag: W/"618cef3f-68e"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300, public, s-maxage=60
expires: Thu, 11 Nov 2021 14:38:50 GMT

GET text-security-disc.ttf
digital.mps.it/cmn/font/ 0
0

GET
H2 200 runtime-main.a0d61be9.js Show response
widget-v2.smartsuppcdn.com/static/js/ Frame 61AE 2 KB
2 KB 46ms
13ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v2.smartsuppcdn.com/static/js/runtime-main.a0d61be9.js
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d73c3970a761eacca1dd14394fd35e995e593778904467a8399b5a5206fd462f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thespiritualtransformation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 12 Nov 2021 10:11:35 GMT
content-encoding: br
x-77-nzt-ray: OtWMLI/822g=
x-77-cache: HIT
x-cache: HIT
x-age: 70672
x-77-nzt: AcO1ry+P/6//EBQBAA==
x-accel-expires: @1668177223
last-modified: Thu, 11 Nov 2021 10:23:59 GMT
server: CDN77-Turbo
etag: W/"618cef3f-98f"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
expires: Fri, 11 Nov 2022 14:33:43 GMT

GET
H2 200 3.201aef52.chunk.js Show response
widget-v2.smartsuppcdn.com/static/js/ Frame 61AE 656 KB
185 KB 96ms
65ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v2.smartsuppcdn.com/static/js/3.201aef52.chunk.js
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2063fcb6a2b12afab7731aad602ea0919b55ede9454efd07adc885d52504a731

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thespiritualtransformation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 12 Nov 2021 10:11:35 GMT
content-encoding: br
x-77-nzt-ray: THruKKwskSM=
x-77-cache: HIT
x-cache: HIT
x-age: 70672
x-77-nzt: AcO1ry+Kxm3/EBQBAA==
x-accel-expires: @1668177223
last-modified: Thu, 11 Nov 2021 10:23:59 GMT
server: CDN77-Turbo
etag: W/"618cef3f-a3f89"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
expires: Fri, 11 Nov 2022 14:33:43 GMT

GET
H2 200 main.902fd200.chunk.js Show response
widget-v2.smartsuppcdn.com/static/js/ Frame 61AE 109 KB
25 KB 53ms
22ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v2.smartsuppcdn.com/static/js/main.902fd200.chunk.js
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3b37ec4daf318d744d82f6c2f28a3557476f0015a870541247f33d14f63fa533

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thespiritualtransformation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 12 Nov 2021 10:11:35 GMT
content-encoding: br
x-77-nzt-ray: 8kcSi4osoQU=
x-77-cache: HIT
x-cache: HIT
x-age: 70672
x-77-nzt: AcO1ry/T/Ev/EBQBAA==
x-accel-expires: @1668177223
last-modified: Thu, 11 Nov 2021 10:23:59 GMT
server: CDN77-Turbo
etag: W/"618cef3f-1b3cf"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
expires: Fri, 11 Nov 2022 14:33:43 GMT

GET
H2 200 it.json Show response
widget-v2.smartsuppcdn.com/translates/ Frame 61AE 4 KB
2 KB 14ms
14ms Fetch
application/json 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v2.smartsuppcdn.com/translates/it.json?v=0dad9309d9ce98616de4e65d7ed2174f405b6862
Requested by: Host: widget-v2.smartsuppcdn.com
URL: https://widget-v2.smartsuppcdn.com/static/js/main.902fd200.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2593767f26b59e685fd943be61ea5298ae7a1380018ac18c3d15c470f32365ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thespiritualtransformation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 12 Nov 2021 10:11:36 GMT
content-encoding: br
x-77-nzt-ray: NIDpt95tauk=
x-77-cache: HIT
x-cache: HIT
x-age: 70632
x-77-nzt: AcO1ry/RpDL/6BMBAA==
x-accel-expires: @1668177264
last-modified: Thu, 11 Nov 2021 10:23:03 GMT
server: CDN77-Turbo
etag: W/"618cef07-10e5"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
expires: Fri, 11 Nov 2022 14:34:24 GMT

GET
H2 200 en.json Show response
widget-v2.smartsuppcdn.com/translates/ Frame 61AE 4 KB
2 KB 15ms
14ms Fetch
application/json 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v2.smartsuppcdn.com/translates/en.json?v=0dad9309d9ce98616de4e65d7ed2174f405b6862
Requested by: Host: widget-v2.smartsuppcdn.com
URL: https://widget-v2.smartsuppcdn.com/static/js/main.902fd200.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ea85a751f2df2b38b58d4687ebefcb0c3387559e861e34d75a7e63084868e517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thespiritualtransformation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 12 Nov 2021 10:11:36 GMT
content-encoding: br
x-77-nzt-ray: /Ciat/OhznA=
x-77-cache: HIT
x-cache: HIT
x-age: 70665
x-77-nzt: AcO1ry9mtR7/CRQBAA==
x-accel-expires: @1668177231
last-modified: Thu, 11 Nov 2021 10:23:03 GMT
server: CDN77-Turbo
etag: W/"618cef07-f8a"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
expires: Fri, 11 Nov 2022 14:33:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: digital.mps.it
URL: https://digital.mps.it/cmn/font/text-security-disc.woff2

Domain: digital.mps.it
URL: https://digital.mps.it/cmn/font/text-security-disc.woff

Domain: digital.mps.it
URL: https://digital.mps.it/cmn/font/text-security-disc.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banca Monte dei Paschi (Banking)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 02:57:43	Name: _bit Value: lacaby-66e3be455233b4d5e0-00k
thespiritualtransformation.com/	1970-01-20 03:00:36	Name: ssupp.vid Value: viTlaSfcULtz
thespiritualtransformation.com/	1970-01-20 03:00:36	Name: ssupp.visits Value: 1

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://digital.mps.it/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
javascript	error	URL: https://thespiritualtransformation.com/ Message: Access to font at 'https://digital.mps.it/cmn/font/text-security-disc.woff2' from origin 'https://thespiritualtransformation.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://digital.mps.it/cmn/font/text-security-disc.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://thespiritualtransformation.com/ Message: Access to font at 'https://digital.mps.it/cmn/font/text-security-disc.woff' from origin 'https://thespiritualtransformation.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://digital.mps.it/cmn/font/text-security-disc.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://thespiritualtransformation.com/ Message: Access to font at 'https://digital.mps.it/cmn/font/text-security-disc.ttf' from origin 'https://thespiritualtransformation.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://digital.mps.it/cmn/font/text-security-disc.ttf Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
bootstrap.smartsuppchat.com
code.jquery.com
digital.mps.it
thespiritualtransformation.com
widget-v2.smartsuppcdn.com
www.smartsuppchat.com
digital.mps.it
192.185.41.254
2001:4de0:ac18::1:a:1a
2a02:6ea0:c700::1
2a02:6ea0:c700::2
35.158.223.247
67.199.248.10
81.26.195.203
0723be3bac2e41d6d7aa267af24f45a7240d74ead82a130765f83fc6fbf19723
0a0c6433b58c72136375414d6f7a6a511932eeaac396f7c0991a2b953fa2eaaa
0a1fe617ca1de2aeb75c6be7a632e41e62bff7bbb680dd81c91ba4d0b9b65f62
2063fcb6a2b12afab7731aad602ea0919b55ede9454efd07adc885d52504a731
2593767f26b59e685fd943be61ea5298ae7a1380018ac18c3d15c470f32365ef
3b37ec4daf318d744d82f6c2f28a3557476f0015a870541247f33d14f63fa533
417d265ce08f6c92bcc81ca3ecac4ae5fdda347e41ee667bb02061ced0256356
4cc5538409245f39f02560f6819be202d962c4dc0920ed4d8004571e1af8faa4
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
7b487c27e8f58205e6365f7eb2201d9b33c0708ce8580abdce450e3be84e9fdb
95805bdc82382a9d54ddf70102a6a3480726f312321901791dcff076147a6843
9c9b26055379437522e81d6ad02ec43de51199f7ee3ad2fb8a7f6ab3a44efccf
b989e87444353500fa31829b5814b69d053f5e5553bfff4fcb26a38f76e0f08e
d46dda2fab1d8fe763cec3ef41291116c4df2667bdb89448b37fbc342249924a
d73c3970a761eacca1dd14394fd35e995e593778904467a8399b5a5206fd462f
ea85a751f2df2b38b58d4687ebefcb0c3387559e861e34d75a7e63084868e517
fbada2455fee9aca709cc4d9fc879bca09ae9df11ea93a39b0b9783277f43c40

thespiritualtransformation.com Open in urlscan Pro 192.185.41.254 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

21 Requests

86 %HTTPS

43 %IPv6

6 Domains

7 Subdomains

7 IPs

4 Countries

346 kBTransfer

1164 kBSize

3 Cookies

10 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

29 JavaScript Global Variables

3 Cookies

7 Console Messages

Security Headers

Indicators

thespiritualtransformation.com Open in urlscan Pro
192.185.41.254 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

86 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

346 kB
Transfer

1164 kB
Size

3
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!