Report - lnx.virzicarburanti.it/contatti/

Report Overview

Submitted URL
lnx.virzicarburanti.it/contatti/
IP
89.46.108.25
ASN
#31034 Aruba S.p.A.
Submitted
2022-09-02 20:10:38
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
80

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.217.237.91
hublosk.com	396405	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	324 B	4.5 kB	104.21.11.189
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	67 kB	142.250.74.163
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	81 kB	142.250.74.10
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	74 kB	34.120.237.76
zerossl.ocsp.sectigo.com	4049	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	336 B	808 B	172.64.155.188
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
lnx.virzicarburanti.it	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	2.3 MB	89.46.108.25
killssource.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.7 kB	212 kB	5.149.254.210
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.9 kB	142.250.74.3
jullyambery.net	379058	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	351 B	626 B	104.21.72.182

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-02	medium	lnx.virzicarburanti.it/contatti/	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-content/plugins/soundy-background-music/css/jquery-ui-1.12.1/jquery-ui.css?ver=6.0.2	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/css/font-awesome/css/font-awesome.min.css?ver=6.0.2	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/css/css-tooltips.css?ver=6.0.2	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/css/bootstrap.css?ver=6.0.2	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0	Malware
2022-09-02	medium	killssource.com/21c1e810f7f98f00b3.js	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-content/uploads/elementor/css/global.css?ver=1661976984	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-content/uploads/elementor/css/post-86.css?ver=1662018721	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-content/plugins/soundy-background-music/js/front-end.js?ver=6.0.2	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/js/bootstrap.min.js?ver=6.0.2	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.4	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.4	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2	Malware
2022-09-02	medium	lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-02	medium	killssource.com	Sinkholed
2022-09-02	medium	killssource.com	Sinkholed
2022-09-02	medium	killssource.com	Sinkholed
2022-09-02	medium	killssource.com	Sinkholed
2022-09-02	medium	killssource.com	Sinkholed
2022-09-02	medium	killssource.com	Sinkholed
2022-09-02	medium	killssource.com	Sinkholed
2022-09-02	medium	killssource.com	Sinkholed
2022-09-02	medium	killssource.com	Sinkholed
2022-09-02	medium	killssource.com	Sinkholed
2022-09-02	medium	killssource.com	Sinkholed
2022-09-02	medium	killssource.com	Sinkholed
2022-09-02	medium	killssource.com	Sinkholed
2022-09-02	medium	killssource.com	Sinkholed
2022-09-02	medium	killssource.com	Sinkholed
2022-09-02	medium	killssource.com	Sinkholed
2022-09-02	medium	killssource.com	Sinkholed
2022-09-02	medium	killssource.com	Sinkholed

JavaScript (24)

	URL	Size	First Seen	Last Seen
	killssource.com/trgt/?cb=__mtz_cb_215458115&key=f5393b39&t=1662149427568	71 B	2023-03-07	2023-03-07
Pretty URL killssource.com/trgt/?cb=__mtz_cb_215458115&key=f5393b39&t=1662149427568 IP 5.149.254.210 ASN #59711 HZ Hosting Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:39 Last Seen2023-03-07 12:11:39 Times Seen1 Hash b1b6f5bfa18a3907f72c2b373ad8826e d815a5402e4ff88d38fabc603779712334173a0c e20cfa42557c251133f0c35710e3daa8a261651eae041a1f280e30519d36dd1a Loading...

	lnx.virzicarburanti.it/wp-content/plugins/soundy-background-music/js/front-end.js?ver=6.0.2	14 kB	2023-03-07	2023-12-02
Pretty URL lnx.virzicarburanti.it/wp-content/plugins/soundy-background-music/js/front-end.js?ver=6.0.2 IP 89.46.108.25 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:48 Last Seen2023-12-02 11:11:27 Times Seen68 Hash 952d2caabd954dc534c8eb545236c8da 001c4b338d90fb0444773338da1c31bc596fc5c2 3afd16b88f2c7e5610bfd63efcb607528fb8134801e163ceb572b972432f013f Loading...

	lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	12 kB	2023-03-07	2024-04-27
Pretty URL lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP 89.46.108.25 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-27 00:16:42 Times Seen52831 Hash 3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0 Loading...

	lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.4	33 kB	2023-03-07	2024-03-31
Pretty URL lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.4 IP 89.46.108.25 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:55 Last Seen2024-03-31 15:07:38 Times Seen285 Hash 2c14a310ba03d9514354cd88cd85e9d4 ad5b3ec8dc78535ef8d1c726281d451516a96105 2d8fc0e5133c54c9c9d83aa54e7f6dd38cff44322a98a83c3a688f3bd96cc6b9 Loading...

	lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.4	40 kB	2023-03-07	2024-03-31
Pretty URL lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.4 IP 89.46.108.25 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:55 Last Seen2024-03-31 15:07:38 Times Seen353 Hash 7036d87210ae766b2d8655fe7b11095d 1817102e57db7be2b61e900076f9d2e39e44e050 5bc95c7fb8d4a568a7966755e750aa5392a39abe08521d3b4895442de86a1678 Loading...

	lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.4	5.0 kB	2023-03-07	2024-03-31
Pretty URL lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.4 IP 89.46.108.25 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:55 Last Seen2024-03-31 15:07:38 Times Seen270 Hash cbaa3f69dc7ed2f5913aff39b391617d 049c6d358a1f44ba299313509a8fcfa17f278fdf 272321688609293a373d0efbd424ff4425ed05237135aa2320a0ae4b662402be Loading...

	lnx.virzicarburanti.it/contatti/	2.0 kB	2023-03-07	2023-03-07
Pretty URL lnx.virzicarburanti.it/contatti/ IP 89.46.108.25 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:39 Last Seen2023-03-07 12:11:39 Times Seen1 Hash 4d18b90e6a175e37632b4e5ee8f7dfdd b5dc5aff56275ac54f9ce0821a3d145aabda96f6 bdae8c76dcba9d475c2fa72ed20963eb346d397fb6061ac4dd99140651521360 Loading...

	lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js	1.4 kB	2023-03-07	2024-03-31
Pretty URL lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js IP 89.46.108.25 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:55 Last Seen2024-03-31 15:07:38 Times Seen162 Hash 699a1138b9010c81a29e3fcf3ce0e517 96e85ea2d14ca3a1b8a647c5c9640d3af898e412 52cb2ef4dc6e4dd45c47230e9b865ad3da0d250c5646b84a7f3dd6dad9815d87 Loading...

	lnx.virzicarburanti.it/contatti/	261 B	2023-03-07	2024-04-26
Pretty URL lnx.virzicarburanti.it/contatti/ IP 89.46.108.25 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:59 Last Seen2024-04-26 16:08:30 Times Seen1108 Hash a44ca5c21ce00aa90b41d07b7433f328 27dfc5b7884464bef26ab64c819be03d91b64a94 ca177a3f08e85984c19e7761a4b5244e7e44b0d1e697f37dc1effffe3498b021 Loading...

	lnx.virzicarburanti.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-26
Pretty URL lnx.virzicarburanti.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 89.46.108.25 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 23:19:42 Times Seen68682 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/js/bootstrap.min.js?ver=6.0.2	29 kB	2023-03-07	2024-04-27
Pretty URL lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/js/bootstrap.min.js?ver=6.0.2 IP 89.46.108.25 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-04-27 00:21:49 Times Seen9770 Hash ba847811448ef90d98d272aeccef2a95 5814e91bb6276f4de8b7951c965f2f190a03978d 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1 Loading...

	lnx.virzicarburanti.it/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1	21 kB	2023-03-07	2024-04-25
Pretty URL lnx.virzicarburanti.it/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 IP 89.46.108.25 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 18:37:12 Times Seen3655 Hash 6aaf0a4e8eac131defea126f5b1b5fbf 24da0326af36303e5a1e9799a3c26f7a1077928c 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5 Loading...

	lnx.virzicarburanti.it/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1	26 kB	2023-03-07	2024-04-25
Pretty URL lnx.virzicarburanti.it/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1 IP 89.46.108.25 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:59 Last Seen2024-04-25 18:37:13 Times Seen354 Hash 9c987714777529a5e2b4afd81a1f2f7f 8248ee40c640ae5c4afb9753c7e30176a3728038 6d4f84a86bb86352e951b6c9af87c3411920e6bdbc2f407b17af06e1ab5caaa4 Loading...

	lnx.virzicarburanti.it/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1	11 kB	2023-03-07	2024-04-24
Pretty URL lnx.virzicarburanti.it/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1 IP 89.46.108.25 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:41 Last Seen2024-04-24 18:24:18 Times Seen348 Hash 0ee357a183287d64fcf277f66d532e6d b45721bde387037ac73347020edb890ac4a77814 7ce6eb9cd7f07b424c34ee977214503668ae5e137d07b3fe0a37373e57686ebf Loading...

	lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/js/menu/menu.js?ver=6.0.2	798 B	2023-03-07	2023-03-07
Pretty URL lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/js/menu/menu.js?ver=6.0.2 IP 89.46.108.25 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:39 Last Seen2023-03-07 12:11:39 Times Seen1 Hash 173d7e4af992022ee8030447519e7f08 88689aa095cf5bdca24c0075f60134485e5d8aa0 4c0f53f31cdfb2204b64723826e22f58e229b8dd29116d46b34c09d26911ad43 Loading...

	lnx.virzicarburanti.it/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1	17 kB	2023-03-07	2024-04-15
Pretty URL lnx.virzicarburanti.it/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1 IP 89.46.108.25 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:41 Last Seen2024-04-15 06:53:32 Times Seen595 Hash aa5fef7b171510a2a430328d4a0f3b03 cf6377f9bd83d9ce5f18c3de8ac7e57c047168d4 5f030eda75a32de3b4f63e28a38e83642b8a723c84ae73bf3726b85cd411bfee Loading...

	lnx.virzicarburanti.it/contatti/	2.2 kB	2023-03-07	2023-03-07
Pretty URL lnx.virzicarburanti.it/contatti/ IP 89.46.108.25 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:39 Last Seen2023-03-07 12:11:39 Times Seen1 Hash c0fc1565d9395253ac0f48020431e690 d47f59609dc1404989e31bb92df181c7ea1b4be9 4fa419155ff1fa0c53830f5e526b2e8dd9cfaa9f31f086775bb88469ba61bfbf Loading...

	killssource.com/ext/21c1e810f7f98f00b3.js?sid=52587_8641_&title=aa&blocks[]=31af2	8.7 kB	2023-03-07	2023-08-13
Pretty URL killssource.com/ext/21c1e810f7f98f00b3.js?sid=52587_8641_&title=aa&blocks[]=31af2 IP 5.149.254.210 ASN #59711 HZ Hosting Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:39 Last Seen2023-08-13 16:05:57 Times Seen4 Hash 2e4900b86217968eff9dd80fd614a3f9 590256408de8c098a871a2bf0a5dbe782d5070a2 887d992a8b7f127f9603d52a23b4add2817792dd74c4abb70bf4ab8b1c68873b Loading...

	killssource.com/optout/get?jsonp=__mtz_cb_105509853&key=21c1e810f7f98f00b3&t=1662149427528	144 B	2023-03-07	2023-03-07
Pretty URL killssource.com/optout/get?jsonp=__mtz_cb_105509853&key=21c1e810f7f98f00b3&t=1662149427528 IP 5.149.254.210 ASN #59711 HZ Hosting Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:39 Last Seen2023-03-07 12:11:39 Times Seen1 Hash a2f10b3c1b7536a75615b509601679ca 0e2d2c691b9e0adbd38a91fbc2fbcd37ad51e7b3 4f35b752856c4bc713ddc19489a366f8ebe98f4730e9f03d1a4a873b0e380704 Loading...

	lnx.virzicarburanti.it/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-26
Pretty URL lnx.virzicarburanti.it/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 89.46.108.25 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 15:38:53 Times Seen31856 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	lnx.virzicarburanti.it/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2	19 kB	2023-03-07	2024-04-26
Pretty URL lnx.virzicarburanti.it/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 IP 89.46.108.25 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 23:19:42 Times Seen38071 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	lnx.virzicarburanti.it/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1	3.4 kB	2023-03-07	2024-04-25
Pretty URL lnx.virzicarburanti.it/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 IP 89.46.108.25 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-25 18:37:12 Times Seen628 Hash 5c38aa6d5b98586ca2ba973ab8b4b6b1 8215983363ea0d74f99368336404b0d27217778f 7c4dcab706e6bf67c64df89d3f5e137cb19efa293771613f511aff1ad563a6df Loading...

	hublosk.com/js/int.js?key=5f688b18da187d591a1d8d3ae7ae8fd008cd7871&uid=8641x	14 kB	2023-03-07	2023-08-13
Pretty URL hublosk.com/js/int.js?key=5f688b18da187d591a1d8d3ae7ae8fd008cd7871&uid=8641x IP 104.21.11.189 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:39 Last Seen2023-08-13 16:05:57 Times Seen4 Hash 3fcb3b14a5811f305e3f9e957ddce4b5 470f39e796452cb8ca0ab381053383d5dfe19685 e2460723f581f8c5f2706726bdebf5a6cebaa0a3afc35d44e7e4fd399b840452 Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 00:31:41 Times Seen37106375 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (90)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 02 Sep 2022 19:13:51 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tdtcrXiIIOjX2kB5bEMBHl7y7BP1fsXQMMU0-U7YoSLw_Ywm8EPeCA==
Age: 3395

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19218
Expires: Sat, 03 Sep 2022 01:30:44 GMT
Date: Fri, 02 Sep 2022 20:10:26 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 01:15:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iueA9vP7OBWRISxINowhZkrtzfhUDvgwb0lEloU4qHsS9PjQBbWWOg==
age: 68109
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:10:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 02 Sep 2022 19:38:16 GMT
Expires: Fri, 02 Sep 2022 20:15:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Pc9QgDDaOdgPK_8mWFOpiIImVLL57h0BFER012-R1N-xtJODhGP-SA==
Age: 1930

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
21daf45cdda2eb462873226bb5c1f0fb
4d4621bbf1461f35f7e536c1dbd9de71978ffa23
8164c742d013bdc2836cac1167acfe482547347ab6a1daefa15475f694dae057

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5985
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:10:27 GMT
Last-Modified: Fri, 02 Sep 2022 18:30:43 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.217.237.91

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.217.237.91:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7GPzqIeS6G1qxDjvE8X5jA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9BDW6D2hIiRgEw9skkU3OwkIt6k=

lnx.virzicarburanti.it/contatti/

89.46.108.25

200 OK

9.7 kB

URL HTTP/1.1
lnx.virzicarburanti.it/contatti/
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047)
Size
9.7 kB (9677 bytes)
Hash
84006c2293136320489d345fcd40069f
55dec7fec1cd99e59fb5e37dd86e1cc32616c2a7
c8c1ed421f24c8e390a94c95407821aad20f0d3f4d1a84fde6c691a1acb67300

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /contatti/ HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: <http://lnx.virzicarburanti.it/wp-json/>; rel="https://api.w.org/", <http://lnx.virzicarburanti.it/wp-json/wp/v2/pages/86>; rel="alternate"; type="application/json", <http://lnx.virzicarburanti.it/?p=86>; rel=shortlink
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%7C900%7Citalic&subset=latin%2Clatin-ext

142.250.74.10

200 OK

759 B

URL HTTP/1.1
fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%7C900%7Citalic&subset=latin%2Clatin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
759 B (759 bytes)
Hash
20e6a3d00ca9e528e7647ee28cf30360
459171c7efc00d093de94ae2d3e68ab6cc34c962
199ca67bdaf0078717656a7f338ff283e9fb51b2c13c942c6221ecbbf31b2c02

HTTP Headers

GET /css?family=Roboto%3A100%2C300%2C400%2C500%2C700%7C900%7Citalic&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 02 Sep 2022 20:10:28 GMT
Date: Fri, 02 Sep 2022 20:10:28 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

lnx.virzicarburanti.it/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2

89.46.108.25

200 OK

12 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (43771)
Size
12 kB (12062 bytes)
Hash
6deba145701e1ec3d23d79a2465f4449
251e4f7ef516d58489ce4f66e382d10e70d7d9d9
d96ae43ee972423cca433cd10de81c7f54f5ff53396746ae41e93d02f0cce07c

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 12 Jul 2022 21:13:34 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-content/plugins/soundy-background-music/css/style-front-end.css?ver=6.0.2

89.46.108.25

200 OK

199 B

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/plugins/soundy-background-music/css/style-front-end.css?ver=6.0.2
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text
Size
199 B (199 bytes)
Hash
078feb7e8945c47c9bde940ab55f087e
5eff5728330a35df94709450d8fcaae6e305d2c2
795f5440a33ed3cd4d7f0f42bd8ecbef44d815805a928f1505f89e93dc91e96e

HTTP Headers

GET /wp-content/plugins/soundy-background-music/css/style-front-end.css?ver=6.0.2 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: text/css
Content-Length: 199
Connection: keep-alive
Last-Modified: Tue, 27 Nov 2018 22:04:35 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy141.ad.aruba.it

lnx.virzicarburanti.it/wp-content/plugins/soundy-background-music/css/jquery-ui-1.12.1/jquery-ui.css?ver=6.0.2

89.46.108.25

200 OK

8.8 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/plugins/soundy-background-music/css/jquery-ui-1.12.1/jquery-ui.css?ver=6.0.2
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (2515)
Size
8.8 kB (8752 bytes)
Hash
f1dcbd217fca9ddd3b89849d5b435c45
c836f61bfdd04345446964eab590b0e6668a2db5
fdfb743332e02657f6cd70bed78235520ef66e4be6c4d2b979a6d7dd4e0a153e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/soundy-background-music/css/jquery-ui-1.12.1/jquery-ui.css?ver=6.0.2 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 27 Nov 2018 22:04:35 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/css/theme-menu.css?ver=6.0.2

89.46.108.25

200 OK

934 B

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/css/theme-menu.css?ver=6.0.2
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text
Size
934 B (934 bytes)
Hash
99e309cd3d96ceef604cd024a849d8b6
1fa01f9b71e810580ec332b51bdd3b91fcdf2fa5
9df363528be1be7fb3b1b0fb9ffb672006f278b962f2081d308b57c45fef9201

HTTP Headers

GET /wp-content/themes/wallstreet-pro/css/theme-menu.css?ver=6.0.2 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 27 Nov 2018 08:18:59 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/css/default.css?ver=6.0.2

89.46.108.25

200 OK

6.4 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/css/default.css?ver=6.0.2
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (324)
Size
6.4 kB (6420 bytes)
Hash
1f4b30eee835f7847c05eda639c8da0d
08c40e495a01aa3567eac09d8be5ca5909c1cbbb
eeaa69d0b497cbdaa4997b34e7bf88bd31f477e108f541a6510867c6f93804a4

HTTP Headers

GET /wp-content/themes/wallstreet-pro/css/default.css?ver=6.0.2 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 27 Nov 2018 08:18:59 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/css/media-responsive.css?ver=6.0.2

89.46.108.25

200 OK

2.5 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/css/media-responsive.css?ver=6.0.2
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
Non-ISO extended-ASCII text
Size
2.5 kB (2510 bytes)
Hash
61f18ce92ca20792d7c07d7e9bc7fddd
95ce8214590033374b6db715c4c78b61e2ec4e75
44f5691e7a5e1a93c9bd7fb7323d21e400603911c0450efbe7d98027c5a4b4b0

HTTP Headers

GET /wp-content/themes/wallstreet-pro/css/media-responsive.css?ver=6.0.2 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 27 Nov 2018 08:18:59 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/css/font-awesome/css/font-awesome.min.css?ver=6.0.2

89.46.108.25

200 OK

7.1 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/css/font-awesome/css/font-awesome.min.css?ver=6.0.2
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (30837)
Size
7.1 kB (7102 bytes)
Hash
f529ce613d8baf3f3cccfd46f03a084d
84ef851e9885ccc24911e5c03f1cc0d094959cd3
ad0cc939bf160d744317828d29614b37cde0ba0ef08365d8f8b919fe89df3caf

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/wallstreet-pro/css/font-awesome/css/font-awesome.min.css?ver=6.0.2 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 27 Nov 2018 08:18:58 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/style.css?ver=6.0.2

89.46.108.25

200 OK

15 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/style.css?ver=6.0.2
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text
Size
15 kB (14994 bytes)
Hash
1e705f21d66c670c5939f9a5cb6d5b9d
646e3424a7870e5bbe2344ca5bab1326870d56da
924709e5021f8b96178c55a164f23a78ab2715f6d21a6ac45fedf62f2a29f915

HTTP Headers

GET /wp-content/themes/wallstreet-pro/style.css?ver=6.0.2 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 27 Nov 2018 08:19:00 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/css/css-tooltips.css?ver=6.0.2

89.46.108.25

200 OK

779 B

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/css/css-tooltips.css?ver=6.0.2
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text
Size
779 B (779 bytes)
Hash
91fc35a5a5a11fd41d9f567ecb99847a
db5eaac8df23e02e2405f4f671003f543e46793c
183d0853f7334df0e3a7b02f0fa5692dcd3492bf4e93de8998b10aa5b30099f2

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/wallstreet-pro/css/css-tooltips.css?ver=6.0.2 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 27 Nov 2018 08:18:59 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/css/bootstrap.css?ver=6.0.2

89.46.108.25

200 OK

19 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/css/bootstrap.css?ver=6.0.2
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
assembler source, ASCII text, with very long lines (540)
Size
19 kB (18766 bytes)
Hash
4ed33428c067ae0a30d47072002667fc
940975017c85f49da9028e5ed77e7ac886a00c24
20b7f55770c852f6ae22ed23c492444a6e3fea397cd8e36713ad1d6df210e3c6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/wallstreet-pro/css/bootstrap.css?ver=6.0.2 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 27 Nov 2018 08:18:59 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0

89.46.108.25

200 OK

4.0 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (19233)
Size
4.0 kB (3976 bytes)
Hash
a20e547c7a4e64ef3adce25393c6fd60
771f0d222ab2184b286ea5b95a529147f5c62ebc
aaac06aabc7a8460fd8af6680f4ab888f3056cb8bf0b018e9ea4b921e73ac742

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 31 Aug 2022 20:09:33 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

killssource.com/21c1e810f7f98f00b3.js

5.149.254.210

200 OK

204 kB

URL HTTP/1.1
killssource.com/21c1e810f7f98f00b3.js
IP
5.149.254.210:0
ASN
#59711 HZ Hosting Ltd

File type
ASCII text, with very long lines (65536), with no line terminators
Size
204 kB (204447 bytes)
Hash
e70800e55b5adf7c18cf454e40312fdd
69d1f97e3407f596d2fdfab1b7955e27591057fb
f8213ba776025ea37d0a957edc7f38e82276163e66c9dce155a4de3134d23215

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /21c1e810f7f98f00b3.js HTTP/1.1
Host: killssource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: application/javascript
Content-Length: 204447
Connection: keep-alive
Last-Modified: Thu, 24 Feb 2022 09:08:23 GMT
ETag: "62174b07-31e9f"
Expires: Fri, 02 Sep 2022 20:40:28 GMT
Cache-Control: max-age=1800, public
Accept-Ranges: bytes

lnx.virzicarburanti.it/wp-content/uploads/elementor/css/post-192.css?ver=1661976984

89.46.108.25

200 OK

357 B

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/uploads/elementor/css/post-192.css?ver=1661976984
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (1119), with no line terminators
Size
357 B (357 bytes)
Hash
90e4384c0a5829c75845097cc50f096b
23629abb384522883129cc80661ddddca9be7d37
07c5f842a62ac1c558db72d5ec51b7726ebe35e09174aca65a86a873eb3629f7

HTTP Headers

GET /wp-content/uploads/elementor/css/post-192.css?ver=1661976984 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 31 Aug 2022 20:16:24 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-content/uploads/elementor/css/global.css?ver=1661976984

89.46.108.25

200 OK

853 B

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/uploads/elementor/css/global.css?ver=1661976984
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (6697)
Size
853 B (853 bytes)
Hash
6353561f71bb562b9a6dceb3d5f63039
57fe1cf802591d0060ffbb5a5e1823e06947d83e
ab94c495f8ce2d5f82ec25eebab9570f3b9460e5d4d7d0632e7e845474ae1b52

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/elementor/css/global.css?ver=1661976984 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 31 Aug 2022 20:16:24 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-content/uploads/elementor/css/post-86.css?ver=1662018721

89.46.108.25

200 OK

956 B

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/uploads/elementor/css/post-86.css?ver=1662018721
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (5306), with no line terminators
Size
956 B (956 bytes)
Hash
c0f3c7665b16d6b01f428440cf5bbd4c
7cbde4bd7c245cba58e9f911e6b9ae2dd393cfaa
728b6ebf0edf7c0f78d2a0e4d99494942773cc5480224759908599e0dc7292ba

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/elementor/css/post-86.css?ver=1662018721 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 01 Sep 2022 07:52:01 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4

89.46.108.25

200 OK

21 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (65497)
Size
21 kB (20811 bytes)
Hash
9c53b0aba28867a39c47d1ffb3f6cd71
f3b55712abc181dfa15edcf3ea2793b30ab803bc
225939d0a0f2cf1934987ed4460a23eaa6be86feb16dc0fbb083489fd4ecc30e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 31 Aug 2022 20:09:32 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

89.46.108.25

200 OK

31 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (65447)
Size
31 kB (31148 bytes)
Hash
0e12e8ad50f470e9a500e00b739965c2
505d806a166278dd2e066b5e00952dd4dfc9605f
6d3c4243e698d8bf64940fa1295d60edc1add8c7b733048b1ff7cea9b98380d8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 20 Jul 2021 21:16:46 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

89.46.108.25

200 OK

4.2 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (11126)
Size
4.2 kB (4176 bytes)
Hash
5f0c7c68ce291948081d8bc40b311a4d
52e9e66db13df06a18cb59905195d45ee80e466a
d0f639afed36e6a912a17a467beb71c7f3976cc9cfba3d105a76e985c487e62f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 28 Feb 2021 11:58:34 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg

34.120.237.76

200 OK

17 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
17 kB (16818 bytes)
Hash
12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: fa921878-2054-453b-b313-681cdd9c9068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj-Z_HUNIAMFltg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b110c-053ce81943fea70c2de7daa0;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 06:54:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CDyJUMKmUlrT3LgfeiZhQN1XEV2vKTIZtmV4QZYXaoM4PWbYo8IyJA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 14:46:29 GMT
age: 19439
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

lnx.virzicarburanti.it/wp-content/plugins/soundy-background-music/js/front-end.js?ver=6.0.2

89.46.108.25

200 OK

2.1 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/plugins/soundy-background-music/js/front-end.js?ver=6.0.2
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text
Size
2.1 kB (2070 bytes)
Hash
583b8ec9d1298e7140a8a78110a062c4
b800b938a61433715f25dc588a3bbbfcf3994856
5c008e64915a72dc0b65b9123c066efb7d33df2bb71d94fa2dbe29dfa826b29d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/soundy-background-music/js/front-end.js?ver=6.0.2 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 27 Nov 2018 22:04:35 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/js/menu/menu.js?ver=6.0.2

89.46.108.25

200 OK

332 B

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/js/menu/menu.js?ver=6.0.2
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text
Size
332 B (332 bytes)
Hash
feed7b78d542498ce3b5851c6a32846b
ff058d30ce7d6459beca4254e1942a7dff7daa9b
bd15b710f1749eebe21f0f840de761ea48774b63e1281f8ba5dd835450c337de

HTTP Headers

GET /wp-content/themes/wallstreet-pro/js/menu/menu.js?ver=6.0.2 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 27 Nov 2018 08:18:59 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9252 bytes)
Hash
5ba50b2fd1814c5ffc95aef40c69ce8c
cbb4546228115cccc122b16209e70171bef5c1f2
de822c8549508b28a07d29b203ae3ef356470df906cba727fc765f1bd14bb866

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9252
x-amzn-requestid: 7feebba8-f6b9-4b79-9726-5a7534da277e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyVG5DoAMF_Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112675-3123158f3dcfbd476537ca3c;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BOa5zGQyJS9q9bHmtKzlNtyS9ToGPZJkDFo2uY2lzz8Lnd3cZLQEaA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:01:10 GMT
age: 79758
etag: "cbb4546228115cccc122b16209e70171bef5c1f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5079 bytes)
Hash
5c3b7580a37e6eb7e5bd18491f1d4dd6
288b82ad8f924eb9570ae1c55da84d041f862366
046d1ef76448c53446068ef5f8315b7299484996cdebfd9d1e749b4ded9c7d3c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 5079
x-amzn-requestid: 3b19c77a-2e9b-499f-890b-36fc4ee72ba7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslOVEtZIAMFv1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e825b-01b7b71617b59f7414a0e5e5;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: et3ZsWRVoBNMpArUk9CohTyMpS5F0eKiR6cZJRfwAEiiFJUaeay58g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:48:05 GMT
age: 80543
etag: "288b82ad8f924eb9570ae1c55da84d041f862366"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5889 bytes)
Hash
24d848f7606889b048b6334e70d8a5e0
85239ef4f2fee8d3345e599bc942cab63ff3aaf6
da6cf33b440b51f72a70f309d62fd581aed246b6a78b8f329fa3899db15ff86d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 5889
x-amzn-requestid: 42237574-f86e-4ece-b986-6d0c5910fcc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMVgHajoAMFmXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112756-48ff9d98464cf3c9680d97b4;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:42:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _7BBSlQQucoO5poncTYuX4fcmS4WFg3UcVFXalckGCCNFKJ0h5UpsQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:06:51 GMT
etag: "85239ef4f2fee8d3345e599bc942cab63ff3aaf6"
content-type: image/jpeg
age: 79417
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10435 bytes)
Hash
955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: n6DJbsUGTdXT42cNLTDq6Uz28H2SDhwq6drdKP4axAHsBz471X7r_g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
age: 81182
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6196 bytes)
Hash
5e05660322f0368dd2bf8067d7e4554d
ec65cb47d86488f734c945a210d5f636a40fea2c
98875230ec45766102191bdc4180742fa3b8f3ad5ad1a128d12437105f86247e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6196
x-amzn-requestid: a7d6ce70-06d7-498c-8024-80185a3fc3e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyLFmVIAMFkcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112674-3fad622927177e9236d7c50a;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wLezqM4_yKqtOR7D43beBqm8TAD5y8eQ7xHOxjDJdHchCpyusuzMuQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:55:46 GMT
etag: "ec65cb47d86488f734c945a210d5f636a40fea2c"
content-type: image/jpeg
age: 80082
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/js/bootstrap.min.js?ver=6.0.2

89.46.108.25

200 OK

7.7 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/themes/wallstreet-pro/js/bootstrap.min.js?ver=6.0.2
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (28941)
Size
7.7 kB (7731 bytes)
Hash
0c3743d2f5185f6f0452ee583d365e14
90a5df4c52d02852083fc0cc4be0583f948d0922
790af76afba01fa0302a3624e45050aa79f447b3223c14ded120b4f057a34422

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/wallstreet-pro/js/bootstrap.min.js?ver=6.0.2 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 27 Nov 2018 08:18:59 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.4

89.46.108.25

200 OK

2.6 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.4
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (10019)
Size
2.6 kB (2631 bytes)
Hash
c42d43078a3ff558042b6ec80c66a086
fd8951772644a8b4c30111eb74f33fff40d4e095
050daa68d90726ceafd44b1eb12565fea6845bb17cce63464effd28199a0df61

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.4 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 31 Aug 2022 20:09:33 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1

89.46.108.25

200 OK

6.9 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
6.9 kB (6934 bytes)
Hash
9c593d755dbdf3a431384342bc3518b4
daf916d960acc3b6bed753e3efb10089e60644da
aeebc17c48898a6d5355cba8d1bde529a0abb970449ac1590636c0d592ecabca

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 24 May 2022 20:19:11 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1

89.46.108.25

200 OK

1.1 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (3233)
Size
1.1 kB (1094 bytes)
Hash
145aff15f3bfe80c7ad49092d16d3aa4
8fa63700b4375ad2e3b1497e017b222d72853c47
83a984633eb642f728c00769a377132fbbaa33ce39ef7348fb844586ecda0da0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 24 May 2022 20:19:11 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14246
Expires: Sat, 03 Sep 2022 00:07:54 GMT
Date: Fri, 02 Sep 2022 20:10:28 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
59bdc2e0a449c6388eb0c96da3586600
c61d2414961c4f05c9bcf400d6a1d9792fbe9093
2b3c911dddbf9fad01ea3232354ac2f0e6731541ab3a7e916ef09682dd43cf4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:10:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14246
Expires: Sat, 03 Sep 2022 00:07:54 GMT
Date: Fri, 02 Sep 2022 20:10:28 GMT
Connection: keep-alive

lnx.virzicarburanti.it/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1

89.46.108.25

200 OK

6.6 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
HTML document, ASCII text, with very long lines (25274)
Size
6.6 kB (6648 bytes)
Hash
6911fd4b538be5a12f29eb3e83e2007d
ef19a0c92ef2595fe834759c3cdc042c73d6602b
080d55ca1ace1e4fe9af1bedd440dd750bb65239722f1813798ecbdffe4154ab

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 24 May 2022 20:19:11 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1

89.46.108.25

200 OK

3.2 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (10572)
Size
3.2 kB (3153 bytes)
Hash
9cd54e3eaac197ddb0b602afbdca59f4
0fe878d6e717b68535d874e901e8ddec88031b8d
ab06b566b642797202b5980049182d91f5cf16bfe7df053cf86e62e35c37e5d8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 24 May 2022 20:19:11 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14246
Expires: Sat, 03 Sep 2022 00:07:54 GMT
Date: Fri, 02 Sep 2022 20:10:28 GMT
Connection: keep-alive

lnx.virzicarburanti.it/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1

89.46.108.25

200 OK

6.5 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (15439)
Size
6.5 kB (6508 bytes)
Hash
a57519de71adf28b8c982f20bc8655c9
93d9d6e6687d96ded68256daa0e85069ad62753a
79c11972807178fa2d1bc4e1c4fc095ff10a32590cdaf5c84329b18e11b25104

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 24 May 2022 20:19:11 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.4

89.46.108.25

200 OK

2.2 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.4
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (4918)
Size
2.2 kB (2193 bytes)
Hash
1e42886576e646c62bcf85c8b89fe893
7e1f90ded7cce9ee7d7d40502717407123eb7ce5
4cba0701c03786b815cf0b1ddb4399607ffce63cfc7cf4bdad67a936c2a7317f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.4 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 31 Aug 2022 20:09:33 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

89.46.108.25

200 OK

3.0 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (12198), with no line terminators
Size
3.0 kB (3015 bytes)
Hash
e65ea0438473fb6374955fee1f3eba50
b9dba5f666e935feb1f8d2ef7603498c4fc41084
6d9426074ca65faa87b9b2a31d90558edd3f2e99bd1395be93386e2365c07a42

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 31 Aug 2022 20:09:34 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.4

89.46.108.25

200 OK

11 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.4
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
Unicode text, UTF-8 text, with very long lines (32889)
Size
11 kB (10815 bytes)
Hash
36c5bf0e70f8813469feae1f6c162959
5675d9a07f1ee6fc3619ca13be386110ddf0e311
ec845201e4a55cd8bc546f1ff2f1b4d3d252a6d9686b21042b539866526fa1a3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.4 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 31 Aug 2022 20:09:32 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.4

89.46.108.25

200 OK

12 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.4
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (40474)
Size
12 kB (12146 bytes)
Hash
15e1313c7e30fa80c85e843201da7a64
9d8bdcb1739fb8bdc16b89490fc6f73fa9580529
07cba380201f958311f235baf003625a8280ff1a38a1c3e8b687896fa3d31f09

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.4 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 31 Aug 2022 20:09:32 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

lnx.virzicarburanti.it/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2

89.46.108.25

200 OK

5.1 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (15660)
Size
5.1 kB (5083 bytes)
Hash
8592048ec656e41d4797240e7df5ac38
5ed5d9f50f67b9283dc78d0f0ad9e4ab53af595b
0865155ebddd7c505b677182ab113cc5f1ba66ccc7bd085c3aa8f94403fdc6cd

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 24 May 2022 20:19:11 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
59bdc2e0a449c6388eb0c96da3586600
c61d2414961c4f05c9bcf400d6a1d9792fbe9093
2b3c911dddbf9fad01ea3232354ac2f0e6731541ab3a7e916ef09682dd43cf4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:10:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

killssource.com/metric/?wid=52587&sid=&mid=&tid=8641&rid=LAUNCHED&t=1662149427424&t=1662149427425

5.149.254.210

200 OK

43 B

URL HTTP/1.1
killssource.com/metric/?wid=52587&sid=&mid=&tid=8641&rid=LAUNCHED&t=1662149427424&t=1662149427425
IP
5.149.254.210:0
ASN
#59711 HZ Hosting Ltd

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /metric/?wid=52587&sid=&mid=&tid=8641&rid=LAUNCHED&t=1662149427424&t=1662149427425 HTTP/1.1
Host: killssource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive

lnx.virzicarburanti.it/wp-content/uploads/2018/11/1200x789_parco_dell_etna_contrada_fontanamurata-870x410.jpg

89.46.108.25

200 OK

55 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/uploads/2018/11/1200x789_parco_dell_etna_contrada_fontanamurata-870x410.jpg
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 870x410, components 3\012- data
Size
55 kB (55391 bytes)
Hash
4b5d86ee815af96246559c5004dc3660
c6dae0f3ca22fe43ac5e83d3625750febc09e7d9
c1fa6c19aeabbe98bb468e7d3992a9cc581b7680da570b13a489aec2b0edcc6f

HTTP Headers

GET /wp-content/uploads/2018/11/1200x789_parco_dell_etna_contrada_fontanamurata-870x410.jpg HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: image/jpeg
Content-Length: 55391
Connection: keep-alive
Last-Modified: Tue, 27 Nov 2018 14:53:57 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy141.ad.aruba.it

lnx.virzicarburanti.it/wp-content/uploads/2018/11/cropped-17879961_937850453024561_3379939186224020095_o.jpg

89.46.108.25

200 OK

101 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/uploads/2018/11/cropped-17879961_937850453024561_3379939186224020095_o.jpg
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1600x400, components 3\012- data
Size
101 kB (101107 bytes)
Hash
86118e75b9ba4da3a3234424be742770
5f713469e0663fdda1125dfb5fead319a234bb7b
8af1a6321d35d6eaf6e3b1cafa169194dfc3dfb61008013712126595a8f7683b

HTTP Headers

GET /wp-content/uploads/2018/11/cropped-17879961_937850453024561_3379939186224020095_o.jpg HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:28 GMT
Content-Type: image/jpeg
Content-Length: 101107
Connection: keep-alive
Last-Modified: Tue, 27 Nov 2018 14:54:53 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy141.ad.aruba.it

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7ce90d6fafa13d92fcf445b688f0389f
480461a46fc291cbcdf6218c7743779d7e862788
dd33483769f6c715aeb257c2955147c1a5a47b0af1684190247701465af8af6c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:10:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:10:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://lnx.virzicarburanti.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 174981
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://lnx.virzicarburanti.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 174981
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://lnx.virzicarburanti.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:21 GMT
expires: Thu, 31 Aug 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 174968
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lnx.virzicarburanti.it/wp-content/uploads/2018/11/cropped-550459_110598075749807_1339197802_n-1.jpg

89.46.108.25

200 OK

93 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/uploads/2018/11/cropped-550459_110598075749807_1339197802_n-1.jpg
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "*", baseline, precision 8, 1600x400, components 3\012- data
Size
93 kB (92667 bytes)
Hash
da67be4b12bcc7a5037d69996c113f72
7a5d9cad6ccc53d46b44e79717c70c31fdef0de2
a75c5a2b46402ff4e394adc2a29e0de25a6a8dd81c5330c6ceb9faec4c9abdb2

HTTP Headers

GET /wp-content/uploads/2018/11/cropped-550459_110598075749807_1339197802_n-1.jpg HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/wp-content/uploads/elementor/css/post-86.css?ver=1662018721

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: image/jpeg
Content-Length: 92667
Connection: keep-alive
Last-Modified: Tue, 27 Nov 2018 20:57:59 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy141.ad.aruba.it

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://lnx.virzicarburanti.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 Aug 2022 02:02:22 GMT
expires: Sun, 27 Aug 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 583687
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7ce90d6fafa13d92fcf445b688f0389f
480461a46fc291cbcdf6218c7743779d7e862788
dd33483769f6c715aeb257c2955147c1a5a47b0af1684190247701465af8af6c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:10:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

killssource.com/metric/?wid=52587&sid=&tid=8641&mid=&rid=BEFORE_OPTOUT_REQ&t=1662149427527

5.149.254.210

200 OK

43 B

URL HTTP/1.1
killssource.com/metric/?wid=52587&sid=&tid=8641&mid=&rid=BEFORE_OPTOUT_REQ&t=1662149427527
IP
5.149.254.210:0
ASN
#59711 HZ Hosting Ltd

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /metric/?wid=52587&sid=&tid=8641&mid=&rid=BEFORE_OPTOUT_REQ&t=1662149427527 HTTP/1.1
Host: killssource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7ce90d6fafa13d92fcf445b688f0389f
480461a46fc291cbcdf6218c7743779d7e862788
dd33483769f6c715aeb257c2955147c1a5a47b0af1684190247701465af8af6c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:10:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7ce90d6fafa13d92fcf445b688f0389f
480461a46fc291cbcdf6218c7743779d7e862788
dd33483769f6c715aeb257c2955147c1a5a47b0af1684190247701465af8af6c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:10:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2

142.250.74.10

200 OK

79 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
79 kB (78703 bytes)
Hash
ad5d575037189b32ec6a82a66f45cdf3
902eada0d518b495a9a7ddef8637a603ad50031f
03cde34753e79ff8668223cde0247567fba15e4d8bbd39c6e559c1debeb5bf67

HTTP Headers

GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 20:10:28 GMT
date: Fri, 02 Sep 2022 20:10:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

killssource.com/metric/?wid=52587&sid=&tid=8641&mid=&rid=LOADED&custom1=lnx.virzicarburanti.it&custom2=%2Fcontatti%2F&custom3=killssource.com&t=1662149427526

5.149.254.210

200 OK

43 B

URL HTTP/1.1
killssource.com/metric/?wid=52587&sid=&tid=8641&mid=&rid=LOADED&custom1=lnx.virzicarburanti.it&custom2=%2Fcontatti%2F&custom3=killssource.com&t=1662149427526
IP
5.149.254.210:0
ASN
#59711 HZ Hosting Ltd

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /metric/?wid=52587&sid=&tid=8641&mid=&rid=LOADED&custom1=lnx.virzicarburanti.it&custom2=%2Fcontatti%2F&custom3=killssource.com&t=1662149427526 HTTP/1.1
Host: killssource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive

killssource.com/metric/?wid=52587&sid=&tid=8641&mid=&rid=FINISHED&custom1=lnx.virzicarburanti.it&t=1662149427570

5.149.254.210

200 OK

43 B

URL HTTP/1.1
killssource.com/metric/?wid=52587&sid=&tid=8641&mid=&rid=FINISHED&custom1=lnx.virzicarburanti.it&t=1662149427570
IP
5.149.254.210:0
ASN
#59711 HZ Hosting Ltd

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /metric/?wid=52587&sid=&tid=8641&mid=&rid=FINISHED&custom1=lnx.virzicarburanti.it&t=1662149427570 HTTP/1.1
Host: killssource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive

killssource.com/trgt/?cb=__mtz_cb_215458115&key=f5393b39&t=1662149427568

5.149.254.210

200 OK

71 B

URL HTTP/1.1
killssource.com/trgt/?cb=__mtz_cb_215458115&key=f5393b39&t=1662149427568
IP
5.149.254.210:0
ASN
#59711 HZ Hosting Ltd

File type
ASCII text, with no line terminators
Size
71 B (71 bytes)
Hash
b1b6f5bfa18a3907f72c2b373ad8826e
d815a5402e4ff88d38fabc603779712334173a0c
e20cfa42557c251133f0c35710e3daa8a261651eae041a1f280e30519d36dd1a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /trgt/?cb=__mtz_cb_215458115&key=f5393b39&t=1662149427568 HTTP/1.1
Host: killssource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: application/javascript
Content-Length: 71
Connection: keep-alive
Access-Control-Allow-Origin: *
Set-Cookie: __mtz_usrdf5393b39=39; Path=/; Expires=Thu, 02 Sep 2032 20:10:29 GMT
__mtz_uuidf5393b39=c68b6fefd8cf9671366d60e50309ea79; Path=/; Expires=Thu, 02 Sep 2032 20:10:29 GMT

killssource.com/metric/?wid=52587&sid=&tid=8641&mid=&rid=TARGETING_RESPONSE_OK&t=1662149427635

5.149.254.210

200 OK

43 B

URL HTTP/1.1
killssource.com/metric/?wid=52587&sid=&tid=8641&mid=&rid=TARGETING_RESPONSE_OK&t=1662149427635
IP
5.149.254.210:0
ASN
#59711 HZ Hosting Ltd

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /metric/?wid=52587&sid=&tid=8641&mid=&rid=TARGETING_RESPONSE_OK&t=1662149427635 HTTP/1.1
Host: killssource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive

lnx.virzicarburanti.it/wp-content/uploads/2019/02/IMG-0144-e1551203651616.jpg

89.46.108.25

200 OK

1.8 MB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/uploads/2019/02/IMG-0144-e1551203651616.jpg
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, manufacturer=Apple, model=iPhone XS, orientation=upper-left, xresolution=138, yresolution=146, resolutionunit=2, software=12.1.4, datetime=2019:02:26 17:30:59], baseline, precision 8, 3024x4032, components 3\012- data
Size
1.8 MB (1834456 bytes)
Hash
9625beda938627b667c1986755628213
4f0a3d5b4d2cf022a7c697c300433e55e610c9e0
c0c414e9a339a6a11e39fa279dfaa0bd0bf7ab5f1ab119dee118cacd88bafc4f

HTTP Headers

GET /wp-content/uploads/2019/02/IMG-0144-e1551203651616.jpg HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/wp-content/uploads/elementor/css/post-86.css?ver=1662018721

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: image/jpeg
Content-Length: 1834456
Connection: keep-alive
Last-Modified: Tue, 26 Feb 2019 17:54:11 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy141.ad.aruba.it

lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

89.46.108.25

200 OK

665 B

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (1320)
Size
665 B (665 bytes)
Hash
620ef9f8a0267c826ee65857badf7c72
20b9d0ccf5fe311d5d3f58266724c36397d94955
c7f48a3ecb5727ece293bac9fbbefd23bf68e17430fddf14414182814ced1a56

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 31 Aug 2022 20:09:33 GMT
X-ServerName: ipvsproxy141.ad.aruba.it
Content-Encoding: gzip

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

316 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
316 B (316 bytes)
Hash
1e3133ec76724029cd6070023f5145de
f1c646012562dcc420e7f950f29357511ae44f2d
e3db49ff933af34505a01aaf6559603fb6ecd7d58529331df40dc955c9109b8f

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 16:43:18 GMT
Expires: Fri, 09 Sep 2022 16:43:17 GMT
Etag: "f1c646012562dcc420e7f950f29357511ae44f2d"
Cache-Control: max-age=591767,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7448e3ac8914b51b-OSL

killssource.com/optout/get?jsonp=__mtz_cb_105509853&key=21c1e810f7f98f00b3&t=1662149427528

5.149.254.210

200 OK

144 B

URL HTTP/1.1
killssource.com/optout/get?jsonp=__mtz_cb_105509853&key=21c1e810f7f98f00b3&t=1662149427528
IP
5.149.254.210:0
ASN
#59711 HZ Hosting Ltd

File type
ASCII text
Size
144 B (144 bytes)
Hash
a2f10b3c1b7536a75615b509601679ca
0e2d2c691b9e0adbd38a91fbc2fbcd37ad51e7b3
4f35b752856c4bc713ddc19489a366f8ebe98f4730e9f03d1a4a873b0e380704

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /optout/get?jsonp=__mtz_cb_105509853&key=21c1e810f7f98f00b3&t=1662149427528 HTTP/1.1
Host: killssource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive

hublosk.com/js/int.js?key=5f688b18da187d591a1d8d3ae7ae8fd008cd7871&uid=8641x

104.21.11.189

200 OK

3.8 kB

URL HTTP/1.1
hublosk.com/js/int.js?key=5f688b18da187d591a1d8d3ae7ae8fd008cd7871&uid=8641x
IP
104.21.11.189:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
3.8 kB (3814 bytes)
Hash
8c93cb45604b32d5fb3cf334f9448c13
79243a54363f399f55e71625ed59fbaccb97eb9c
2a44b80ed3d4016684b3eb5d1a39ae7e3bc34a565e73dff3d422b34c5974f44b

HTTP Headers

GET /js/int.js?key=5f688b18da187d591a1d8d3ae7ae8fd008cd7871&uid=8641x HTTP/1.1
Host: hublosk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/

HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 02 Sep 2022 08:29:22 GMT
Referrer-Policy: no-referrer
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5369
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rteDAmomo%2BUoeCcy9i3D2%2Bz1Zq%2FPrw4qKuB3XLS4blCfYHwWv%2FGQuGnGEMZavdplBvPctzyxxBd0LUVNhgc0BSPzsPyYeZ6hB39psmVN1BGlXcn60kL5KLdYUjzpLA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7448e3ae3913b503-OSL
alt-svc: h2=":443"; ma=60

killssource.com/metric/?wid=52587&sid=&tid=8641&mid=&rid=OPTOUT_RESPONSE_OK&t=1662149427869

5.149.254.210

200 OK

43 B

URL HTTP/1.1
killssource.com/metric/?wid=52587&sid=&tid=8641&mid=&rid=OPTOUT_RESPONSE_OK&t=1662149427869
IP
5.149.254.210:0
ASN
#59711 HZ Hosting Ltd

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /metric/?wid=52587&sid=&tid=8641&mid=&rid=OPTOUT_RESPONSE_OK&t=1662149427869 HTTP/1.1
Host: killssource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive

killssource.com/optout/set/userid?jsonp=__mtz_cb_164822903&key=21c1e810f7f98f00b3&cv=69&t=1662149427870

5.149.254.210

200 OK

0 B

URL HTTP/1.1
killssource.com/optout/set/userid?jsonp=__mtz_cb_164822903&key=21c1e810f7f98f00b3&cv=69&t=1662149427870
IP
5.149.254.210:0
ASN
#59711 HZ Hosting Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /optout/set/userid?jsonp=__mtz_cb_164822903&key=21c1e810f7f98f00b3&cv=69&t=1662149427870 HTTP/1.1
Host: killssource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Set-Cookie: __mntz_usrd_21c1e810f7f98f00b3=69;Path=/;Max-Age=31536000;SameSite=None;Secure

killssource.com/metric/?wid=52587&sid=&tid=8641&mid=cd1d2&rid=MNTZ_INJECT&t=1662149427871

5.149.254.210

200 OK

43 B

URL HTTP/1.1
killssource.com/metric/?wid=52587&sid=&tid=8641&mid=cd1d2&rid=MNTZ_INJECT&t=1662149427871
IP
5.149.254.210:0
ASN
#59711 HZ Hosting Ltd

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /metric/?wid=52587&sid=&tid=8641&mid=cd1d2&rid=MNTZ_INJECT&t=1662149427871 HTTP/1.1
Host: killssource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive

killssource.com/metric/?wid=52587&sid=&tid=8641&mid=90f06&rid=MNTZ_INJECT&t=1662149427873

5.149.254.210

200 OK

43 B

URL HTTP/1.1
killssource.com/metric/?wid=52587&sid=&tid=8641&mid=90f06&rid=MNTZ_INJECT&t=1662149427873
IP
5.149.254.210:0
ASN
#59711 HZ Hosting Ltd

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /metric/?wid=52587&sid=&tid=8641&mid=90f06&rid=MNTZ_INJECT&t=1662149427873 HTTP/1.1
Host: killssource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive

jullyambery.net/api?key=a1ce18e5e2b4b1b1895a38130270d6d344d031c0&uid=8641x&format=arrjs&r=1662149427874

104.21.72.182

204 No Content

0 B

URL HTTP/1.1
jullyambery.net/api?key=a1ce18e5e2b4b1b1895a38130270d6d344d031c0&uid=8641x&format=arrjs&r=1662149427874
IP
104.21.72.182:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api?key=a1ce18e5e2b4b1b1895a38130270d6d344d031c0&uid=8641x&format=arrjs&r=1662149427874 HTTP/1.1
Host: jullyambery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/

HTTP/1.1 204 No Content
Date: Fri, 02 Sep 2022 20:10:29 GMT
Connection: keep-alive
Set-Cookie: _la=1662149429; Secure; SameSite=None
_lt=0; Secure; SameSite=None
Referrer-Policy: no-referrer
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXoAigslK%2BObNePmFLVZF%2FtwVLJzlS6djKuicJg7fWF9s4EMKWRKDuCUQmjhbORzps8Z9YAk%2BV62Qh8WEQ9h53FrnPWOvtUtP%2BySwC6nOhudbKYIdRQaqRQZV9MQh6zr7DQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7448e3ae38a50b02-OSL
alt-svc: h2=":443"; ma=60

lnx.virzicarburanti.it/wp-content/uploads/2018/11/cropped-logo-2-192x192.jpg

89.46.108.25

200 OK

6.9 kB

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/uploads/2018/11/cropped-logo-2-192x192.jpg
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 192x192, components 3\012- data
Size
6.9 kB (6867 bytes)
Hash
4ad82df94afeecf4f7222e46b6ade9bc
903c945f5f5f8a9df496d3c0ac40eacd229acfc2
2bf5c251d12e69c7b0611f9ac77ae53b16a3d34768a493cf4aa94c216061de55

HTTP Headers

GET /wp-content/uploads/2018/11/cropped-logo-2-192x192.jpg HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: image/jpeg
Content-Length: 6867
Connection: keep-alive
Last-Modified: Tue, 27 Nov 2018 14:40:22 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy141.ad.aruba.it

lnx.virzicarburanti.it/wp-content/uploads/2018/11/cropped-logo-2-32x32.jpg

89.46.108.25

200 OK

891 B

URL HTTP/1.1
lnx.virzicarburanti.it/wp-content/uploads/2018/11/cropped-logo-2-32x32.jpg
IP
89.46.108.25:0
ASN
#31034 Aruba S.p.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 32x32, components 3\012- data
Size
891 B (891 bytes)
Hash
515ee310c4866c19d226bec6cf442041
d97c3367ff8cc29dbb9174a052970e33e36b6947
3378f19ea1c6f1864ab77ca33b3d745dc397fde3757f63281d3e25ad1e9569fd

HTTP Headers

GET /wp-content/uploads/2018/11/cropped-logo-2-32x32.jpg HTTP/1.1
Host: lnx.virzicarburanti.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/contatti/

HTTP/1.1 200 OK
Server: aruba-proxy
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: image/jpeg
Content-Length: 891
Connection: keep-alive
Last-Modified: Tue, 27 Nov 2018 14:40:22 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy141.ad.aruba.it

killssource.com/metric/?wid=52587&sid=&tid=8641&mid=f4c82&rid=CB_MNTZ_FILTER_HOSTALLOW&custom1=lnx.virzicarburanti.it&custom2=(%3F%3Agoogle%5C..*%7Cyoutube%5C.com)&t=1662149427875

5.149.254.210

200 OK

43 B

URL HTTP/1.1
killssource.com/metric/?wid=52587&sid=&tid=8641&mid=f4c82&rid=CB_MNTZ_FILTER_HOSTALLOW&custom1=lnx.virzicarburanti.it&custom2=(%3F%3Agoogle%5C..*%7Cyoutube%5C.com)&t=1662149427875
IP
5.149.254.210:0
ASN
#59711 HZ Hosting Ltd

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /metric/?wid=52587&sid=&tid=8641&mid=f4c82&rid=CB_MNTZ_FILTER_HOSTALLOW&custom1=lnx.virzicarburanti.it&custom2=(%3F%3Agoogle%5C..*%7Cyoutube%5C.com)&t=1662149427875 HTTP/1.1
Host: killssource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive

killssource.com/ext/21c1e810f7f98f00b3.js?sid=52587_8641_&title=aa&blocks[]=31af2

5.149.254.210

200 OK

3.5 kB

URL HTTP/1.1
killssource.com/ext/21c1e810f7f98f00b3.js?sid=52587_8641_&title=aa&blocks[]=31af2
IP
5.149.254.210:0
ASN
#59711 HZ Hosting Ltd

File type
ASCII text, with very long lines (8683), with no line terminators
Size
3.5 kB (3468 bytes)
Hash
042a89cd4ea328061088021354035bfc
d17a34f553a564a97e55142d9bd826d9b74adef9
f7bcff6eca799754557fadec1870af660cab2e7519ef9805674880f4857d75c0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ext/21c1e810f7f98f00b3.js?sid=52587_8641_&title=aa&blocks[]=31af2 HTTP/1.1
Host: killssource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: close
x-node-name: front5
Expires: Fri, 02 Sep 2022 21:10:29 GMT
Cache-Control: public, max-age=3600
Content-Encoding: gzip

killssource.com/metric/?wid=52587&sid=&tid=8641&mid=ba282&rid=CB_MNTZ_FILTER_GEOALLOW&custom1=no&custom2=us%2Cgb%2Cca%2Cau%2Cde%2Cbe%2Cfi%2Cfr&t=1662149427875

5.149.254.210

200 OK

43 B

URL HTTP/1.1
killssource.com/metric/?wid=52587&sid=&tid=8641&mid=ba282&rid=CB_MNTZ_FILTER_GEOALLOW&custom1=no&custom2=us%2Cgb%2Cca%2Cau%2Cde%2Cbe%2Cfi%2Cfr&t=1662149427875
IP
5.149.254.210:0
ASN
#59711 HZ Hosting Ltd

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /metric/?wid=52587&sid=&tid=8641&mid=ba282&rid=CB_MNTZ_FILTER_GEOALLOW&custom1=no&custom2=us%2Cgb%2Cca%2Cau%2Cde%2Cbe%2Cfi%2Cfr&t=1662149427875 HTTP/1.1
Host: killssource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive

killssource.com/metric/?wid=52587&sid=&tid=8641&mid=31af2&rid=MNTZ_INJECT&t=1662149427876

5.149.254.210

200 OK

43 B

URL HTTP/1.1
killssource.com/metric/?wid=52587&sid=&tid=8641&mid=31af2&rid=MNTZ_INJECT&t=1662149427876
IP
5.149.254.210:0
ASN
#59711 HZ Hosting Ltd

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /metric/?wid=52587&sid=&tid=8641&mid=31af2&rid=MNTZ_INJECT&t=1662149427876 HTTP/1.1
Host: killssource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive

killssource.com/metric/?wid=52587&sid=&tid=8641&mid=cd1d2&rid=MNTZ_LOADED&t=1662149427901

5.149.254.210

200 OK

43 B

URL HTTP/1.1
killssource.com/metric/?wid=52587&sid=&tid=8641&mid=cd1d2&rid=MNTZ_LOADED&t=1662149427901
IP
5.149.254.210:0
ASN
#59711 HZ Hosting Ltd

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /metric/?wid=52587&sid=&tid=8641&mid=cd1d2&rid=MNTZ_LOADED&t=1662149427901 HTTP/1.1
Host: killssource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive

killssource.com/metric/?wid=52587&sid=&tid=8641&mid=90f06&rid=MNTZ_LOADED&t=1662149427914

5.149.254.210

200 OK

43 B

URL HTTP/1.1
killssource.com/metric/?wid=52587&sid=&tid=8641&mid=90f06&rid=MNTZ_LOADED&t=1662149427914
IP
5.149.254.210:0
ASN
#59711 HZ Hosting Ltd

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /metric/?wid=52587&sid=&tid=8641&mid=90f06&rid=MNTZ_LOADED&t=1662149427914 HTTP/1.1
Host: killssource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lnx.virzicarburanti.it/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 20:10:29 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13104 bytes)
Hash
cab49f59207f816d98a21cd3fc2c37d1
8a9278f8ff5d149420673649878ca1ee266a0783
aebe0748f049bcb801be83459d4bae66b9c1453de3b0ea7e6a63bea88b6e7a5a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 13104
x-amzn-requestid: da627f0c-5cde-4a37-878c-dcada8a25f64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzL6_EYoIAMFiYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631126ac-10dbcb432e6d1af46cffaefe;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4Ve7euVpAusbqUYkx-vWIBLDbIidnuXDqMDG0LRpu40sXh6a2fEPJA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:06:50 GMT
age: 79425
etag: "8a9278f8ff5d149420673649878ca1ee266a0783"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations