info.ciampinobus.com/
185.136.89.218301 Moved Permanently 162 B IP 185.136.89.218:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 02:21:44 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://info.ciampinobus.com/
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9360
Expires: Thu, 02 Feb 2023 04:57:44 GMT
Date: Thu, 02 Feb 2023 02:21:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2701
Expires: Thu, 02 Feb 2023 03:06:45 GMT
Date: Thu, 02 Feb 2023 02:21:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5915
Expires: Thu, 02 Feb 2023 04:00:19 GMT
Date: Thu, 02 Feb 2023 02:21:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 01:43:27 GMT
content-type: application/json
age: 2297
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PjutDrR00ks39sC8fVckituNvAAjSy1FitB6EIa2zrMC6faRyzMgAASMuu3fP7KXaifDu74RyMY=
x-amz-request-id: VKRVN8J0MDWG6Z2W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 01:22:53 GMT
age: 3531
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:44 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9b705957cd8f2fc23db439fba3330432
edb2fd107ee2843249bac884bb94f250a2b931b3
1089948f4d16bd81439f4cc2d02544c70e4540c77fa495c2f6f599639b515476
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1089948F4D16BD81439F4CC2D02544C70E4540C77FA495C2F6F599639B515476"
Last-Modified: Tue, 31 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 02 Feb 2023 08:21:44 GMT
Date: Thu, 02 Feb 2023 02:21:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 01:41:43 GMT
age: 2401
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10021
Expires: Thu, 02 Feb 2023 05:08:46 GMT
Date: Thu, 02 Feb 2023 02:21:45 GMT
Connection: keep-alive
push.services.mozilla.com/
44.229.10.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.229.10.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rN1/ad1qu5R4yr2lABFhvw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 582vl4QpQkWPLBo7QW7VwvlvM8I=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:21:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Rubik%3A300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%7CRubik%3Aregular%7CNunito%3Aregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin&ver=6.1.1
142.250.74.106200 OK 1.6 kB URL HTTP/2 fonts.googleapis.com/css?family=Rubik%3A300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%7CRubik%3Aregular%7CNunito%3Aregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin&ver=6.1.1
IP 142.250.74.106:0
Hash 32f90dc850739c697e62b72747b53f48
7331cb6b7f296b3b16529b5ac52a7c255fa9df16
38c170db6860badb1fcc12d403c20ee8fb91fad4a141f074748958b1f0791d5d
GET /css?family=Rubik%3A300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%7CRubik%3Aregular%7CNunito%3Aregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 02:21:45 GMT
date: Thu, 02 Feb 2023 02:21:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
185.136.89.218200 OK 12 kB URL HTTP/2 info.ciampinobus.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 185.136.89.218:0
File type ASCII text, with very long lines (47826)
Hash ae54626f3cd794befd05e445379e59bc
3d80d2711b495c7e8122b2518a18ba034443cac9
7527ac26e9865a153abc5a0a538a5d7a7e411ff85310ee6c6e4bc11f7fa3fbbc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 04:55:02 GMT
etag: W/"63746d26-172a9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3706
Expires: Thu, 02 Feb 2023 03:23:32 GMT
Date: Thu, 02 Feb 2023 02:21:46 GMT
Connection: keep-alive
info.ciampinobus.com/wp-includes/css/classic-themes.min.css?ver=1
185.136.89.218200 OK 648 B URL HTTP/2 info.ciampinobus.com/wp-includes/css/classic-themes.min.css?ver=1
IP 185.136.89.218:0
Hash 71a8017b8d10dbefeb1e9d545c441ece
5ac5e59fb0b892de76619c74cb993cf61250deb3
9389347b836c115dc3ecbbadca8c6566384cf487c96bb92670da1c47e5ca8337
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Mon, 14 Nov 2022 10:24:00 GMT
etag: W/"d9-5ed6ba34dda28"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.3
185.136.89.218200 OK 79 kB URL HTTP/2 info.ciampinobus.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.3
IP 185.136.89.218:0
File type ASCII text, with very long lines (64288)
Hash 086be3bb1b9bc9241837880e1ab37b6c
7828171aee4fad3c8df9f8cdbf775b44216119a4
1b95d3a7476f1666e081242d4aea6b88fe0bc120a16655bca7807ee55ef669eb
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.3 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: application/javascript
last-modified: Tue, 03 Dec 2019 15:09:50 GMT
etag: W/"5de67abe-4307e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/css/main.css?ver=6.1.1
185.136.89.218200 OK 74 kB URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/css/main.css?ver=6.1.1
IP 185.136.89.218:0
File type Unicode text, UTF-8 text, with very long lines (492)
Hash d391b37dcab19a0305fb4d7f14c61385
8c46eb68c94e286f387912d1bfed4d87ca4f9313
e8c525d69be82cefd5c439a41f807d4cf8d952fda5aa8ba5161cfa9274b1e565
GET /wp-content/themes/metamax/css/main.css?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-a56d0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/fonts/flaticon/flaticon.css?ver=6.1.1
185.136.89.218200 OK 8.9 kB URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/fonts/flaticon/flaticon.css?ver=6.1.1
IP 185.136.89.218:0
Hash 6d8f2285b6f9ef3b5420ad46fb92ed0b
3e4238230efa603ec3191045bed27b8216a0bc38
59557b645ab95369db9d9a243db38825ee4badcb7c265b87613e5cd20345f02f
GET /wp-content/themes/metamax/fonts/flaticon/flaticon.css?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-1d72"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6790e3bf4d10b1ffba32a22dc588c640
cdae35517dfea800134393a1095f44462bc428a5
4f4132588ee7337fff24da64b89e43b277c4ef0a2646acfba37aea08fc0f4256
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9416
x-amzn-requestid: acc48967-4cc1-4bfd-bc33-7bcefd8e6547
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGjqIAMFa2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-1d1cd4de0a30760e792d32e5;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: byLFLKpRZa_blxNi2wh_ft4Ule-zNiZtSih_Quv-9BgKS87Y-wJlTA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:40 GMT
age: 15666
etag: "cdae35517dfea800134393a1095f44462bc428a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
185.136.89.218200 OK 58 kB URL HTTP/2 info.ciampinobus.com/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
IP 185.136.89.218:0
File type ASCII text, with very long lines (32017), with CRLF line terminators
Hash fea239ce285c3f184556d329ba14e04e
004b9153b06cc39f12c0db606d5b634a8fe46073
c118c78a9521647537584ac89b8b0671e1b6ab88a925f532c45b3f56dfb6f0fa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: application/javascript
last-modified: Tue, 03 Dec 2019 15:09:50 GMT
etag: W/"5de67abe-24ca1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/uploads/logo-1_03ec011b1_450.png
185.136.89.218200 OK 62 kB URL HTTP/2 info.ciampinobus.com/wp-content/uploads/logo-1_03ec011b1_450.png
IP 185.136.89.218:0
File type PNG image data, 1004 x 283, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b3f5dd5e58ded6a3295a2a15fa72420
78bd7b9f491f10016784af476a61351b4044479c
61dda81bcf0aa216bcd69babe6d99de6e88585045b2d6d0be58a4b7ebf690ea1
GET /wp-content/uploads/logo-1_03ec011b1_450.png HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: image/png
content-length: 62547
last-modified: Tue, 22 Sep 2020 09:04:14 GMT
etag: "5f69be0e-f453"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/uploads/logo-1_00fa00460_450.png
185.136.89.218200 OK 13 kB URL HTTP/2 info.ciampinobus.com/wp-content/uploads/logo-1_00fa00460_450.png
IP 185.136.89.218:0
File type PNG image data, 248 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash b92dae2891a6a5b392b79837fb1a6ef6
ad9e390c1b535ed6451d8749d3cad055f11e137e
e41b7997558606299a25ac8ab2c2d3c65fcdc5595dcf2871759aa228ad54f72d
GET /wp-content/uploads/logo-1_00fa00460_450.png HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: image/png
content-length: 13259
last-modified: Tue, 22 Sep 2020 09:06:45 GMT
etag: "5f69bea5-33cb"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/uploads/logo-dark-1_07d802371_451.png
185.136.89.218200 OK 90 kB URL HTTP/2 info.ciampinobus.com/wp-content/uploads/logo-dark-1_07d802371_451.png
IP 185.136.89.218:0
File type PNG image data, 2008 x 567, 8-bit/color RGBA, non-interlaced\012- data
Hash 3862fad7d1b34a0f4efd82929cbf34b7
c3719879a7704132d9a5af4ff346b2edbad15b01
3d8ef98555076cb94d8da013b7f25de9e1f505cca5e05a7d574f3caa7cb9ad87
GET /wp-content/uploads/logo-dark-1_07d802371_451.png HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: image/png
content-length: 89629
last-modified: Tue, 22 Sep 2020 09:06:47 GMT
etag: "5f69bea7-15e1d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
info.ciampinobus.com/
185.136.89.218200 OK 32 kB IP 185.136.89.218:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (49646)
Hash a436923ed29f82a2b13f36b4251a29db
904396af643514ecee98490670391386e1e56793
35405ebfea97d5b7b4d9efd1bccedf120436e7a536452559970326e74cf9fd10
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/html; charset=UTF-8
link: <https://info.ciampinobus.com/wp-json/>; rel="https://api.w.org/", <https://info.ciampinobus.com/wp-json/wp/v2/pages/200>; rel="alternate"; type="application/json", <https://info.ciampinobus.com/>; rel=shortlink
set-cookie: vchideactivationmsg_vc11=6.8.0
x-powered-by: PHP/7.3.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:21:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
info.ciampinobus.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3
185.136.89.218200 OK 3.4 kB URL HTTP/2 info.ciampinobus.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3
IP 185.136.89.218:0
File type ASCII text, with very long lines (10565), with no line terminators
Hash 408f1038069625ca5a2f52d69e3782e4
612f6cab568d4751588cd3227935131536a0debf
fe1a7a5f5df04aace69376f5bab74fe24768da4ba53fc2845b764a6563868511
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 08:52:21 GMT
etag: W/"63d390c5-2945"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2
216.58.207.227200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 34112, version 1.0\012- data
Hash c21e7acd53a6d80fa451f1af92d9a492
4096e12b96fa2549e4f169044a49b6ec60214008
6a0d96c353719068401ebbedf7f58e3be1232756327243922b6ab9690a3591bd
GET /s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://info.ciampinobus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34112
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:13:11 GMT
expires: Fri, 02 Feb 2024 00:13:11 GMT
cache-control: public, max-age=31536000
age: 7715
last-modified: Wed, 07 Dec 2022 18:11:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
216.58.207.227200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://info.ciampinobus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 07:32:21 GMT
expires: Mon, 29 Jan 2024 07:32:21 GMT
cache-control: public, max-age=31536000
age: 326965
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3
185.136.89.218200 OK 29 kB URL HTTP/2 info.ciampinobus.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3
IP 185.136.89.218:0
Hash 1d5d4404aad36026e8eb1c1b9142aead
4d5fd9b603103f0e961489b6df2722dbcbd7c2ad
bb6db6f21dd51fd772761b0f7350110f983e1bef91de633196c5e30eee811b1e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
last-modified: Fri, 27 Jan 2023 08:52:21 GMT
etag: W/"63d390c5-af3"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:21:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
info.ciampinobus.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.8.0
185.136.89.218200 OK 5.8 kB URL HTTP/2 info.ciampinobus.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.8.0
IP 185.136.89.218:0
File type ASCII text, with very long lines (19905)
Hash 60a6362de8c3ae0697290798ab84bede
24c15235d909f12e78a968f0b484eb6d835a6cda
a7f761edcf2e0e9ccb75d87878ad6d4fecec5d3b26fc4687fd28c0407e78b01a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.8.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 10:15:04 GMT
etag: W/"620ccea8-4e9c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/cws-megamenu/assets/js/cws_megamenu_front.js?ver=6.1.1
185.136.89.218200 OK 1.9 kB URL HTTP/2 info.ciampinobus.com/wp-content/plugins/cws-megamenu/assets/js/cws_megamenu_front.js?ver=6.1.1
IP 185.136.89.218:0
Hash f55efd6dd9177e438603f26560f3abcb
acca81f6c498f82394ee2b406502af9f5971ac22
bc03395ba8fbb110eede7e611fe766e59e81255bd960596c279fa8e452d8c763
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cws-megamenu/assets/js/cws_megamenu_front.js?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: application/javascript
last-modified: Mon, 13 Jul 2020 17:20:17 GMT
etag: W/"5f0c97d1-162a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
185.136.89.218200 OK 76 kB URL HTTP/2 info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
IP 185.136.89.218:0
File type Web Open Font Format (Version 2), TrueType, length 75760, version 330.32636\012- data
Hash 832f6e62aaf3909d6b94c8a9c1e4dd51
4a06418cb56a66af5a1c0f59791469dea1dc87fa
8556fd48cf33ca3028e3fff4042979f224987ee317cc9032dd5bba996b363009
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.8.0
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:46 GMT
content-type: font/woff2
content-length: 75760
last-modified: Wed, 16 Feb 2022 10:15:04 GMT
etag: "620ccea8-127f0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2
185.136.89.218200 OK 14 kB URL HTTP/2 info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2
IP 185.136.89.218:0
File type Web Open Font Format (Version 2), TrueType, length 13564, version 330.32636\012- data
Hash e7d4bfa72a1f7d352fa6605501a3e2f2
afd94b571eff9da7d85490bdb4c9874419cd260d
d144631af733437b73fba8e784ab694a97fab80476e82325f7a58f6408b28850
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.8.0
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:46 GMT
content-type: font/woff2
content-length: 13564
last-modified: Wed, 16 Feb 2022 10:15:04 GMT
etag: "620ccea8-34fc"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:21:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
info.ciampinobus.com/wp-content/plugins/js_composer/assets/css/lib/vc-entypo/fonts/vc_entypo.woff
185.136.89.218200 OK 45 kB URL HTTP/2 info.ciampinobus.com/wp-content/plugins/js_composer/assets/css/lib/vc-entypo/fonts/vc_entypo.woff
IP 185.136.89.218:0
File type Web Open Font Format, TrueType, length 45152, version 1.0\012- data
Hash 5460a9ba11448e34f332f25e72dc16df
9729b28b6872d971935ff58f460cf3c26dcb7380
434d5a30d2359d95efc266dbe0fffcac2c1846e133d4713bebb7c337bdfb84ce
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/css/lib/vc-entypo/fonts/vc_entypo.woff HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://info.ciampinobus.com/wp-content/plugins/js_composer/assets/css/lib/vc-entypo/vc_entypo.min.css?ver=6.8.0
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:46 GMT
content-type: application/font-woff
content-length: 45152
last-modified: Wed, 16 Feb 2022 10:15:05 GMT
etag: "620ccea9-b060"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/uploads/cabecera_rya-1536x364.png
185.136.89.218200 OK 682 kB URL HTTP/2 info.ciampinobus.com/wp-content/uploads/cabecera_rya-1536x364.png
IP 185.136.89.218:0
File type PNG image data, 1536 x 364, 8-bit/color RGBA, non-interlaced\012- data
Size 682 kB (682386 bytes)
Hash 840d6777c97091954dee64d7ae18eea5
bec2b8ae7420328dd344d7ac5b661069441af739
3c3849f32f8d92519e01229445a0127aef0947b3f81f8a04e0f06d7b35468487
GET /wp-content/uploads/cabecera_rya-1536x364.png HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:46 GMT
content-type: image/png
content-length: 682386
last-modified: Mon, 13 Jul 2020 18:47:25 GMT
etag: "5f0cac3d-a6992"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/uploads/ciampino-bus-shuttle-station.jpg
185.136.89.218200 OK 135 kB URL HTTP/2 info.ciampinobus.com/wp-content/uploads/ciampino-bus-shuttle-station.jpg
IP 185.136.89.218:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x600, components 3\012- data
Size 135 kB (135079 bytes)
Hash 3d2c456eb55fae5ed1aa041b99760017
8d091fa0088535cfb6c2839b980edccd5436a9d8
93c9e5ae74d39eaae98a76e6960419e1386ed70cbe9aa336aba36fd897dc1988
GET /wp-content/uploads/ciampino-bus-shuttle-station.jpg HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:46 GMT
content-type: image/jpeg
content-length: 135079
last-modified: Mon, 13 Jul 2020 19:58:53 GMT
etag: "5f0cbcfd-20fa7"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/uploads/gwpf_icon/favicon.ico
185.136.89.218200 OK 68 kB URL HTTP/2 info.ciampinobus.com/wp-content/uploads/gwpf_icon/favicon.ico
IP 185.136.89.218:0
File type MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel\012- data
Hash b5bf6a901d4a308c8bc82e4f4d2a37ba
ad0424a4913641dd9c899b295dd8e178371c70f8
f72270552591fefa13463676ba0af297bbc09599dd11c635981757de1343ccc0
GET /wp-content/uploads/gwpf_icon/favicon.ico HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0; pll_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:46 GMT
content-type: image/vnd.microsoft.icon
content-length: 67646
last-modified: Fri, 25 Sep 2020 09:07:09 GMT
etag: "5f6db33d-1083e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 185.136.89.218:0
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: application/javascript
last-modified: Wed, 25 May 2022 03:39:03 GMT
etag: W/"628da4d7-48b9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/css/select2.css?ver=1.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/css/select2.css?ver=1.0
IP 185.136.89.218:0
GET /wp-content/themes/metamax/css/select2.css?ver=1.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-44de"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/css/jquery.fancybox.css?ver=1.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/css/jquery.fancybox.css?ver=1.0
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/metamax/css/jquery.fancybox.css?ver=1.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-137f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.8.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.8.0
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.8.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 10:15:04 GMT
etag: W/"620ccea8-865f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.8.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.8.0
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.8.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 10:15:05 GMT
etag: W/"620ccea9-76891"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/uploads/js_composer/custom.css?ver=6.8.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/uploads/js_composer/custom.css?ver=6.8.0
IP 185.136.89.218:0
GET /wp-content/uploads/js_composer/custom.css?ver=6.8.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Wed, 16 Feb 2022 10:15:13 GMT
etag: W/"3c-5d81fecdc4e40"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.8.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.8.0
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.8.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 10:15:04 GMT
etag: W/"620ccea8-dc69"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/js/slick.min.js?ver=1.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/js/slick.min.js?ver=1.0
IP 185.136.89.218:0
GET /wp-content/themes/metamax/js/slick.min.js?ver=1.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: application/javascript
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-a76f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.3
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.3
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.3 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
last-modified: Tue, 03 Dec 2019 15:09:50 GMT
etag: W/"5de67abe-e1a2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/cws-svgicons/cwssvgi_f.css?ver=6.1.1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/cws-svgicons/cwssvgi_f.css?ver=6.1.1
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cws-svgicons/cwssvgi_f.css?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Mon, 13 Jul 2020 17:20:17 GMT
etag: W/"63-5aa55e788d640"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/fonts/cws-iconpack/flaticon.css?ver=6.1.1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/fonts/cws-iconpack/flaticon.css?ver=6.1.1
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/metamax/fonts/cws-iconpack/flaticon.css?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-1ceb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 185.136.89.218:0
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: application/javascript
last-modified: Mon, 14 Nov 2022 10:24:00 GMT
etag: W/"63721740-15e54"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/css/animate.css?ver=1.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/css/animate.css?ver=1.0
IP 185.136.89.218:0
GET /wp-content/themes/metamax/css/animate.css?ver=1.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-11ced"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: application/javascript
last-modified: Wed, 09 Dec 2020 04:55:08 GMT
etag: W/"5fd058ac-2bd8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.8.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.8.0
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.8.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 10:15:05 GMT
etag: W/"620ccea9-caa8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/js_composer/assets/css/lib/vc-entypo/vc_entypo.min.css?ver=6.8.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/js_composer/assets/css/lib/vc-entypo/vc_entypo.min.css?ver=6.8.0
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/css/lib/vc-entypo/vc_entypo.min.css?ver=6.8.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 10:15:05 GMT
etag: W/"620ccea9-33a0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/cws-essentials/assets/js/ajax_plugin.js?ver=6.1.1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/cws-essentials/assets/js/ajax_plugin.js?ver=6.1.1
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cws-essentials/assets/js/ajax_plugin.js?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: application/javascript
last-modified: Mon, 13 Jul 2020 17:20:17 GMT
etag: W/"5f0c97d1-ab85"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/cws-essentials//assets/css/main.css?ver=6.1.1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/cws-essentials//assets/css/main.css?ver=6.1.1
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cws-essentials//assets/css/main.css?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Mon, 13 Jul 2020 17:20:17 GMT
etag: W/"290-5aa55e788d640"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 08:52:21 GMT
etag: W/"63d390c5-31d9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/style.css?ver=6.1.1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/style.css?ver=6.1.1
IP 185.136.89.218:0
GET /wp-content/themes/metamax/style.css?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"318-5aa55e5a08e40"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/js/scripts.js?ver=1.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/js/scripts.js?ver=1.0
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/metamax/js/scripts.js?ver=1.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: application/javascript
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-1b40f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/cws-svgicons/cwssvgi_f.js?ver=1.5.4
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/cws-svgicons/cwssvgi_f.js?ver=1.5.4
IP 185.136.89.218:0
GET /wp-content/plugins/cws-svgicons/cwssvgi_f.js?ver=1.5.4 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: application/javascript
last-modified: Mon, 13 Jul 2020 17:20:17 GMT
etag: W/"5f0c97d1-526"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/js/jquery.easing.1.3.min.js?ver=1.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/js/jquery.easing.1.3.min.js?ver=1.0
IP 185.136.89.218:0
GET /wp-content/themes/metamax/js/jquery.easing.1.3.min.js?ver=1.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: application/javascript
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-1b37"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/tablepress/css/build/default.css?ver=2.0.4
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/tablepress/css/build/default.css?ver=2.0.4
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/tablepress/css/build/default.css?ver=2.0.4 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
last-modified: Mon, 23 Jan 2023 07:18:01 GMT
etag: W/"63ce34a9-17b4"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/fonts/font-awesome/font-awesome.css?ver=1.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/fonts/font-awesome/font-awesome.css?ver=1.0
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/metamax/fonts/font-awesome/font-awesome.css?ver=1.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: text/css
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-116e1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/cws-essentials/assets/js/simple-likes-public.js?ver=0.5
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/cws-essentials/assets/js/simple-likes-public.js?ver=0.5
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cws-essentials/assets/js/simple-likes-public.js?ver=0.5 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: application/javascript
last-modified: Mon, 13 Jul 2020 17:20:17 GMT
etag: W/"5f0c97d1-534"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/tablepress/js/jquery.datatables.min.js?ver=2.0.4
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/tablepress/js/jquery.datatables.min.js?ver=2.0.4
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/tablepress/js/jquery.datatables.min.js?ver=2.0.4 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 07:18:01 GMT
etag: W/"63ce34a9-150fe"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/js/sticky_sidebar.js?ver=1.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/js/sticky_sidebar.js?ver=1.0
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/metamax/js/sticky_sidebar.js?ver=1.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: application/javascript
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-3a49"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.8.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.8.0
IP 185.136.89.218:0
GET /wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.8.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:21:45 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 10:15:05 GMT
etag: W/"620ccea9-2415"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2