Overview

URL scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
IP62.149.128.160
ASNAS31034 Aruba S.p.A.
Location Italy
Report completed2019-05-21 19:44:31 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2019-05-21 19:43:58 CEST 1 Client IP  62.149.142.177 ET TROJAN Single char EXE direct download likely trojan (multiple families)


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-05-21 2 scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe Malware
2019-05-21 2 www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe Malware
2019-05-21 2 www.scientificovallo.gov.it/wp-includes/js/wp-emoji-release.min.js?ver=4.8.9 Malware
2019-05-21 2 www.scientificovallo.gov.it/wp-content/plugins/contact-form-7/includes/css/ (...) Malware
2019-05-21 2 www.scientificovallo.gov.it/wp-content/plugins/albo-pretorio-on-line/css/st (...) Malware
2019-05-21 2 www.scientificovallo.gov.it/wp-content/plugins/albo-pretorio-on-line/css/jq (...) Malware
2019-05-21 2 www.scientificovallo.gov.it/wp-content/themes/pasw2015/style.css?ver=4.8.9 Malware
2019-05-21 2 www.scientificovallo.gov.it/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 Malware
2019-05-21 2 www.scientificovallo.gov.it/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 Malware
2019-05-21 2 www.scientificovallo.gov.it/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4 Malware
2019-05-21 2 www.scientificovallo.gov.it/wp-content/plugins/albo-pretorio-on-line/js/Alb (...) Malware
2019-05-21 2 www.scientificovallo.gov.it/wp-content/plugins/contact-form-7/includes/js/s (...) Malware
2019-05-21 2 www.scientificovallo.gov.it/wp-content/themes/pasw2015/js/pasw2015.js?ver=2 (...) Malware
2019-05-21 2 www.scientificovallo.gov.it/wp-includes/js/wp-embed.min.js?ver=4.8.9 Malware
DNS-BH  No alerts detected
mnemonic secure dns
Added / Verified Severity Host Comment
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted
2019-05-21 2 scientificovallo.gov.it Blacklisted


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 62.149.128.160

Date UQ / IDS / BL URL IP
2019-06-19 08:19:56 +0200
0 - 0 - 0 accelleratedorthodontics.com 62.149.128.160
2019-06-12 08:39:45 +0200
0 - 0 - 0 https://consorziogragnanocittadellapasta.it 62.149.128.160
2019-06-10 18:26:21 +0200
0 - 0 - 2 studiosipro.com/Information 62.149.128.160
2019-06-09 10:07:50 +0200
0 - 2 - 2 si-soft.org/eng/withoutsystem.htm 62.149.128.160
2019-06-07 12:03:48 +0200
0 - 0 - 3 si-soft.org/pdf/listinocorsionline.pdf 62.149.128.160
2019-06-06 22:00:08 +0200
0 - 0 - 54 scientificovallo.gov.it/wp-content/plugins/pa (...) 62.149.128.160
2019-06-06 04:21:25 +0200
0 - 2 - 54 scientificovallo.gov.it/wp-content/plugins/pa (...) 62.149.128.160
2019-06-05 21:52:37 +0200
0 - 1 - 54 scientificovallo.gov.it/wp-content/plugins/pa (...) 62.149.128.160
2019-06-05 17:49:30 +0200
0 - 0 - 1 solinfocas.com/clasicos/docs/drspj15/usuario/ (...) 62.149.128.160
2019-06-05 16:11:42 +0200
0 - 0 - 1 mascherenere.it/Invoice-for-you 62.149.128.160

Last 10 reports on ASN: AS31034 Aruba S.p.A.

Date UQ / IDS / BL URL IP
2019-06-19 12:15:20 +0200
0 - 0 - 0 www.web121.it/ 80.88.86.8
2019-06-19 11:43:40 +0200
0 - 0 - 0 www.rifomet.net/ 62.149.140.142
2019-06-19 08:19:56 +0200
0 - 0 - 0 accelleratedorthodontics.com 62.149.128.160
2019-06-18 19:59:03 +0200
0 - 0 - 0 www.eroticiracconti.it 5.249.157.234
2019-06-17 23:46:07 +0200
0 - 0 - 0 firstfamilygroup.ru 95.110.232.65
2019-06-17 22:18:02 +0200
0 - 0 - 0 www.laruotainternazionale.it/ 31.11.33.33
2019-06-17 20:37:00 +0200
0 - 1 - 1 https://fastdrugsassist.su/ 95.110.232.65
2019-06-17 13:01:08 +0200
0 - 0 - 0 www.safehomeitaly.it 89.46.106.85
2019-06-17 12:40:24 +0200
0 - 0 - 0 89.36.222.85 89.36.222.85
2019-06-15 08:04:38 +0200
0 - 0 - 0 herbalbestoutlet.ru/ 95.110.232.65

Last 10 reports on domain: scientificovallo.gov.it

Date UQ / IDS / BL URL IP
2019-06-06 22:00:08 +0200
0 - 0 - 54 scientificovallo.gov.it/wp-content/plugins/pa (...) 62.149.128.160
2019-06-06 07:44:14 +0200
0 - 0 - 54 scientificovallo.gov.it/invoicen110645323.zip 62.149.128.157
2019-06-06 04:21:25 +0200
0 - 2 - 54 scientificovallo.gov.it/wp-content/plugins/pa (...) 62.149.128.160
2019-06-06 04:07:17 +0200
0 - 0 - 54 scientificovallo.gov.it/pdffullinformation.zip 62.149.128.154
2019-06-05 22:02:27 +0200
0 - 0 - 54 scientificovallo.gov.it/repayment_id_43567901 (...) 62.149.128.154
2019-06-05 21:54:54 +0200
0 - 0 - 54 scientificovallo.gov.it/debtid34876563352pdf.zip 62.149.128.154
2019-06-05 21:53:26 +0200
0 - 0 - 54 scientificovallo.gov.it/order938091023.zip 62.149.128.157
2019-06-05 21:52:37 +0200
0 - 1 - 54 scientificovallo.gov.it/wp-content/plugins/pa (...) 62.149.128.160
2019-06-05 17:52:50 +0200
0 - 1 - 54 scientificovallo.gov.it/wp-content/plugins/pa (...) 62.149.128.151
2019-06-05 17:41:31 +0200
0 - 1 - 54 scientificovallo.gov.it/wp-content/plugins/pa (...) 62.149.128.157


JavaScript

Executed Scripts (16)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (45)


Request Response
                                        
                                            GET /wp-content/plugins/pafacile/rechung/1.exe HTTP/1.1 
Host: scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         62.149.128.151
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 21 May 2019 17:43:57 GMT
Server: Apache
Location: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Content-Length: 284
Connection: close


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   284
Md5:    9895e29381214a66c4111c0b0e6ccec5
Sha1:   84407c9c76024d2c58933b43db559962857b39f3
Sha256: 784e54954d49de3cea28cbee462d08f121efa82122a66b8439712ed43801991d

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/plugins/pafacile/rechung/1.exe HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         62.149.142.177
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 21 May 2019 17:43:57 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://www.scientificovallo.gov.it/wp-json/>; rel="https://api.w.org/"
Set-Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae; path=/
Upgrade: h2
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   27072
Md5:    927122d194baed2aa58406ccefbcee38
Sha1:   8a5128a046dc31e0bcac471f14ffe3f0725191cc
Sha256: a5042ca43d2ec3e666293b566e813a79fa0ff92e41192b26767067a9c5a6c56d

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
  IDS:
    - ET TROJAN Single char EXE direct download likely trojan (multiple families)
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=4.8.9 HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 21 May 2019 17:43:58 GMT
Server: Apache
Last-Modified: Wed, 27 Sep 2017 10:25:34 GMT
Etag: "2e8b-55a293641e380"
Accept-Ranges: bytes
Content-Length: 11915
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C++ program text, with very long lines
Size:   11915
Md5:    af2f44df3198cfda9fd515873696ad00
Sha1:   cc583f436ea6bdb172ce36105a676e2081065638
Sha256: dba6b80aceb1267fd1ed564e08a983730d272813e9b3aff85dc365c65333dd66

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.9 HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 21 May 2019 17:43:58 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 27 Sep 2017 10:29:12 GMT
Etag: "646-55a2943404e00"
Accept-Ranges: bytes
Content-Length: 1606
Keep-Alive: timeout=5, max=100


--- Additional Info ---
Magic:  ASCII text
Size:   1606
Md5:    7d5d92ddcbe33c91355c20a1d35e7a95
Sha1:   1843e6911072990d2193279a299c9f70523ed553
Sha256: e291f67dc3e643bfde7604e48a75e17298a3868ebc0c4554b9e8c17355fd6115

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/themes/pasw2015/print.css HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 21 May 2019 17:43:58 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 18 Sep 2017 10:42:42 GMT
Etag: "1640-5597466f58c80"
Accept-Ranges: bytes
Content-Length: 5696
Keep-Alive: timeout=5, max=100


--- Additional Info ---
Magic:  ASCII C program text
Size:   5696
Md5:    c7179574ff8c038c586718e347f57226
Sha1:   253f87b187e8b864793fffd6a6f5315304013448
Sha256: 967a6f74a4533a848ba0cf9e6c5c36916cd56fa7c2122644dce7cd7a0b6fdd30

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/plugins/albo-pretorio-on-line/css/style.css?ver=4.8.9 HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 21 May 2019 17:43:58 GMT
Server: Apache
Last-Modified: Mon, 28 Aug 2017 12:16:45 GMT
Etag: "c2c-557cf44a40540"
Accept-Ranges: bytes
Content-Length: 3116
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   3116
Md5:    1879d3cfa5e0d2f624bef328623343f7
Sha1:   766d636fdfcfdeaf7e017b5f5104b3aa12288b0f
Sha256: ac231886ce8918ac49318af099aa43600d3091dce9b89facff8af776738d24a5

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/themes/pasw2015/font/css/font-awesome.min.css HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 21 May 2019 17:43:58 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 18 Sep 2017 10:42:41 GMT
Etag: "6b4a-5597466e64a40"
Accept-Ranges: bytes
Content-Length: 27466
Keep-Alive: timeout=5, max=100


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   27466
Md5:    4fbd15cb6047af93373f4f895639c8bf
Sha1:   12d6861075de8e293265ff6ff03b1f3adcb44c76
Sha256: ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/plugins/albo-pretorio-on-line/css/jquery-ui-custom.css?ver=4.8.9 HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 21 May 2019 17:43:58 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 28 Aug 2017 12:16:45 GMT
Etag: "6591-557cf44a40540"
Accept-Ranges: bytes
Content-Length: 26001
Keep-Alive: timeout=5, max=100


--- Additional Info ---
Magic:  ASCII text
Size:   26001
Md5:    d870bcebf532c83e096935e6be0f0547
Sha1:   26b54c56858e6522caa0d35417711c9ae288f1c7
Sha256: c1fdd5ba739a267278377dd50baa77b6c4c93bb06f5738dd029bd7f395c2eb94

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/themes/pasw2015/style.css?ver=4.8.9 HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 21 May 2019 17:43:58 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 18 Sep 2017 10:42:42 GMT
Etag: "727a-5597466f58c80"
Accept-Ranges: bytes
Content-Length: 29306
Keep-Alive: timeout=5, max=100


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) C program text
Size:   29306
Md5:    27265af93e7a96173768b350abd684fc
Sha1:   b476688556dd148d1bdcb87b3802f1b59389a439
Sha256: 824746e96897da0c727f88651c83eab6a6651c78017648fdc6c8a13ea4c86c31

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 21 May 2019 17:43:58 GMT
Server: Apache
Last-Modified: Wed, 27 Sep 2017 10:25:34 GMT
Etag: "17ba0-55a293641e380"
Accept-Ranges: bytes
Content-Length: 97184
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   97184
Md5:    8610f03fe77640dee8c4cc924e060f12
Sha1:   076524186dbbdd4c41afbbd6b260d9e46a095811
Sha256: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    212ca4c755d4f4c0c15e78a70362bbaa
Sha1:   95582a0969562b958700d7be27da19f2005aed02
Sha256: 5f5221d5674c41ca3997b741627b88d99696426442a0b957806cba4e5d8a3bed
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    5be872b3fe0bb6f31385f91f811e9586
Sha1:   1192231bcb9ee73e9f619d433cdb66dddd9ae7f7
Sha256: db0ad6191770bff9043482b68acf62a4e25d4390a03274cfbe413675dd8c9cf5
                                        
                                            GET /css?family=Titillium+Web HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/themes/pasw2015/style.css?ver=4.8.9

                                         
                                         216.58.207.234
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Tue, 21 May 2019 17:43:59 GMT
Date: Tue, 21 May 2019 17:43:59 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   211
Md5:    d47d8d3d9c79185ee25fd9f52f4530f9
Sha1:   15135dd7a6e03cc47ee428d708aa24ab23534ddf
Sha256: 6eaf4316e0e2e8024d4b368e8fad07536312946f788847ed30d273056a6aa9a6
                                        
                                            GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Wed, 27 Sep 2017 10:25:33 GMT
Etag: "1afc-55a293632a140"
Accept-Ranges: bytes
Content-Length: 6908
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII English text, with very long lines
Size:   6908
Md5:    8cf7f36bbd79bc0664b6113f7a7837fe
Sha1:   ede1f6fe3d18a0685b30c6d465686de7870f578f
Sha256: 38a448e9e03a9f64e7611b19af4bb8ec97fde2c708dc57ebbc7701be7ae3af08

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Wed, 27 Sep 2017 10:25:34 GMT
Etag: "2748-55a293641e380"
Accept-Ranges: bytes
Content-Length: 10056
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII English text, with very long lines
Size:   10056
Md5:    7121994eec5320fbe6586463bf9651c2
Sha1:   90532aff6d4121954254cdf04994d834f7ec169b
Sha256: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Wed, 27 Sep 2017 10:25:33 GMT
Etag: "fa0-55a293632a140"
Accept-Ranges: bytes
Content-Length: 4000
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII English text, with very long lines
Size:   4000
Md5:    9ce4e157448487d4efe0ca538f656a71
Sha1:   45d22de723a97ca19cddd4fb792e339b5fab5c50
Sha256: 936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4 HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Wed, 27 Sep 2017 10:25:33 GMT
Etag: "2f4e-55a293632a140"
Accept-Ranges: bytes
Content-Length: 12110
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII English text, with very long lines
Size:   12110
Md5:    5330c83425ab1b8f67ce63f741427adb
Sha1:   81405db33a325f50572b47ed0e854052b7241612
Sha256: 429f6b7a5802c15145bddd69b400dae34b814eebd42ea1a32934c9a55a159391

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/plugins/albo-pretorio-on-line/js/Albo.jquery.tabs.js?ver=4.8.9 HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Mon, 28 Aug 2017 12:16:45 GMT
Etag: "156-557cf44a40540"
Accept-Ranges: bytes
Content-Length: 342
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   342
Md5:    d52a25b42c4185c416465acd82d4a9d5
Sha1:   98ff9f9748619ad27c242dfb5244fdf5b22378c4
Sha256: 9c38648197c7d8b7e77efaf1598a543c2ba8e43a497e26fd1e82ad95eb1dc188

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/plugins/post-notif/public/js/post-notif-public.min.js?ver=1.1.4 HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Sun, 10 Sep 2017 13:05:41 GMT
Etag: "e4-558d57793b340"
Accept-Ranges: bytes
Content-Length: 228
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   228
Md5:    bf9da1ca5886f9d7bde1a46ecbf630ca
Sha1:   18e23a0610e11fa0ad948f338d44b9c190117eb2
Sha256: e59cf21347e922ce3cb3ff3b5f0a93e9518943b68462d581b11529e17f71769e

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/plugins/post-notif/includes/js/widget.min.js?ver=4.8.9 HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Sun, 10 Sep 2017 13:05:41 GMT
Etag: "3d8-558d57793b340"
Accept-Ranges: bytes
Content-Length: 984
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   984
Md5:    2c515f8f2b3fc5bd6051ac55849da672
Sha1:   8adda4215b0937af1db3027b9fb6e6058430a00d
Sha256: d762b9d4e4c4eb7b2774a84f21c433af3938e0af5b1c42aa11efe1f3a2a40d04

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.9 HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Wed, 27 Sep 2017 10:29:12 GMT
Etag: "3654-55a2943404e00"
Accept-Ranges: bytes
Content-Length: 13908
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   13908
Md5:    760f1701aad76d6a4548ce5c39dc4992
Sha1:   223ebe0dc172040e5cbbf0f73e03982b5d7858d4
Sha256: f7db88a5dd4feb92dafbf5b17b516ddb78cfe69daff23ed72453a6a561b367f1

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/themes/pasw2015/js/pasw2015.js?ver=20151227 HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Mon, 18 Sep 2017 10:42:42 GMT
Etag: "29a-5597466f58c80"
Accept-Ranges: bytes
Content-Length: 666
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   666
Md5:    3e3959615daaf248d515605fb8291cc9
Sha1:   0cc39a9a4708f6b627178c99e8152bd4861120c3
Sha256: cd4507f53fbfd8b2091bcce1aec92c81052c1e64e2586877fd1eca745316f629

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/uploads/2016/07/pon2014-2020.jpg HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Mon, 11 Jul 2016 20:31:11 GMT
Etag: "2830-53762086961c0"
Accept-Ranges: bytes
Content-Length: 10288
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   10288
Md5:    f4ded5b3b6b73fa14d37b0c6fb8efe03
Sha1:   d3e8dd30987ffecc5a58faea008e4f572ebf0b30
Sha256: e82770d43dc3845157055a1575d24f94b9e347fdd7eca5ded6123f522fef507f

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=4.8.9 HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Wed, 27 Sep 2017 10:25:34 GMT
Etag: "576-55a293641e380"
Accept-Ranges: bytes
Content-Length: 1398
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   1398
Md5:    5a03f97cc479b9f5d7efdaccec31bc17
Sha1:   54518be91b7c5d4b139e032d23ffae568cc7e9fd
Sha256: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/uploads/2016/03/logo_scuola_digitale2.png HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 22:38:51 GMT
Etag: "3244-52d40c77454c0"
Accept-Ranges: bytes
Content-Length: 12868
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 279 x 208, 8-bit/color RGBA, non-interlaced
Size:   12868
Md5:    a60ed9bbf7678e92d4153dc0514126a5
Sha1:   3542b0607006212217edb24a52fe44d2cec74d60
Sha256: be90bd8d0b0bf7c303411e0e48a9c314209d403cb85de44e439fecc6a5e60511

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/uploads/2018/07/stem.gif HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Tue, 10 Jul 2018 11:26:56 GMT
Etag: "7f20-570a3685a93b2"
Accept-Ranges: bytes
Content-Length: 32544
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 600 x 300
Size:   32544
Md5:    c3226219b570024bf8df975ccc285b72
Sha1:   8fe01c751aba72c2824697def2fe942e2d032580
Sha256: a5c98186d13739151a59958cee0461211a5865be0c7d6f1ab437d16f3359b75e

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/uploads/2016/01/cropped-logo_scientifico.png HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2016 23:28:26 GMT
Etag: "f897-52a1ccf203a80"
Accept-Ranges: bytes
Content-Length: 63639
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 512 x 512, 8-bit/color RGBA, non-interlaced
Size:   63639
Md5:    10275dd9638af825a297650003e279b2
Sha1:   bd65bd7672bc5c39cc4bdc2c93d2b63816bd59c5
Sha256: ed03f65dffde331187abd184778da9a1b3f0510c4050d7c95efb92b2ea318769

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/uploads/2017/01/alternanza-scuola-lavoro_logo.jpg HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Fri, 27 Jan 2017 08:14:11 GMT
Etag: "8e42-5470f0cf4bac0"
Accept-Ranges: bytes
Content-Length: 36418
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   36418
Md5:    1ae21e9831abfb0cecd0d6f49e4df217
Sha1:   5f64750c21a4d7b08bc2508ced4160b7b8a788e2
Sha256: ef73e0829b45ed0bd629525d4ad5921c772eda66c34704980207b72eb08e33f0

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/uploads/2017/03/moodle_logo.png HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2017 19:19:20 GMT
Etag: "9892-54c0bafb85e00"
Accept-Ranges: bytes
Content-Length: 39058
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 300 x 233, 8-bit/color RGBA, non-interlaced
Size:   39058
Md5:    3ea34aced7ab63a69e40440aed6fdeab
Sha1:   acc24345d7bf3a27167324cfa9d0d88b89d683c3
Sha256: 91deb9470a56b7e5f59f78d41f4a90f62cd951a1e81c596494528fa3d5daef12

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/uploads/2018/06/coppe-oro-argento-bronzo-300x180.jpg HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Sat, 02 Jun 2018 07:40:39 GMT
Etag: "5c2d-56da3d121c96e"
Accept-Ranges: bytes
Content-Length: 23597
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   23597
Md5:    134453676ae4ab2cb82faff4b829f937
Sha1:   5d9abba0bd584cf0bed200d729a222f64c3d6fe1
Sha256: 114ea091fc38fdedbb94b627dd81df6c7a400e5cb115c63de3e08ee29f14d90d

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/uploads/2016/11/facebook-logo.png HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Sat, 05 Nov 2016 10:01:19 GMT
Etag: "8d88-5408adf4419c0"
Accept-Ranges: bytes
Content-Length: 36232
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 2038 x 718, 8-bit/color RGBA, non-interlaced
Size:   36232
Md5:    4236b044d58b1845cad2017eca6782f4
Sha1:   3b13479c8dd4d7347c8a785d4c3b67056ea30629
Sha256: c53071bf727e5ad0ce58c186b972799666e6a9e3592adf4498ff3de141d93dda

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/themes/pasw2015/images/logopab.png HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Mon, 18 Sep 2017 10:42:41 GMT
Etag: "8ea-5597466e64a40"
Accept-Ranges: bytes
Content-Length: 2282
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 337 x 87, 8-bit colormap, non-interlaced
Size:   2282
Md5:    1d41d226149454fb436539e869da84cc
Sha1:   18ecf9560a6a2b821877ad45a570bd1a8a4f9b5b
Sha256: c16c441124b4016b3a1b420069b2056aae36be4045b9e6532bb75fa0e9c7019a

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/uploads/2016/01/ScuolaNext_Genitori_Studenti.jpg HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Mon, 25 Jan 2016 10:50:54 GMT
Etag: "cb88-52a2657d11f80"
Accept-Ranges: bytes
Content-Length: 52104
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   52104
Md5:    fd484da3b974f4c832dfe71a8b5fa0c0
Sha1:   4347de1e3ecdbb5cdca4f9b7a676f6ff400186c7
Sha256: 0ba2627218d5bfdce196262ee3bf28cb6936a44a1453a3d87c8fca53a7cd2b8f

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/themes/pasw2015/images/search.png HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/themes/pasw2015/style.css?ver=4.8.9
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Mon, 18 Sep 2017 10:42:41 GMT
Etag: "211-5597466e64a40"
Accept-Ranges: bytes
Content-Length: 529
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 20 x 20, 8-bit/color RGBA, non-interlaced
Size:   529
Md5:    a6498bfeb6aa290620da289238786011
Sha1:   5bbc73b1d90656777e0b8c6321dee06127756a4a
Sha256: 6e502347664e06d41d1965337e69e2bd1343e77efc7715bb05f986c05f7c426e

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/uploads/2016/06/cropped-Leo_disegno3-1.jpg HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2016 08:59:42 GMT
Etag: "c762-5353939c25b80"
Accept-Ranges: bytes
Content-Length: 51042
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   51042
Md5:    2a641a4700c157ebf58e518d18f5f320
Sha1:   d1e544cdbad1847f1cba7eef94f8ca3fc511d93a
Sha256: 685a55e2a742a0c4600bb9a9bc3302023dc976cf9a0647edaa0485c8b38544cb

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/themes/pasw2015/images/li_image.gif HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/themes/pasw2015/style.css?ver=4.8.9
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Mon, 18 Sep 2017 10:42:41 GMT
Etag: "36-5597466e64a40"
Accept-Ranges: bytes
Content-Length: 54
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 8 x 8
Size:   54
Md5:    e410b2f729c2087a0845b9a4dbd4a0ea
Sha1:   813b17a5a76e170d1bef8280c014e5c99b51aa43
Sha256: 1911d31e0992ca4993a85e25f7f16e38e5766a856117b62b23f2f5faa8c65297

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/uploads/2016/11/logoScuolaViva.jpg HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Sat, 26 Nov 2016 19:57:41 GMT
Etag: "22504-54239a6b4f740"
Accept-Ranges: bytes
Content-Length: 140548
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   140548
Md5:    07109b7a367ff76a1ac5f00bcdc81043
Sha1:   1fd163e4a0874d712bc485d665a765f4c7f30e9b
Sha256: 8bd517c823e3a8e1030dbb97f434756c9802520770fa731371d9db878730cbdc

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/uploads/2016/01/cropped-logo_scientifico-192x192.png HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2016 23:28:26 GMT
Etag: "73b0-52a1ccf203a80"
Accept-Ranges: bytes
Content-Length: 29616
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 192 x 192, 8-bit/color RGBA, non-interlaced
Size:   29616
Md5:    4df31d966f40893a1829444798a59788
Sha1:   b7af6db61cee6ff83b1df1c24e84d07635cfc5a6
Sha256: 8cbd9fd5f6426f90138abecd029982295ce5d0af7e082771835ab7394372a543

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 21 May 2019 17:44:00 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    060591c6e1f425192c736e9c21d3903b
Sha1:   f1da8738e6505e223766235cd5b2cfd930be529a
Sha256: 5456603daa36c44856c54ea2341efadbb36368f2d84a02ab7b649d1e0d1683fb
                                        
                                            GET /wp-content/uploads/2017/01/LavoriRagazzi.png HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Sun, 29 Jan 2017 22:16:17 GMT
Etag: "50237-547430c390e40"
Accept-Ranges: bytes
Content-Length: 328247
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 997 x 534, 8-bit/color RGB, non-interlaced
Size:   328247
Md5:    67068468bb281e06bf18dac560296b35
Sha1:   d452cda8437fb17b68c58eb99eca6990f425b4b8
Sha256: 668343accd7c869bfe51b93a9fd6bde76a4401e1eb431deee5f0236802abf8cb

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /s/titilliumweb/v7/NaPecZTIAOhVxoMyOr9n_E7fdMPmCw.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Titillium+Web
Origin: http://www.scientificovallo.gov.it

                                         
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 16572
Date: Fri, 19 Apr 2019 15:31:24 GMT
Expires: Sat, 18 Apr 2020 15:31:24 GMT
Last-Modified: Tue, 19 Feb 2019 22:23:32 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 2772756
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  data
Size:   16572
Md5:    d8bc9340523c9d8c5c0faedca620dcff
Sha1:   f3ad6529555f105659ddfe942f5c2902c180463e
Sha256: 11c54a8e83547d7ec3af9960ab4c4b50af1ea2f4bab7f356a6a9a8d3f251c459
                                        
                                            GET /wp-content/uploads/2017/10/leonardorienta.png HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Thu, 26 Oct 2017 14:05:20 GMT
Etag: "7595b-55c73a99a2800"
Accept-Ranges: bytes
Content-Length: 481627
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 890 x 598, 8-bit/color RGBA, non-interlaced
Size:   481627
Md5:    6d1bf0f01f47bea0bd6d9e7ae89ddf98
Sha1:   5f969189e64a68fb7cab9d367c5b2e1be424a010
Sha256: eb7c3fb91b11fc8bddffaf588c759d0e1d057357eba97f8532eabbbc65acf5f4

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/uploads/2016/01/cropped-logo_scientifico-32x32.png HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 21 May 2019 17:44:02 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2016 23:28:26 GMT
Etag: "981-52a1ccf203a80"
Accept-Ranges: bytes
Content-Length: 2433
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 32 x 32, 8-bit/color RGBA, non-interlaced
Size:   2433
Md5:    10c989846b0c1abcbe6db1abdd3cbc3c
Sha1:   47ad4610bc1ffa11d5bf114f22b3419e9f7ed8ca
Sha256: 42b705de20182469aa3e46637d00e36925fa753b9862babbee5937c2680307af

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/uploads/2016/03/sfondo_mucu_02.jpg HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.scientificovallo.gov.it/wp-content/plugins/pafacile/rechung/1.exe
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         62.149.142.177
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 21 May 2019 17:43:59 GMT
Server: Apache
Last-Modified: Wed, 23 Mar 2016 21:11:26 GMT
Etag: "9782be-52ebdc5d01b80"
Accept-Ranges: bytes
Content-Length: 9929406
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   9929406
Md5:    825d51ed7b91b439ff29417083dc09d5
Sha1:   35514b2b3918ff303961cf31fe5aaccdc5f7bea7
Sha256: 4d104c4911ccda9d258af48c3e350a4c50043c2f5e3be56a96a05605e97f1b7c

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/uploads/2016/01/cropped-logo_scientifico-32x32.png HTTP/1.1 
Host: www.scientificovallo.gov.it
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: wordpress_google_apps_login=6363b2978ab7a551eb784d110952c0ae

                                         
                                         0.0.0.0
                                        


--- Additional Info ---

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted