Report - sensitivasarah.it/quam-quo/documents.zip

Report Overview

Submitted URL
sensitivasarah.it/quam-quo/documents.zip
IP
86.107.32.80
ASN
#52030 Server Plan S.r.l.
Submitted
2022-09-09 13:06:55
Access
public
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
40

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-17T05:09:02Z	2.0 kB	5.3 kB	23.36.77.32
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-17T08:44:25Z	770 B	104 kB	142.250.74.72
www.sensitivasarah.it	unknown			14 kB	490 kB	86.107.32.80
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-17T09:12:35Z	493 B	14 kB	142.250.74.10
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-17T05:10:36Z	401 B	5.8 kB	143.204.55.25
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-17T08:37:51Z	329 B	737 B	93.184.220.29
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-17T05:09:22Z	993 B	2.1 kB	142.250.74.3
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-17T05:09:04Z	758 B	2.7 kB	143.204.55.115
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-17T05:10:35Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-17T05:10:36Z	594 B	127 B	34.208.34.131
sensitivasarah.it	unknown			816 B	750 B	86.107.32.80
cdn.iubenda.com	11074	2012-10-02T05:43:09Z	2023-03-17T09:18:56Z	1.9 kB	128 kB	104.66.117.233
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-17T05:09:15Z	3.2 kB	40 kB	34.120.237.76
www.iubenda.com	13106	2012-10-02T05:43:10Z	2023-03-17T08:28:10Z	395 B	813 B	104.66.117.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-09	medium	sensitivasarah.it/quam-quo/documents.zip	Malware
2022-09-09	medium	sensitivasarah.it/quam-quo/documents.zip	Malware
2022-09-09	medium	www.sensitivasarah.it/nuovo/wp-includes/css/dist/block-library/style.min.css?ver=dd43f6a3c6eeea819153a4913d0293ae	Malware
2022-09-09	medium	www.sensitivasarah.it/nuovo/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3	Malware
2022-09-09	medium	www.sensitivasarah.it/nuovo/wp-content/themes/betheme/assets/animations/animations.min.css?ver=26.2.1	Malware
2022-09-09	medium	www.sensitivasarah.it/nuovo/wp-content/plugins/wordpress-whatsapp-support/assets/css/wws-public-style.css?ver=2.3.2	Malware
2022-09-09	medium	www.sensitivasarah.it/nuovo/wp-content/themes/betheme/fonts/fontawesome/fontawesome.min.css?ver=26.2.1	Malware
2022-09-09	medium	www.sensitivasarah.it/nuovo/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.min.css?ver=26.2.1	Malware
2022-09-09	medium	www.sensitivasarah.it/nuovo/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.16.1	Malware
2022-09-09	medium	www.sensitivasarah.it/nuovo/wp-content/themes/betheme/js/parallax/translate3d.min.js?ver=26.2.1	Malware
2022-09-09	medium	www.sensitivasarah.it/nuovo/wp-content/themes/betheme/css/responsive.min.css?ver=26.2.1	Malware
2022-09-09	medium	www.sensitivasarah.it/nuovo/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.19	Malware
2022-09-09	medium	www.sensitivasarah.it/nuovo/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Malware
2022-09-09	medium	www.sensitivasarah.it/nuovo/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1	Malware
2022-09-09	medium	www.sensitivasarah.it/nuovo/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18	Malware
2022-09-09	medium	www.sensitivasarah.it/nuovo/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1	Malware
2022-09-09	medium	www.sensitivasarah.it/quam-quo/documents.zip	Malware
2022-09-09	medium	www.sensitivasarah.it/nuovo/wp-includes/js/wp-emoji-release.min.js?ver=dd43f6a3c6eeea819153a4913d0293ae	Malware
2022-09-09	medium	www.sensitivasarah.it/nuovo/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.19	Malware
2022-09-09	medium	www.sensitivasarah.it/nuovo/wp-content/plugins/wordpress-whatsapp-support/assets/libraries/inputmask/jquery.inputmask.min.js?ver=5.0.6	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	cdn.iubenda.com/cookie_solution/iubenda_cs/1.41.0/core-it.js	295 kB	2023-03-07	2023-11-18
Pretty URL cdn.iubenda.com/cookie_solution/iubenda_cs/1.41.0/core-it.js IP 104.66.117.233 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:15 Last Seen2023-11-18 16:36:58 Times Seen3 Hash 9ec56e6e92b5174d91d5520fa7b44d1a 11dd7362c0967c1a47d71a8870ebf4ac3218b253 22743c59965a6efb7dea59843db2df5b187a793b4c19132c5f2be907166aaec9 Loading...

	www.sensitivasarah.it/nuovo/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-26
Pretty URL www.sensitivasarah.it/nuovo/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 86.107.32.80 ASN #52030 Server Plan S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 05:52:00 Times Seen68654 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.sensitivasarah.it/nuovo/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-26
Pretty URL www.sensitivasarah.it/nuovo/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 86.107.32.80 ASN #52030 Server Plan S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 05:52:00 Times Seen31836 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	www.sensitivasarah.it/nuovo/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1	12 kB	2023-03-07	2024-04-25
Pretty URL www.sensitivasarah.it/nuovo/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 IP 86.107.32.80 ASN #52030 Server Plan S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:43 Last Seen2024-04-25 18:37:12 Times Seen459 Hash 1d376be55e51aea00d432f6659d3e0d1 cc5b9f6fa12d0a90b38d3d6e918401c9ad26332b 34934dc0d2652647955344d4d53218860096f14217c81c1eb5b02e54526835b6 Loading...

	www.sensitivasarah.it/nuovo/wp-content/plugins/wordpress-whatsapp-support/assets/js/wws-public-script.js?ver=2.3.2	14 kB	2023-03-07	2024-01-31
Pretty URL www.sensitivasarah.it/nuovo/wp-content/plugins/wordpress-whatsapp-support/assets/js/wws-public-script.js?ver=2.3.2 IP 86.107.32.80 ASN #52030 Server Plan S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:00:39 Last Seen2024-01-31 03:11:43 Times Seen17 Hash eeb610a9054bdae3ff02f0e3acfe9498 c5abd857449abe898d97632a422a855d49da338b 758b356507bb190929d99a7fe39cde5df1a3209ce15d4d466cf397f7c77d92ce Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 06:39:36 Times Seen37085493 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=UA-109814911-2	108 kB	2023-03-17	2023-03-17
Pretty URL www.googletagmanager.com/gtag/js?id=UA-109814911-2 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:26:45 Last Seen2023-03-17 11:26:45 Times Seen1 Hash e745f5c5d756e13928dc3cf0b4edbd9f 98b868b6b0404d5c06864835f6354e7bf9f84bbd ca8f24a9e1caf0683aa9a99aa039c1815290ea4f5307c0c4f6f71fdf8ef6e47c Loading...

	www.iubenda.com/cookie-solution/confs/js/12435247.js	163 B	2023-03-07	2023-03-17
Pretty URL www.iubenda.com/cookie-solution/confs/js/12435247.js IP 104.66.117.233 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:00:39 Last Seen2023-03-17 11:26:45 Times Seen1 Hash eb79577b8c8cac865889a61cedde7395 a6538fd84811a7322c53123bfe515f10d690058b 282e666c3d05c3c4898add7495eef0539421a3ce0e5b8aa9456670f9ff5107a8 Loading...

	www.sensitivasarah.it/nuovo/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3	12 kB	2023-03-07	2024-04-26
Pretty URL www.sensitivasarah.it/nuovo/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:48 Last Seen2024-04-26 02:50:51 Times Seen2053 Hash 3f3fc23f477a3849aa5677c585b2a2b4 ccf0865ebd37f76c450c7a377a86ff2448288db3 985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51 Loading...

	www.sensitivasarah.it/quam-quo/documents.zip	847 B	2023-03-07	2023-03-17
Pretty URL www.sensitivasarah.it/quam-quo/documents.zip IP 86.107.32.80 ASN #52030 Server Plan S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:00:39 Last Seen2023-03-17 11:26:45 Times Seen1 Hash c7b6ae3e460180a07f8a0865303ab74e 0beb14d7720653166c71e0f4ed4af50f1a6e9e20 a8165ddb1b59d0254101ee60bd620844d40ef228266e4d48c8008e17eeaaaae8 Loading...

	cdn.iubenda.com/cs/tcf/stub-v2.js	2.2 kB	2023-03-07	2023-12-29
Pretty URL cdn.iubenda.com/cs/tcf/stub-v2.js IP 104.66.117.233 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:00:39 Last Seen2023-12-29 10:34:37 Times Seen219 Hash ad8567520346b1a906d3a7de1a624e71 d3cc05a1fcdfe8c06d13022b3543f61aa8297b38 ab0bd19ed5ad90fb72819af221441e8a88091304b4d41b247b0dced128798935 Loading...

	www.sensitivasarah.it/quam-quo/documents.zip	541 B	2023-03-07	2024-01-08
Pretty URL www.sensitivasarah.it/quam-quo/documents.zip IP 86.107.32.80 ASN #52030 Server Plan S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:33 Last Seen2024-01-08 13:56:11 Times Seen124 Hash 037a9a2df4fce6369be4ebf309011b51 fc2311c43b5bf4b85ded13bd51fda3230e1e8c0e 2772703435a52934bf3b2d1ff756ea63365788d30995043996b1ba0f7962e406 Loading...

	cdn.iubenda.com/cs/iubenda_cs.js	597 B	2023-03-07	2023-03-17
Pretty URL cdn.iubenda.com/cs/iubenda_cs.js IP 104.66.117.233 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:13 Last Seen2023-03-17 11:26:46 Times Seen1 Hash f4a7f522ec5378b13c97fd8d77712031 08ec9ec91df0f2eb8961a2d08ee8518c902ab364 8507aab872d906c7603a083d99c410a0259ffcc89960a1444bdb2f11575f7b1c Loading...

	cdn.iubenda.com/cs/tcf/versions/tcf-v2-0.18.1.js	108 kB	2023-03-07	2023-03-17
Pretty URL cdn.iubenda.com/cs/tcf/versions/tcf-v2-0.18.1.js IP 104.66.117.233 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:00:39 Last Seen2023-03-17 11:26:46 Times Seen1 Hash 6c2efa3f066e935401a4cf70145a1264 dbc43516eb9c6512c4280fce1223c18e650bc443 1d767c17a18a3563079d7c5cf129d815f1aaf88c854faf6d2f670afa9d080aec Loading...

	www.sensitivasarah.it/quam-quo/documents.zip	155 B	2023-03-07	2023-03-17
Pretty URL www.sensitivasarah.it/quam-quo/documents.zip IP 86.107.32.80 ASN #52030 Server Plan S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:00:39 Last Seen2023-03-17 11:26:46 Times Seen1 Hash a8b1b732c95c279da66499147c59e8fc 2599b36b63cfb147a6aaa8a334b15424673b6dbd 1765875a18772d297ba56c80db31b88561abf539cefc89a050923f91870bcc94 Loading...

	www.sensitivasarah.it/quam-quo/documents.zip	77 B	2023-03-07	2024-04-26
Pretty URL www.sensitivasarah.it/quam-quo/documents.zip IP 86.107.32.80 ASN #52030 Server Plan S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:41 Last Seen2024-04-26 01:44:37 Times Seen2996 Hash 5af95593fa0a9561e570c1b541e71015 fa1bd87e5f6c7c610e54d6f747f15ae266ea0e7a c8494110ab9c137e6ac077fca96700bea0f6e73389ed3a93a6d707cb31a13b1c Loading...

	www.sensitivasarah.it/quam-quo/documents.zip	2.2 kB	2023-03-07	2023-03-17
Pretty URL www.sensitivasarah.it/quam-quo/documents.zip IP 86.107.32.80 ASN #52030 Server Plan S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:00:39 Last Seen2023-03-17 11:26:46 Times Seen1 Hash dae8119d603afd1e9505510712397ec3 d1c5bf3dee06f80db7e014e79633f1280f95c6b5 cc0faca9dcab1071c3138f61cba29ee8d01c8ad8c093bb45216cc9ed2b31643c Loading...

	www.sensitivasarah.it/nuovo/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3	9.7 kB	2023-03-07	2024-04-26
Pretty URL www.sensitivasarah.it/nuovo/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 IP 86.107.32.80 ASN #52030 Server Plan S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:47 Last Seen2024-04-26 02:50:49 Times Seen1720 Hash 490c29d6776fc430c23403fd845b34b0 817129906b7fef1011895a76f047c7693a852e21 29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4 Loading...

HTTP Transactions (61)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 12:11:18 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AcAw7QQDfRjl8jOdlyWkE2BYwLtL0whflDvE9zi6F3erDS2bLOkZEQ==
Age: 3326

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2862
Expires: Fri, 09 Sep 2022 13:54:26 GMT
Date: Fri, 09 Sep 2022 13:06:44 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BLC2O7-N22RbqAHGA6hFMgQWc0rk5ghPta3THEHtlIIp7bJBmtgcXQ==
age: 33610
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 13:06:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 09 Sep 2022 12:56:07 GMT
Cache-Control: max-age=3600
Expires: Fri, 09 Sep 2022 13:40:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: N4vKgWoVKz5CYeDlKoJK47Kakmpj2oDQQGb_nmNhGJ2dbIlLNTBfww==
Age: 637

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5419
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 13:06:45 GMT
Last-Modified: Fri, 09 Sep 2022 11:36:26 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.208.34.131

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.208.34.131:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: abdQ4Xy/ft29h0CguZ6ccw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CF+wQUfVe3JmrxX+ssJYGggB194=

sensitivasarah.it/quam-quo/documents.zip

86.107.32.80

301 Moved Permanently

0 B

URL HTTP/1.1
sensitivasarah.it/quam-quo/documents.zip
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /quam-quo/documents.zip HTTP/1.1
Host: sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Sep 2022 13:06:44 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://sensitivasarah.it/quam-quo/documents.zip
Content-Length: 0
Keep-Alive: timeout=1, max=100
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
65b82bbcc1706e347b895e686416acb7
ec0a20d109b0e19d61b15988f5fc60c91d0a7025
9d07307c802dc686c294ddbc4bcaac3272a54a1099a936295d575c9cfcd8e178

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D07307C802DC686C294DDBC4BCAAC3272A54A1099A936295D575C9CFCD8E178"
Last-Modified: Fri, 09 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 09 Sep 2022 19:06:45 GMT
Date: Fri, 09 Sep 2022 13:06:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14396
Expires: Fri, 09 Sep 2022 17:06:42 GMT
Date: Fri, 09 Sep 2022 13:06:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14396
Expires: Fri, 09 Sep 2022 17:06:42 GMT
Date: Fri, 09 Sep 2022 13:06:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14396
Expires: Fri, 09 Sep 2022 17:06:42 GMT
Date: Fri, 09 Sep 2022 13:06:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14396
Expires: Fri, 09 Sep 2022 17:06:42 GMT
Date: Fri, 09 Sep 2022 13:06:46 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg

34.120.237.76

200 OK

3.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.1 kB (3125 bytes)
Hash
0078c7a407144a1ede33aef6f734eecf
113393e0dbabb3aff949d19ab6517ba1082b622d
42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:54 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
content-type: image/jpeg
age: 30832
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4532 bytes)
Hash
a5fdeb374d4e3669ce5d9ff2cd22cd19
70ede5692526afd351d134a391383461dafdc64f
10c5d8e41aae1a36525a45375966b5067333f0c7edc176a540fd6527ebe1ad8c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4532
x-amzn-requestid: e5694699-7f38-4542-8808-54bda7ee7d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMmGGUmIAMF2cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198e26-1aa6788e24fcfdf0008bee21;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:39:34 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: smtzoqnzJiET63xsW_r_-eVNsTK01mGqRbvuwekbqjnzS6Sb1fw9HQ==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:54:58 GMT
etag: "70ede5692526afd351d134a391383461dafdc64f"
content-type: image/jpeg
age: 51108
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8162 bytes)
Hash
09267c271a56ba4c2d4197543f264fac
67ae4acd88571da51b81fa7ed963b7f2a71845b4
906163f9e1bb8908ae7fcfbf4debc2a42fd14a3f90c8814536025a57ee851dbe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8162
x-amzn-requestid: decb1d93-bcc9-4a71-a054-c537ad7d1add
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJvndF1fIAMFv7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2c95-27cef2465fd0e6c849da81af;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:55:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: C_J0m9xfkCb5qsoO934KB2Ldk1-yMaMXkgiv9gWus7JqjN3M_HCpdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 18:01:20 GMT
age: 68726
etag: "67ae4acd88571da51b81fa7ed963b7f2a71845b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7515 bytes)
Hash
60fa03262bb3728f24a4c7a8177ec788
09dcbdc6043f01dd56920cca3ce3920d0d07b795
e7448f186933f9848f1d55f0e8dba593918846d02fb9cc3a7cd86d69b96a7fde

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7515
x-amzn-requestid: bb6a7928-9bdc-44e7-8478-b415bc504343
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJu0bGYdoAMF5jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2b4f-208339fd72e62dff4a2ba339;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:50:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: UaU9GK4lcCuAN2WghBDa7f-21dRTA4Fh1tlAmGFMKh4wQOGZlKdmOw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:46:49 GMT
etag: "09dcbdc6043f01dd56920cca3ce3920d0d07b795"
content-type: image/jpeg
age: 55197
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F734c0779-c033-4fb9-aef7-ec81416744c3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6365 bytes)
Hash
cf8614d876156699bdf11897c45e9ae8
ff2c27cf141c68259e6e85020b01efc5d41730a6
c89d6a2fdc789fc725e8bac99774f9f9f0b22000f57d32f5611525bca30002d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F734c0779-c033-4fb9-aef7-ec81416744c3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6365
x-amzn-requestid: dc414175-8174-4fa8-812b-1f72de48d5f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKRBYEt8oAMFmyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6208-1c2417b120725a9a0642620a;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:43:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: lvOUBfECM7qlwpj9suDt1A4TRrvdYTsqOQGCNkf3pYYrIHHqZczRcg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 33d72803ad26b392c1b578a2b1276580.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:12:19 GMT
age: 53667
etag: "ff2c27cf141c68259e6e85020b01efc5d41730a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (4002 bytes)
Hash
c9590b525c8b07a297c8784f02b161a1
cec8428d159a5bde29e89c64cfb04146f759d52b
d309772ce79d36f7b1df0a3ea85a01f8278db2909c860721d105b772efed82ed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4002
x-amzn-requestid: ea2f5309-e220-4b7e-b718-9339b9444cc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQ6hHM8IAMFeJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a61dc-7d45fd9253b7b7fa732b6f8d;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:42:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: VD7SlrM2RwFk5cfQvul2bTJA__GPYd5_UPY0D0_5NGLHoBj3yur7PA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:05:15 GMT
age: 54091
etag: "cec8428d159a5bde29e89c64cfb04146f759d52b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

sensitivasarah.it/quam-quo/documents.zip

86.107.32.80

301 Moved Permanently

0 B

URL HTTP/2
sensitivasarah.it/quam-quo/documents.zip
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /quam-quo/documents.zip HTTP/1.1
Host: sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://www.sensitivasarah.it/quam-quo/documents.zip
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 09 Sep 2022 13:06:45 GMT
server: Apache
X-Firefox-Spdy: h2

cdn.iubenda.com/cs/tcf/stub-v2.js

104.66.117.233

200 OK

945 B

URL HTTP/2
cdn.iubenda.com/cs/tcf/stub-v2.js
IP
104.66.117.233:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (2215), with no line terminators
Size
945 B (945 bytes)
Hash
fb21d28d28f32c7cf54230a69350cd8a
723847374657326f4f86bffdab8a0de0eb43718f
5bc7119419ba8c66fa451ab0a136f3d6cfe6abb616572f41c59879d6c4e542a7

HTTP Headers

GET /cs/tcf/stub-v2.js HTTP/1.1
Host: cdn.iubenda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: br
content-type: application/javascript
etag: "6318370a-3b1"
last-modified: Wed, 07 Sep 2022 06:15:38 GMT
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
content-length: 945
cache-control: public, must-revalidate, proxy-revalidate, max-age=10800
expires: Fri, 09 Sep 2022 16:06:47 GMT
date: Fri, 09 Sep 2022 13:06:47 GMT
X-Firefox-Spdy: h2

cdn.iubenda.com/cs/iubenda_cs.js

104.66.117.233

200 OK

309 B

URL HTTP/2
cdn.iubenda.com/cs/iubenda_cs.js
IP
104.66.117.233:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (596)
Size
309 B (309 bytes)
Hash
449c62c2853d8598086de3d84d65fff6
1c2454aa41d5a8dc2ac43f2cd87f6a329d409c7f
b1676548f2425dc9669b8c2e9d4c6691534db3cefe3d37d537ec10d5c0ee8c79

HTTP Headers

GET /cs/iubenda_cs.js HTTP/1.1
Host: cdn.iubenda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: br
content-type: application/javascript
etag: "6318370a-135"
last-modified: Wed, 07 Sep 2022 06:15:38 GMT
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
content-length: 309
cache-control: public, must-revalidate, proxy-revalidate, max-age=10800
expires: Fri, 09 Sep 2022 16:06:47 GMT
date: Fri, 09 Sep 2022 13:06:47 GMT
X-Firefox-Spdy: h2

cdn.iubenda.com/cs/tcf/safe-tcf-v2.js

104.66.117.233

200 OK

42 kB

URL HTTP/2
cdn.iubenda.com/cs/tcf/safe-tcf-v2.js
IP
104.66.117.233:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with very long lines (43703), with NEL line terminators
Size
42 kB (41870 bytes)
Hash
661d57d41a5b85342412250216936fac
e58f8fb2bd6fafac2b502dd9a79af43672156ac8
a9010a163b98dc06152587adb24849e9b22efafcfbef994d1b6368bfd716a584

HTTP Headers

GET /cs/tcf/safe-tcf-v2.js HTTP/1.1
Host: cdn.iubenda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: br
content-type: application/javascript
etag: "6318370a-a38e"
last-modified: Wed, 07 Sep 2022 06:15:38 GMT
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
content-length: 41870
cache-control: public, must-revalidate, proxy-revalidate, max-age=10800
expires: Fri, 09 Sep 2022 16:06:47 GMT
date: Fri, 09 Sep 2022 13:06:47 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 13:06:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-109814911-2

142.250.74.72

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-109814911-2
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1615)
Size
42 kB (41971 bytes)
Hash
98c2486b5282d3b65c068272e203eeaa
40466b162491c5c3f79e399ea878a4bd3e0a32d1
0795394f02a612887015cf67ececce60500d0148ed7008be962754e518773580

HTTP Headers

GET /gtag/js?id=UA-109814911-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Sep 2022 13:06:47 GMT
expires: Fri, 09 Sep 2022 13:06:47 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41971
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=AW-853844490

142.250.74.72

200 OK

60 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-853844490
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1825)
Size
60 kB (60383 bytes)
Hash
9da182dfda795892bf71bd29326bee95
33708fd66ca2813d5c9433e02f2d679dd475610c
66f63947bee8b92a4e1eb9e5faefddba44ec7ce1bf2e9677c973812a7407711e

HTTP Headers

GET /gtag/js?id=AW-853844490 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Sep 2022 13:06:47 GMT
expires: Fri, 09 Sep 2022 13:06:47 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 60383
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
54f9e2ed11c19f565afc5d45d2f1e499
5c933cf89e4be594a152d7b1aa7bed6ab42169df
1deae88857366dba09c5e498d9067529377741b3c51b711b4adb88d861f58718

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 13:06:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 13:06:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.iubenda.com/cookie_solution/iubenda_cs/1.41.0/core-it.js

104.66.117.233

200 OK

61 kB

URL HTTP/2
cdn.iubenda.com/cookie_solution/iubenda_cs/1.41.0/core-it.js
IP
104.66.117.233:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with very long lines (65288), with no line terminators
Size
61 kB (60907 bytes)
Hash
3cf9ededcf84a86cb422a3990e289c4d
6b2b00b0c7d207597e21d3479d0c850075cfb976
190097e0437ce3588cdf80f74529e5612122ab3a5aa46191f37b2bfdf600aa5e

HTTP Headers

GET /cookie_solution/iubenda_cs/1.41.0/core-it.js HTTP/1.1
Host: cdn.iubenda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: br
content-type: application/javascript
etag: "6318370a-edeb"
last-modified: Wed, 07 Sep 2022 06:15:38 GMT
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
content-length: 60907
cache-control: public, must-revalidate, proxy-revalidate, max-age=31536000
expires: Sat, 09 Sep 2023 13:06:47 GMT
date: Fri, 09 Sep 2022 13:06:47 GMT
X-Firefox-Spdy: h2

cdn.iubenda.com/cs/tcf/versions/tcf-v2-0.18.1.js

104.66.117.233

200 OK

21 kB

URL HTTP/2
cdn.iubenda.com/cs/tcf/versions/tcf-v2-0.18.1.js
IP
104.66.117.233:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
21 kB (21449 bytes)
Hash
7cdd227fe3a5baf962da9ec0231cfb7a
e8af25033c00d14dd761c9650e7352d6332535ed
fd27d84444f51603aa7b5467c74f52196d39dd451385b427dee1588bfebbde4f

HTTP Headers

GET /cs/tcf/versions/tcf-v2-0.18.1.js HTTP/1.1
Host: cdn.iubenda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: br
content-type: application/javascript
etag: "6318370a-53c9"
last-modified: Wed, 07 Sep 2022 06:15:38 GMT
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
content-length: 21449
cache-control: public, must-revalidate, proxy-revalidate, max-age=31536000
expires: Sat, 09 Sep 2023 13:06:47 GMT
date: Fri, 09 Sep 2022 13:06:47 GMT
X-Firefox-Spdy: h2

www.iubenda.com/cookie-solution/confs/js/12435247.js

104.66.117.233

200 OK

154 B

URL HTTP/2
www.iubenda.com/cookie-solution/confs/js/12435247.js
IP
104.66.117.233:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
154 B (154 bytes)
Hash
f5eeaa03893a3f61ffe2f21d31448cb8
6761ad684a1e39b21de91e19f4497962029d0714
5e1d0fddabf29e114b2f21049fe9edbbf2d61aab48526f334e908212fe7d0dad

HTTP Headers

GET /cookie-solution/confs/js/12435247.js HTTP/1.1
Host: www.iubenda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Thu, 30 Jun 2022 14:06:31 GMT
etag: "62bdade7-a3"
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=63072000
content-encoding: gzip
content-length: 154
cache-control: max-age=86400
expires: Sat, 10 Sep 2022 13:06:47 GMT
date: Fri, 09 Sep 2022 13:06:47 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-includes/css/dist/block-library/style.min.css?ver=dd43f6a3c6eeea819153a4913d0293ae

86.107.32.80

200 OK

89 kB

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-includes/css/dist/block-library/style.min.css?ver=dd43f6a3c6eeea819153a4913d0293ae
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type
ASCII text, with very long lines (43771)
Size
89 kB (88932 bytes)
Hash
b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /nuovo/wp-includes/css/dist/block-library/style.min.css?ver=dd43f6a3c6eeea819153a4913d0293ae HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 12 Jul 2022 21:57:16 GMT
etag: "23e04b3-15b64-5e3a2c070c10e"
accept-ranges: bytes
content-length: 88932
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:47 GMT
content-type: text/css
date: Fri, 09 Sep 2022 13:06:47 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3

86.107.32.80

200 OK

2.7 kB

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type
ASCII text
Size
2.7 kB (2731 bytes)
Hash
e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /nuovo/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 09:56:53 GMT
etag: "238054c-aab-5e79aa20a15e5"
accept-ranges: bytes
content-length: 2731
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:47 GMT
content-type: text/css
date: Fri, 09 Sep 2022 13:06:47 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/themes/betheme/assets/animations/animations.min.css?ver=26.2.1

86.107.32.80

200 OK

58 kB

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/themes/betheme/assets/animations/animations.min.css?ver=26.2.1
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type
ASCII text, with very long lines (58528)
Size
58 kB (58529 bytes)
Hash
16ef9fafa31c4ab6d170431ef2153c33
bd9051c9cf15b2968d2d5b7837ac5c32cb41ce9e
38be46aaa000896df8c89b3d6fc608efe575d822c4f4541cf7ad6b5069ce2879

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /nuovo/wp-content/themes/betheme/assets/animations/animations.min.css?ver=26.2.1 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 28 Mar 2022 10:51:23 GMT
etag: "23c012b-e4a1-5db4517df89c6"
accept-ranges: bytes
content-length: 58529
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:47 GMT
content-type: text/css
date: Fri, 09 Sep 2022 13:06:47 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/plugins/wordpress-whatsapp-support/assets/css/wws-public-template-4.css?ver=2.3.2

86.107.32.80

200 OK

133 B

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/plugins/wordpress-whatsapp-support/assets/css/wws-public-template-4.css?ver=2.3.2
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type
ASCII text
Size
133 B (133 bytes)
Hash
b1a6802240de9fffe6e3154d3db5f00e
6abb88729f219e7aea2ad00732a44a57ae915f33
5df3ece7ad87c5bc1eaf4a1fa32fb48d79494a1e0c34d9b19035318d564dd9c9

HTTP Headers

GET /nuovo/wp-content/plugins/wordpress-whatsapp-support/assets/css/wws-public-template-4.css?ver=2.3.2 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 14 Aug 2022 17:11:20 GMT
etag: "3182e77-85-5e6369aa0f999"
accept-ranges: bytes
content-length: 133
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:47 GMT
content-type: text/css
date: Fri, 09 Sep 2022 13:06:47 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/plugins/wordpress-whatsapp-support/assets/css/wws-public-style.css?ver=2.3.2

86.107.32.80

200 OK

2.2 kB

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/plugins/wordpress-whatsapp-support/assets/css/wws-public-style.css?ver=2.3.2
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type
ASCII text
Size
2.2 kB (2240 bytes)
Hash
d340fa66180045701bcc935507963196
34b6bf380e2a1249329a34ec0f99030ed24161c4
b74b6accba723981a5a2d26fc97db8c31e62ca02aaab392120892d4f1ffb43ab

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /nuovo/wp-content/plugins/wordpress-whatsapp-support/assets/css/wws-public-style.css?ver=2.3.2 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 14 Aug 2022 17:11:20 GMT
etag: "3182e78-8c0-5e6369aa0f999"
accept-ranges: bytes
content-length: 2240
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:47 GMT
content-type: text/css
date: Fri, 09 Sep 2022 13:06:47 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/themes/betheme/fonts/fontawesome/fontawesome.min.css?ver=26.2.1

86.107.32.80

200 OK

59 kB

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/themes/betheme/fonts/fontawesome/fontawesome.min.css?ver=26.2.1
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type
ASCII text, with very long lines (58929), with no line terminators
Size
59 kB (58929 bytes)
Hash
e50a949a668d92a0dcedb41bd719fd3d
955f1b537db90c38ef07c6f219e4a61e3c49a2a3
ae20b5bbb2149fa3686fdb8059bd98678342a18b686b07aec425d4d575adac69

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /nuovo/wp-content/themes/betheme/fonts/fontawesome/fontawesome.min.css?ver=26.2.1 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 28 Mar 2022 10:51:23 GMT
etag: "23c0181-e631-5db4517dd66e5"
accept-ranges: bytes
content-length: 58929
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:47 GMT
content-type: text/css
date: Fri, 09 Sep 2022 13:06:47 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/plugins/call-now-button/resources/style/modern.css?ver=1.2.1

86.107.32.80

200 OK

4.5 kB

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/plugins/call-now-button/resources/style/modern.css?ver=1.2.1
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type
ASCII text
Size
4.5 kB (4472 bytes)
Hash
e5462eb1094e15f13f6c01dafab314c0
c4b013175569e35cdba4cfb096d0a5429ff1e8b9
5469645f5b6fca336e0bf409452a8923cf22e50e7cdc3634fabdcab613e6552c

HTTP Headers

GET /nuovo/wp-content/plugins/call-now-button/resources/style/modern.css?ver=1.2.1 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 07 Sep 2022 21:43:58 GMT
etag: "3340581-1178-5e81d35d08cec"
accept-ranges: bytes
content-length: 4472
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:47 GMT
content-type: text/css
date: Fri, 09 Sep 2022 13:06:47 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.min.css?ver=26.2.1

86.107.32.80

200 OK

9.7 kB

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.min.css?ver=26.2.1
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type
ASCII text, with very long lines (6505)
Size
9.7 kB (9711 bytes)
Hash
f81285dcfbad6bcd0ecfa031da4222ee
e285b4e561d9430bbcd567c04eef43a72eee691f
10f8e5f272c9ae8c8271ab51d7310aaf9c9bed694104dbe6ff10d99849d19ab8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /nuovo/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.min.css?ver=26.2.1 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 28 Mar 2022 10:51:23 GMT
etag: "23c0131-25ef-5db4517dfa907"
accept-ranges: bytes
content-length: 9711
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:47 GMT
content-type: text/css
date: Fri, 09 Sep 2022 13:06:47 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

86.107.32.80

200 OK

11 kB

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type
ASCII text, with very long lines (11126)
Size
11 kB (11224 bytes)
Hash
79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

HTTP Headers

GET /nuovo/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 26 Nov 2021 09:24:18 GMT
etag: "23e0681-2bd8-5d1ada7c7f480"
accept-ranges: bytes
content-length: 11224
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:47 GMT
content-type: application/javascript
date: Fri, 09 Sep 2022 13:06:47 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/themes/betheme/js/menu.min.js?ver=26.2.1

86.107.32.80

200 OK

1.4 kB

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/themes/betheme/js/menu.min.js?ver=26.2.1
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type
ASCII text, with very long lines (1355), with no line terminators
Size
1.4 kB (1355 bytes)
Hash
cafd8c8f960f42c045ed2c9ad088a4e9
fcc0747bac99b5a4f25fc3942316858a6341a996
964f977897216e7ebbab9c327111636f04f1ee5a3b71e7ad2ccde95947c5222d

HTTP Headers

GET /nuovo/wp-content/themes/betheme/js/menu.min.js?ver=26.2.1 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 28 Mar 2022 10:51:23 GMT
etag: "23c041c-54b-5db4517dd99ad"
accept-ranges: bytes
content-length: 1355
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:48 GMT
content-type: application/javascript
date: Fri, 09 Sep 2022 13:06:48 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.16.1

86.107.32.80

200 OK

1.4 kB

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.16.1
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type
ASCII text
Size
1.4 kB (1449 bytes)
Hash
b7e972de6771cf6b0563724cc21f8e66
2c25444e2f155e4953d2c593eeccaebce332bfd9
0a402d34337e3e7e719751e9e0847dd3d25f0b81b832fcd342b5a0e040b35075

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /nuovo/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.16.1 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 01 Aug 2022 21:45:35 GMT
etag: "28608cc-5a9-5e534eb7b64cc"
accept-ranges: bytes
content-length: 1449
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:48 GMT
content-type: application/javascript
date: Fri, 09 Sep 2022 13:06:48 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/themes/betheme/assets/animations/animations.min.js?ver=26.2.1

86.107.32.80

200 OK

1.8 kB

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/themes/betheme/assets/animations/animations.min.js?ver=26.2.1
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type
ASCII text, with very long lines (1733)
Size
1.8 kB (1831 bytes)
Hash
6d1ef4ab8b112c1e2642e61424bd46b4
9fb2f893a18752e5123314c41c453636ec77e390
d1bbd7ecc1eb2490fa89949a1af779e82a0817587e19a8396936ed86e430550b

HTTP Headers

GET /nuovo/wp-content/themes/betheme/assets/animations/animations.min.js?ver=26.2.1 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 28 Mar 2022 10:51:23 GMT
etag: "23c012c-727-5db4517df8dae"
accept-ranges: bytes
content-length: 1831
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:48 GMT
content-type: application/javascript
date: Fri, 09 Sep 2022 13:06:48 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/themes/betheme/js/parallax/translate3d.min.js?ver=26.2.1

86.107.32.80

200 OK

1.5 kB

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/themes/betheme/js/parallax/translate3d.min.js?ver=26.2.1
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type
ASCII text, with very long lines (1547), with no line terminators
Size
1.5 kB (1547 bytes)
Hash
5c8cb1d0a58f99ab6221605b7f48077d
455e9c64098fd671742fb0e5780ea221280f3033
83467881c39820102485ac443699695dad60b4840427cc5e2a494243da5f5624

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /nuovo/wp-content/themes/betheme/js/parallax/translate3d.min.js?ver=26.2.1 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 28 Mar 2022 10:51:23 GMT
etag: "23c0425-60b-5db4517dd95c5"
accept-ranges: bytes
content-length: 1547
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:48 GMT
content-type: application/javascript
date: Fri, 09 Sep 2022 13:06:48 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/themes/betheme/css/responsive.min.css?ver=26.2.1

86.107.32.80

200 OK

54 kB

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/themes/betheme/css/responsive.min.css?ver=26.2.1
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type
ASCII text, with very long lines (54006)
Size
54 kB (54007 bytes)
Hash
45952d4a52a433908fb3e081fb80fb94
747b33d84e2294123fd7952111fa4624e37a8275
8d60d485ffbdb4f149db2b68060dcbdc07a8b6be3058ab8a8a4b5a6f7ed59398

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /nuovo/wp-content/themes/betheme/css/responsive.min.css?ver=26.2.1 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 28 Mar 2022 10:51:22 GMT
etag: "23c0156-d2f7-5db4517d38b6f"
accept-ranges: bytes
content-length: 54007
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:47 GMT
content-type: text/css
date: Fri, 09 Sep 2022 13:06:47 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3

86.107.32.80

200 OK

9.7 kB

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type
ASCII text, with very long lines (9680), with no line terminators
Size
9.7 kB (9680 bytes)
Hash
490c29d6776fc430c23403fd845b34b0
817129906b7fef1011895a76f047c7693a852e21
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4

HTTP Headers

GET /nuovo/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 09:56:53 GMT
etag: "2380554-25d0-5e79aa20a219d"
accept-ranges: bytes
content-length: 9680
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:48 GMT
content-type: application/javascript
date: Fri, 09 Sep 2022 13:06:48 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.19

86.107.32.80

200 OK

59 kB

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.19
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type
Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Size
59 kB (59154 bytes)
Hash
aa4c7e30d0f121bf25a7f892dc618ea9
09dc35a42918427d0943cdf6c96805aeeed1664c
9435c8c132bbfd387d4b14f9e07d60c0ba7fb5a1eca2b49882f62b2ef113eee8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /nuovo/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.19 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 28 Mar 2022 10:42:38 GMT
etag: "23814f3-e712-5db44f899bdd8"
accept-ranges: bytes
content-length: 59154
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:48 GMT
content-type: text/css
date: Fri, 09 Sep 2022 13:06:48 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

86.107.32.80

200 OK

90 kB

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type
ASCII text, with very long lines (65447)
Size
90 kB (89521 bytes)
Hash
02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /nuovo/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 26 Nov 2021 09:24:18 GMT
etag: "23e0689-15db1-5d1ada7c7f480"
accept-ranges: bytes
content-length: 89521
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:47 GMT
content-type: application/javascript
date: Fri, 09 Sep 2022 13:06:47 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato%3A1%2C100%2C300%2C300italic%2C400%2C400italic%2C700%2C800%2C900&display=swap&ver=dd43f6a3c6eeea819153a4913d0293ae

142.250.74.10

200 OK

13 kB

URL HTTP/2
fonts.googleapis.com/css?family=Lato%3A1%2C100%2C300%2C300italic%2C400%2C400italic%2C700%2C800%2C900&display=swap&ver=dd43f6a3c6eeea819153a4913d0293ae
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
13 kB (12711 bytes)
Hash
2dd52195fc610e6952bf513cbbc80f69
17e5fb6edd3adafdb3adfa02f8fa062b90f3c35e
ea545ee512cfe9a9d1e0b811e021f231629d4014a6e13ad6221464f65882ecd2

HTTP Headers

GET /css?family=Lato%3A1%2C100%2C300%2C300italic%2C400%2C400italic%2C700%2C800%2C900&display=swap&ver=dd43f6a3c6eeea819153a4913d0293ae HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Sep 2022 13:06:47 GMT
date: Fri, 09 Sep 2022 13:06:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1

86.107.32.80

200 OK

12 kB

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type
ASCII text, with very long lines (11760)
Size
12 kB (11937 bytes)
Hash
1d376be55e51aea00d432f6659d3e0d1
cc5b9f6fa12d0a90b38d3d6e918401c9ad26332b
34934dc0d2652647955344d4d53218860096f14217c81c1eb5b02e54526835b6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /nuovo/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 11 Jun 2022 11:09:01 GMT
etag: "23e06d9-2ea1-5e12a15116ba1"
accept-ranges: bytes
content-length: 11937
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:48 GMT
content-type: application/javascript
date: Fri, 09 Sep 2022 13:06:48 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/plugins/wordpress-whatsapp-support/assets/js/wws-public-script.js?ver=2.3.2

86.107.32.80

200 OK

14 kB

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/plugins/wordpress-whatsapp-support/assets/js/wws-public-script.js?ver=2.3.2
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type
ASCII text
Size
14 kB (13605 bytes)
Hash
eeb610a9054bdae3ff02f0e3acfe9498
c5abd857449abe898d97632a422a855d49da338b
758b356507bb190929d99a7fe39cde5df1a3209ce15d4d466cf397f7c77d92ce

HTTP Headers

GET /nuovo/wp-content/plugins/wordpress-whatsapp-support/assets/js/wws-public-script.js?ver=2.3.2 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 14 Aug 2022 17:11:20 GMT
etag: "3160e40-3525-5e6369aa0d671"
accept-ranges: bytes
content-length: 13605
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:48 GMT
content-type: application/javascript
date: Fri, 09 Sep 2022 13:06:48 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18

86.107.32.80

200 OK

0 B

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /nuovo/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 28 Mar 2022 10:42:38 GMT
etag: "2381519-1f725-5db44f89acb61"
accept-ranges: bytes
content-length: 128805
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:48 GMT
content-type: application/javascript
date: Fri, 09 Sep 2022 13:06:48 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=26.2.1

86.107.32.80

200 OK

0 B

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=26.2.1
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nuovo/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=26.2.1 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 28 Mar 2022 10:51:23 GMT
etag: "23c012f-cd61-5db4517dfb4bf"
accept-ranges: bytes
content-length: 52577
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:48 GMT
content-type: application/javascript
date: Fri, 09 Sep 2022 13:06:48 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/themes/betheme/css/be.min.css?ver=26.2.1

86.107.32.80

200 OK

0 B

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/themes/betheme/css/be.min.css?ver=26.2.1
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nuovo/wp-content/themes/betheme/css/be.min.css?ver=26.2.1 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 28 Mar 2022 10:51:22 GMT
etag: "23c0151-51089-5db4517d39b0f"
accept-ranges: bytes
content-length: 331913
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:47 GMT
content-type: text/css
date: Fri, 09 Sep 2022 13:06:47 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1

86.107.32.80

200 OK

0 B

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /nuovo/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 11 Jun 2022 11:09:01 GMT
etag: "23e069d-50eb-5e12a151167b9"
accept-ranges: bytes
content-length: 20715
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:48 GMT
content-type: application/javascript
date: Fri, 09 Sep 2022 13:06:48 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/quam-quo/documents.zip

86.107.32.80

404 Not Found

0 B

URL HTTP/2
www.sensitivasarah.it/quam-quo/documents.zip
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /quam-quo/documents.zip HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.sensitivasarah.it/wp-json/>; rel="https://api.w.org/"
content-type: text/html; charset=UTF-8
date: Fri, 09 Sep 2022 13:06:47 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-includes/js/wp-emoji-release.min.js?ver=dd43f6a3c6eeea819153a4913d0293ae

86.107.32.80

200 OK

0 B

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-includes/js/wp-emoji-release.min.js?ver=dd43f6a3c6eeea819153a4913d0293ae
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /nuovo/wp-includes/js/wp-emoji-release.min.js?ver=dd43f6a3c6eeea819153a4913d0293ae HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 11 Jun 2022 11:09:01 GMT
etag: "23e05d8-48b9-5e12a15110228"
accept-ranges: bytes
content-length: 18617
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:48 GMT
content-type: application/javascript
date: Fri, 09 Sep 2022 13:06:48 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.19

86.107.32.80

200 OK

0 B

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.19
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /nuovo/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.19 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 28 Mar 2022 10:42:38 GMT
etag: "238151a-5e6da-5db44f89ab7d9"
accept-ranges: bytes
content-length: 386778
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:48 GMT
content-type: application/javascript
date: Fri, 09 Sep 2022 13:06:48 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/themes/betheme/js/scripts.min.js?ver=26.2.1

86.107.32.80

200 OK

0 B

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/themes/betheme/js/scripts.min.js?ver=26.2.1
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nuovo/wp-content/themes/betheme/js/scripts.min.js?ver=26.2.1 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 28 Mar 2022 10:51:23 GMT
etag: "23c0420-b3da-5db4517dd9d95"
accept-ranges: bytes
content-length: 46042
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:48 GMT
content-type: application/javascript
date: Fri, 09 Sep 2022 13:06:48 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/themes/betheme/js/plugins.min.js?ver=26.2.1

86.107.32.80

200 OK

0 B

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/themes/betheme/js/plugins.min.js?ver=26.2.1
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nuovo/wp-content/themes/betheme/js/plugins.min.js?ver=26.2.1 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 28 Mar 2022 10:51:23 GMT
etag: "23c041e-30a83-5db4517dd99ad"
accept-ranges: bytes
content-length: 199299
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:48 GMT
content-type: application/javascript
date: Fri, 09 Sep 2022 13:06:48 GMT
server: Apache
X-Firefox-Spdy: h2

www.sensitivasarah.it/nuovo/wp-content/plugins/wordpress-whatsapp-support/assets/libraries/inputmask/jquery.inputmask.min.js?ver=5.0.6

86.107.32.80

200 OK

0 B

URL HTTP/2
www.sensitivasarah.it/nuovo/wp-content/plugins/wordpress-whatsapp-support/assets/libraries/inputmask/jquery.inputmask.min.js?ver=5.0.6
IP
86.107.32.80:0
ASN
#52030 Server Plan S.r.l.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /nuovo/wp-content/plugins/wordpress-whatsapp-support/assets/libraries/inputmask/jquery.inputmask.min.js?ver=5.0.6 HTTP/1.1
Host: www.sensitivasarah.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sensitivasarah.it/quam-quo/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 14 Aug 2022 17:11:20 GMT
etag: "3182e5d-16e88-5e6369aa0ede1"
accept-ranges: bytes
content-length: 93832
cache-control: max-age=15552000
expires: Wed, 08 Mar 2023 13:06:48 GMT
content-type: application/javascript
date: Fri, 09 Sep 2022 13:06:48 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP