{"report_id":"818333de-82ec-4faf-b079-17a4fedd8be6","version":6,"status":"done","tags":[],"date":"2025-10-08T22:28:51Z","url":{"schema":"http","addr":"vtmtrasporti.it/backoffice/","fqdn":"vtmtrasporti.it","domain":"vtmtrasporti.it","tld":"it"},"ip":{"addr":"3.164.240.20","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"vtmtrasporti.it/login","fqdn":"vtmtrasporti.it","domain":"vtmtrasporti.it","tld":"it"},"title":"VTM"},"submit":{"url":{"schema":"http","addr":"vtmtrasporti.it/backoffice/","fqdn":"vtmtrasporti.it","domain":"vtmtrasporti.it","tld":"it"},"ip":{"addr":"3.164.240.20","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-12T22:28:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"assets.vtmtrasporti.it","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"vtmtrasporti.it","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"assets.vtmtrasporti.it","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-09-15","domain_rank":0,"first_seen":"2025-10-08T22:28:52.202789Z","last_seen":"2025-10-08T22:28:52.202789Z","alert_count":1,"request_count":1,"received_data":0,"sent_data":431,"comment":"","tags":null,"fingerprints":null},{"fqdn":"vtmtrasporti.it","ip":{"addr":"3.167.2.129","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2025-09-15","domain_rank":0,"first_seen":"2025-10-08T22:28:52.214995Z","last_seen":"2025-10-08T22:28:52.214995Z","alert_count":10,"request_count":10,"received_data":1070358,"sent_data":5027,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"PHP:8.3.25","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-10-05T22:12:06.373682Z","alert_count":0,"request_count":1,"received_data":15848,"sent_data":482,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-05T22:12:07.524768Z","alert_count":0,"request_count":2,"received_data":98732,"sent_data":1110,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"vtmtrasporti.it/build/105.84c840e1.js","fqdn":"vtmtrasporti.it","domain":"vtmtrasporti.it","tld":"it"},"ip":{"addr":"3.167.2.129","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"10d18e36af2e2936f1753d49a970d6f8","sha1":"cee301ae9f388b10ebfde668e9553f9b77adbf35","sha256":"56b05d51cecccb33db8b215bbebd8f4ea6cd5c71db19129f8995f3a7eaa84634","sha512":"cc2b613036b67b36a68df2b108be1871a9725992f896b4bf127556e92e89be4d45889cd133abd8921737d6342bf13abd44f7a54859143dcadfe1fbc12bb6109d","ssdeep":"1536:t6jLMFVd0mEpHuVRpXTOR2t/B/SXHAJirakiuN20sKgsFSbsfdEghuuaqrr1rRFF:tgmhVRpdcz8IxdEghLZBrRD","tlshash":"2fc3c7497250b8760adb51a6913b030bf23a1958b54a806cb57cedde2d7dc89313bfbc","size":127815,"data":"","first_seen":"2025-10-08T22:28:56.839034Z","last_seen":"2025-10-08T22:28:56.839034Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vtmtrasporti.it/login","fqdn":"vtmtrasporti.it","domain":"vtmtrasporti.it","tld":"it"},"ip":{"addr":"3.167.2.129","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"baf63a5566b9553553119dee37ecddbe","sha1":"da59651615f615a75341e25cae5b8035b746a641","sha256":"9d0a80c604b628e1686d61e85b15678701f9d66928f1332e444ec4c4eda1764f","sha512":"9c83e8dd4b19b22fd934b4f090473caa0c4613b092c3fffdafb8e83da9b8e60ab802ab9a5885bd8638ba12cbbde723ec7c801c03f648aca375c985fa506aa622","ssdeep":"","tlshash":"9f314b2561f299442d6770fe0bef8606a5f585034009ce04393d9b852fe4ee14a6476f","size":1730,"data":"","first_seen":"2025-10-08T22:28:56.842796Z","last_seen":"2025-11-11T19:38:38.522763Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vtmtrasporti.it/build/runtime.ff7d5b69.js","fqdn":"vtmtrasporti.it","domain":"vtmtrasporti.it","tld":"it"},"ip":{"addr":"3.167.2.129","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc7779e8d9691eea0dfa33f1f0ba9db8","sha1":"b97618ed4d9ac3893a4aa4d07909519990ff7cc4","sha256":"1945bef0c8a600780fb8455d11fc36ea2bceee0c68d65429aa6aa8e12bac58e2","sha512":"6e1d2151a677085253a5088998edff889f7378071dbb325cc9dc8f9a4a9ed747a584b0b6a3b0829b8c0cf9e950f34561caa34c7bdbf0e26cda4bc0f3c55d6bf4","ssdeep":"","tlshash":"f921729432f0e4e52ba699c50a1f8047f212a533207ee5f2f717cc796868a960537ea1","size":1407,"data":"","first_seen":"2025-10-08T22:28:56.817524Z","last_seen":"2026-01-03T09:08:59.633661Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vtmtrasporti.it/build/restricted.070aa773.js","fqdn":"vtmtrasporti.it","domain":"vtmtrasporti.it","tld":"it"},"ip":{"addr":"3.167.2.129","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f386757735d038d1f0748619de0a930d","sha1":"4a09247f54ab36fc40a0626483630b2de865fba6","sha256":"be25c8a8ecb482a2011f6d74aa62336142ee649e6d208599ac0029c8dfab76f7","sha512":"b4c35a221bef264209f48972f703680701f1d88e6cd347e2c27e7f58a449de694b9d421f482959f37cb9a51bb9617a82f4eec066f27f2359a5a58e656a402e75","ssdeep":"192:CHYIBPktICpgZ/wnhCaAVwV+nosUtVUeHYIBK9Y9g:mxCeIUwVgQtVUyK9Y9g","tlshash":"8b22b7487281f0f98bb765e150ef624bf1793915509ae4a4d3e1d8e0a8fcdda0273f1a","size":9961,"data":"","first_seen":"2025-10-08T22:28:56.824195Z","last_seen":"2025-10-08T22:28:56.824195Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vtmtrasporti.it/build/345.63e42ec2.js","fqdn":"vtmtrasporti.it","domain":"vtmtrasporti.it","tld":"it"},"ip":{"addr":"3.167.2.129","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1c8e30005e2e0a2d177ac78606c0eb96","sha1":"22f87fe709517b0c4a74b4a8376f29791d92c2ac","sha256":"dfbe78394d3aea045283a2936192eff811e8d2bc315cfc2b3db6c2bc24d94bdd","sha512":"17b2eb848ab5940351756f376811a9b3930acd013bb715a7654fb951092520568d01c5a3723f2b8036318070db18bc15c9bca1c57a229a7a4152f286e311c8e6","ssdeep":"6144:xMcfF3DYtOwp22GD3TEVxTjOP3NPzRUZmo2Tc4sdhGm3nxJAlAK9Qeq:xBdTYYHVD30sNPc4rFm3L2Zzq","tlshash":"aad4f7cd31c2b06267a771ba007f200bf23b5d59a80e8510f626d4e97c7994e927bf6d","size":615654,"data":"","first_seen":"2025-10-08T22:28:56.820855Z","last_seen":"2025-10-08T22:28:56.820855Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"assets.vtmtrasporti.it/","fqdn":"assets.vtmtrasporti.it","domain":"vtmtrasporti.it","tld":"it"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vtmtrasporti.it/login","date":"2025-10-08T22:28:26.416Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: assets.vtmtrasporti.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vtmtrasporti.it/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"assets.vtmtrasporti.it","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vtmtrasporti.it/build/runtime.ff7d5b69.js","fqdn":"vtmtrasporti.it","domain":"vtmtrasporti.it","tld":"it"},"ip":{"addr":"3.167.2.129","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vtmtrasporti.it/login","date":"2025-10-08T22:28:26.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vtmtrasporti.it","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 16 Sep 2025 00:00:00 GMT","end":"Thu, 15 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:12:BC:D2:5A:77:06:15:56:A8:17:3C:8B:68:08:AB:82:34:02:BE","sha256":"DD:33:57:D0:FC:41:34:07:E7:D1:F6:1F:07:D9:87:B5:92:FC:88:02:08:06:89:08:43:96:41:6D:A8:1C:F2:0A"}}},"request":{"raw":"GET /build/runtime.ff7d5b69.js HTTP/1.1\r\nHost: vtmtrasporti.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vtmtrasporti.it/login\r\nCookie: PHPSESSID=2844b6e31e27aed914a58710c3065310\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 23\r\nlast-modified: Fri, 12 Sep 2025 16:26:27 GMT\r\ncontent-encoding: br\r\nx-amz-server-side-encryption: AES256\r\nserver: AmazonS3\r\ndate: Wed, 08 Oct 2025 22:28:04 GMT\r\netag: W/\"fc7779e8d9691eea0dfa33f1f0ba9db8\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f1dfb112336c56393fdb3341c0df8da0.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 2-b41NNxSHF1RjT4dB_Y5j-8jSFDa57a6oBTk3F-GcDk-2m5i6Pwpg==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":1407,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1407), with no line terminators","md5":"fc7779e8d9691eea0dfa33f1f0ba9db8","sha1":"b97618ed4d9ac3893a4aa4d07909519990ff7cc4","sha256":"1945bef0c8a600780fb8455d11fc36ea2bceee0c68d65429aa6aa8e12bac58e2","sha512":"6e1d2151a677085253a5088998edff889f7378071dbb325cc9dc8f9a4a9ed747a584b0b6a3b0829b8c0cf9e950f34561caa34c7bdbf0e26cda4bc0f3c55d6bf4","ssdeep":"","tlshash":"f921729432f0e4e52ba699c50a1f8047f212a533207ee5f2f717cc796868a960537ea1","first_seen":"2025-10-08T22:28:56.817524Z","last_seen":"2026-01-03T09:08:59.633661Z","times_seen":4,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"vtmtrasporti.it","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vtmtrasporti.it/build/345.63e42ec2.js","fqdn":"vtmtrasporti.it","domain":"vtmtrasporti.it","tld":"it"},"ip":{"addr":"3.167.2.129","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vtmtrasporti.it/login","date":"2025-10-08T22:28:26.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vtmtrasporti.it","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 16 Sep 2025 00:00:00 GMT","end":"Thu, 15 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:12:BC:D2:5A:77:06:15:56:A8:17:3C:8B:68:08:AB:82:34:02:BE","sha256":"DD:33:57:D0:FC:41:34:07:E7:D1:F6:1F:07:D9:87:B5:92:FC:88:02:08:06:89:08:43:96:41:6D:A8:1C:F2:0A"}}},"request":{"raw":"GET /build/345.63e42ec2.js HTTP/1.1\r\nHost: vtmtrasporti.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vtmtrasporti.it/login\r\nCookie: PHPSESSID=2844b6e31e27aed914a58710c3065310\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 23\r\ndate: Wed, 08 Oct 2025 22:28:04 GMT\r\nlast-modified: Fri, 12 Sep 2025 16:26:22 GMT\r\ncontent-encoding: br\r\nx-amz-server-side-encryption: AES256\r\nserver: AmazonS3\r\netag: W/\"1c8e30005e2e0a2d177ac78606c0eb96\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f1dfb112336c56393fdb3341c0df8da0.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: fq8KsBb2hozH-WRoRwv2DNbNceu3nLuRavL7qK6oz5_B9biwFyuueg==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":615654,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65466)","md5":"1c8e30005e2e0a2d177ac78606c0eb96","sha1":"22f87fe709517b0c4a74b4a8376f29791d92c2ac","sha256":"dfbe78394d3aea045283a2936192eff811e8d2bc315cfc2b3db6c2bc24d94bdd","sha512":"17b2eb848ab5940351756f376811a9b3930acd013bb715a7654fb951092520568d01c5a3723f2b8036318070db18bc15c9bca1c57a229a7a4152f286e311c8e6","ssdeep":"6144:xMcfF3DYtOwp22GD3TEVxTjOP3NPzRUZmo2Tc4sdhGm3nxJAlAK9Qeq:xBdTYYHVD30sNPc4rFm3L2Zzq","tlshash":"aad4f7cd31c2b06267a771ba007f200bf23b5d59a80e8510f626d4e97c7994e927bf6d","first_seen":"2025-10-08T22:28:56.820855Z","last_seen":"2025-10-08T22:28:56.820855Z","times_seen":1,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"vtmtrasporti.it","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vtmtrasporti.it/build/restricted.070aa773.js","fqdn":"vtmtrasporti.it","domain":"vtmtrasporti.it","tld":"it"},"ip":{"addr":"3.167.2.129","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vtmtrasporti.it/login","date":"2025-10-08T22:28:26.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vtmtrasporti.it","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 16 Sep 2025 00:00:00 GMT","end":"Thu, 15 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:12:BC:D2:5A:77:06:15:56:A8:17:3C:8B:68:08:AB:82:34:02:BE","sha256":"DD:33:57:D0:FC:41:34:07:E7:D1:F6:1F:07:D9:87:B5:92:FC:88:02:08:06:89:08:43:96:41:6D:A8:1C:F2:0A"}}},"request":{"raw":"GET /build/restricted.070aa773.js HTTP/1.1\r\nHost: vtmtrasporti.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vtmtrasporti.it/login\r\nCookie: PHPSESSID=2844b6e31e27aed914a58710c3065310\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 23\r\ndate: Wed, 08 Oct 2025 22:28:04 GMT\r\nlast-modified: Fri, 12 Sep 2025 16:26:27 GMT\r\ncontent-encoding: br\r\nx-amz-server-side-encryption: AES256\r\nserver: AmazonS3\r\netag: W/\"f386757735d038d1f0748619de0a930d\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f1dfb112336c56393fdb3341c0df8da0.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: RHjQb1YhEttq-novE8IcQ3XcaYi3paLkw67JXcZN9jAKpPabIV9x0Q==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":9961,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9959), with no line terminators","md5":"f386757735d038d1f0748619de0a930d","sha1":"4a09247f54ab36fc40a0626483630b2de865fba6","sha256":"be25c8a8ecb482a2011f6d74aa62336142ee649e6d208599ac0029c8dfab76f7","sha512":"b4c35a221bef264209f48972f703680701f1d88e6cd347e2c27e7f58a449de694b9d421f482959f37cb9a51bb9617a82f4eec066f27f2359a5a58e656a402e75","ssdeep":"192:CHYIBPktICpgZ/wnhCaAVwV+nosUtVUeHYIBK9Y9g:mxCeIUwVgQtVUyK9Y9g","tlshash":"8b22b7487281f0f98bb765e150ef624bf1793915509ae4a4d3e1d8e0a8fcdda0273f1a","first_seen":"2025-10-08T22:28:56.824195Z","last_seen":"2025-10-08T22:28:56.824195Z","times_seen":1,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"vtmtrasporti.it","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vtmtrasporti.it/login","date":"2025-10-08T22:28:26.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"54:09:EF:2E:96:03:5C:86:DF:F0:DA:AC:A6:7A:0D:35:49:4E:68:90","sha256":"0E:84:83:07:1D:C1:46:17:EB:EA:2F:15:CE:88:56:D2:FF:9E:AE:31:D2:C3:FC:DA:00:24:46:48:43:CD:11:1F"}}},"request":{"raw":"GET /css2?family=Inter:wght@300;400;500;600;700;800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vtmtrasporti.it/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 08 Oct 2025 22:28:26 GMT\r\ndate: Wed, 08 Oct 2025 22:28:26 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15162,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"cd46912baf19b9fe32c8e6a6320bcaf9","sha1":"08ee007e9656ed41ffbabdb06701a3895bfa0094","sha256":"92a04c9ec1ae41b88f1eda4e7c4d74ffea87294a25c63c0fcdd7472dd82f1035","sha512":"33912fabd74bd7afee0c49ddd4b89161dfc7939fabb2ac6a75b9a5b4fd3e745fcdb6a4dda2ba6ddef3c9177f4ac972ff43239bc2f1af456c7530e7b981510b9e","ssdeep":"192:wNA1cO3lnxirNNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGfNx0NO3kc:8KYXuM0p2+g7r","tlshash":"3f628892002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-11T14:17:01.635764Z","last_seen":"2026-04-04T09:35:02.976076Z","times_seen":2307,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":156,"dns":1,"connect":7,"send":0,"wait":19,"receive":0,"ssl":146},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://vtmtrasporti.it/login","date":"2025-10-08T22:28:26.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://vtmtrasporti.it\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 08 Oct 2025 17:22:44 GMT\r\nexpires: Thu, 08 Oct 2026 17:22:44 GMT\r\ncache-control: public, max-age=31536000\r\nage: 18342\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-04T11:49:36.492347Z","times_seen":133063,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":103,"dns":1,"connect":15,"send":0,"wait":22,"receive":12,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vtmtrasporti.it/assets/img/favicon/android-icon-192x192.png","fqdn":"vtmtrasporti.it","domain":"vtmtrasporti.it","tld":"it"},"ip":{"addr":"3.167.2.129","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vtmtrasporti.it/login","date":"2025-10-08T22:28:26.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vtmtrasporti.it","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 16 Sep 2025 00:00:00 GMT","end":"Thu, 15 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:12:BC:D2:5A:77:06:15:56:A8:17:3C:8B:68:08:AB:82:34:02:BE","sha256":"DD:33:57:D0:FC:41:34:07:E7:D1:F6:1F:07:D9:87:B5:92:FC:88:02:08:06:89:08:43:96:41:6D:A8:1C:F2:0A"}}},"request":{"raw":"GET /assets/img/favicon/android-icon-192x192.png HTTP/1.1\r\nHost: vtmtrasporti.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vtmtrasporti.it/login\r\nCookie: PHPSESSID=2844b6e31e27aed914a58710c3065310\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: application/xml\r\nx-amz-cf-pop: OSL50-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver: AmazonS3\r\ndate: Wed, 08 Oct 2025 22:28:26 GMT\r\nx-cache: Error from cloudfront\r\nvia: 1.1 f1dfb112336c56393fdb3341c0df8da0.cloudfront.net (CloudFront)\r\nx-amz-cf-id: zh6lXcF_1TZyqys3tnmhLmApm3wHL0Rbbg1r9C9CUNTuUizjIOzoPg==\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":111,"size_decoded":0,"mime_type":"application/xml","magic":"XML 1.0 document, ASCII text","md5":"b6c792c0f58fa3ec92173c074885221f","sha1":"0dde8fd9111d807e202b2fb37f8bcc4052fd861e","sha256":"a824bc7739e226e1b40ea0f8c4e4f4c6f796fc3b4abfa6e9abe3bd119a30d938","sha512":"83c8b765edcc44f6aaf19445881c315239095b4ac90e9bb85716084db9b9ec75f74876b49340cbaf5ae8d173e517af9eaf82e628d1d32090cd0b4ac8a5d08875","ssdeep":"","tlshash":"51b09201b208a82a19514e3a373cf110e310593102c426a8aa96a88317828914d08325","first_seen":"2025-01-13T10:02:12.3839Z","last_seen":"2026-04-04T10:14:45.609472Z","times_seen":4688,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"vtmtrasporti.it","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vtmtrasporti.it/backoffice/","fqdn":"vtmtrasporti.it","domain":"vtmtrasporti.it","tld":"it"},"ip":{"addr":"3.167.2.129","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-08T22:28:25.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vtmtrasporti.it","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 16 Sep 2025 00:00:00 GMT","end":"Thu, 15 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:12:BC:D2:5A:77:06:15:56:A8:17:3C:8B:68:08:AB:82:34:02:BE","sha256":"DD:33:57:D0:FC:41:34:07:E7:D1:F6:1F:07:D9:87:B5:92:FC:88:02:08:06:89:08:43:96:41:6D:A8:1C:F2:0A"}}},"request":{"raw":"GET /backoffice/ HTTP/1.1\r\nHost: vtmtrasporti.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 362\r\nlocation: https://vtmtrasporti.it/login\r\ndate: Wed, 08 Oct 2025 22:28:26 GMT\r\nx-amzn-remapped-date: Wed, 08 Oct 2025 22:28:25 GMT\r\nx-amzn-requestid: bc6252e7-c329-4c31-b12e-8c7aa7c4a100\r\nset-cookie: PHPSESSID=2844b6e31e27aed914a58710c3065310; path=/; secure; httponly; samesite=lax\r\nx-amz-apigw-id: SJjNnE8UDoEEHAQ=\r\ncache-control: max-age=0, must-revalidate, private\r\nexpires: Wed, 08 Oct 2025 22:28:25 GMT\r\nx-powered-by: PHP/8.3.25\r\nx-amzn-trace-id: Root=1-68e6e589-7ff8e5756ea9d3176cf2fd42;Parent=46903ce5b58df4c4;Sampled=0;Lineage=1:c8d5095c:0\r\nvia: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront), 1.1 42964aaabd797233b1d1e846aea4d0f8.cloudfront.net (CloudFront)\r\nx-cache: Miss from cloudfront\r\nx-amz-cf-pop: OSL50-P1, OSL50-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: ts-rbTB8zoeHz3fOyPYUT7GA7gfekb6BED7wHP7wnfSqVnr4FAx88w==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"PHP:8.3.25","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":7637,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":885,"timings":{"blocked":288,"dns":23,"connect":1,"send":0,"wait":309,"receive":0,"ssl":262},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"vtmtrasporti.it","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vtmtrasporti.it/login","fqdn":"vtmtrasporti.it","domain":"vtmtrasporti.it","tld":"it"},"ip":{"addr":"3.167.2.129","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-08T22:28:26.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vtmtrasporti.it","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 16 Sep 2025 00:00:00 GMT","end":"Thu, 15 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:12:BC:D2:5A:77:06:15:56:A8:17:3C:8B:68:08:AB:82:34:02:BE","sha256":"DD:33:57:D0:FC:41:34:07:E7:D1:F6:1F:07:D9:87:B5:92:FC:88:02:08:06:89:08:43:96:41:6D:A8:1C:F2:0A"}}},"request":{"raw":"GET /login HTTP/1.1\r\nHost: vtmtrasporti.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=2844b6e31e27aed914a58710c3065310\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nvia: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront), 1.1 42964aaabd797233b1d1e846aea4d0f8.cloudfront.net (CloudFront)\r\ndate: Wed, 08 Oct 2025 22:28:26 GMT\r\nx-amzn-remapped-date: Wed, 08 Oct 2025 22:28:26 GMT\r\nx-amzn-requestid: 950eb65c-f8c3-4308-9f54-5bf51d9134e6\r\nx-amz-apigw-id: SJjNpFDHDoEEBxg=\r\ncache-control: max-age=0, must-revalidate, private\r\nexpires: Wed, 08 Oct 2025 22:28:26 GMT\r\nx-powered-by: PHP/8.3.25\r\nx-amzn-trace-id: Root=1-68e6e58a-05ae3acf7afd86b949e92df1;Parent=022616e33de74046;Sampled=0;Lineage=1:c8d5095c:0\r\ncontent-encoding: gzip\r\nvary: accept-encoding\r\nx-cache: Miss from cloudfront\r\nx-amz-cf-pop: OSL50-P1, OSL50-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: mu0-aAWueET0Y8ChWfIPIA8qGtGh15jUNBN72S7MwxmF8RYs1Yv8iQ==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"PHP:8.3.25","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":7637,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"78ea9cd4223978ec6070c6127934f06d","sha1":"35759a0961f422489fe6f3829bced7b9aada136c","sha256":"324c3cf95a88ffb190db8d79c3cde1b945c13e2a5355a8f9321668a6fda71498","sha512":"79b0cf7063adfdea61c1fac84c5ebfbfee6f80a7d560490ace4b6a5f6b53772b0549da15a984283210ff3aeddbe1b0042d14bd53373d9b88b9d9f9acea75cd06","ssdeep":"96:nuNlU6qSN8LIkZoJ4eKSG2YvKw/AecwToyiD:iq6dN8ckZo/K0jec7yiD","tlshash":"72f1721114f088151623b0e86fa69609d6e2d607cb5b8e0471fe4b892ff6e914e6327b","first_seen":"2025-10-08T22:28:56.835105Z","last_seen":"2025-10-08T22:28:56.835105Z","times_seen":1,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"vtmtrasporti.it","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vtmtrasporti.it/build/restricted.545fa46c.css","fqdn":"vtmtrasporti.it","domain":"vtmtrasporti.it","tld":"it"},"ip":{"addr":"3.167.2.129","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vtmtrasporti.it/login","date":"2025-10-08T22:28:26.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vtmtrasporti.it","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 16 Sep 2025 00:00:00 GMT","end":"Thu, 15 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:12:BC:D2:5A:77:06:15:56:A8:17:3C:8B:68:08:AB:82:34:02:BE","sha256":"DD:33:57:D0:FC:41:34:07:E7:D1:F6:1F:07:D9:87:B5:92:FC:88:02:08:06:89:08:43:96:41:6D:A8:1C:F2:0A"}}},"request":{"raw":"GET /build/restricted.545fa46c.css HTTP/1.1\r\nHost: vtmtrasporti.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vtmtrasporti.it/login\r\nCookie: PHPSESSID=2844b6e31e27aed914a58710c3065310\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 23\r\ndate: Wed, 08 Oct 2025 22:28:04 GMT\r\nlast-modified: Fri, 12 Sep 2025 16:26:27 GMT\r\ncontent-encoding: br\r\nx-amz-server-side-encryption: AES256\r\nserver: AmazonS3\r\netag: W/\"e0aa6bee3574f3ccf090a6b21c66256b\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f1dfb112336c56393fdb3341c0df8da0.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 4bduKg_NOIVAMdk3xJr8cKwkMsAexjluqho9ZIulSuMToIFt3yB9Dg==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":260991,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (46212)","md5":"e0aa6bee3574f3ccf090a6b21c66256b","sha1":"5ee15125cd104990db6780a0b3982ca818655aaa","sha256":"3fc755e792678da916529ac1c8f552892734779f227b1a07029c8097dcc38594","sha512":"fa5bcb952c1d356e80a288e24a19ed63d149afc5359913504a02b099f607ba73ac1c73922a536c9f6085f32a3c9ee0abe2518a5a55ed81dcd374ffe2706fba54","ssdeep":"3072:YcmX9tfw6sJNLiHlqEpje60I4DnZoPkjMDm8:YcmX9tfwpJlFEpje60I4DnZoPNm8","tlshash":"ab44a3d6f690307daca7c1459695befd862fa585db110aa6f007736807cabd30923ecc","first_seen":"2025-10-08T22:28:56.836889Z","last_seen":"2025-10-08T22:28:56.836889Z","times_seen":1,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"vtmtrasporti.it","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vtmtrasporti.it/build/105.84c840e1.js","fqdn":"vtmtrasporti.it","domain":"vtmtrasporti.it","tld":"it"},"ip":{"addr":"3.167.2.129","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vtmtrasporti.it/login","date":"2025-10-08T22:28:26.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vtmtrasporti.it","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 16 Sep 2025 00:00:00 GMT","end":"Thu, 15 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:12:BC:D2:5A:77:06:15:56:A8:17:3C:8B:68:08:AB:82:34:02:BE","sha256":"DD:33:57:D0:FC:41:34:07:E7:D1:F6:1F:07:D9:87:B5:92:FC:88:02:08:06:89:08:43:96:41:6D:A8:1C:F2:0A"}}},"request":{"raw":"GET /build/105.84c840e1.js HTTP/1.1\r\nHost: vtmtrasporti.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vtmtrasporti.it/login\r\nCookie: PHPSESSID=2844b6e31e27aed914a58710c3065310\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 23\r\ndate: Wed, 08 Oct 2025 22:28:04 GMT\r\nlast-modified: Fri, 12 Sep 2025 16:26:22 GMT\r\ncontent-encoding: br\r\nx-amz-server-side-encryption: AES256\r\nserver: AmazonS3\r\netag: W/\"10d18e36af2e2936f1753d49a970d6f8\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f1dfb112336c56393fdb3341c0df8da0.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: n49BGKCbq6MfZhHLSsJHjExM0fOsopl3Re-2i29vTaRo-NB4VOqH3A==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":127815,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65466)","md5":"10d18e36af2e2936f1753d49a970d6f8","sha1":"cee301ae9f388b10ebfde668e9553f9b77adbf35","sha256":"56b05d51cecccb33db8b215bbebd8f4ea6cd5c71db19129f8995f3a7eaa84634","sha512":"cc2b613036b67b36a68df2b108be1871a9725992f896b4bf127556e92e89be4d45889cd133abd8921737d6342bf13abd44f7a54859143dcadfe1fbc12bb6109d","ssdeep":"1536:t6jLMFVd0mEpHuVRpXTOR2t/B/SXHAJirakiuN20sKgsFSbsfdEghuuaqrr1rRFF:tgmhVRpdcz8IxdEghLZBrRD","tlshash":"2fc3c7497250b8760adb51a6913b030bf23a1958b54a806cb57cedde2d7dc89313bfbc","first_seen":"2025-10-08T22:28:56.839034Z","last_seen":"2025-10-08T22:28:56.839034Z","times_seen":1,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"vtmtrasporti.it","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://vtmtrasporti.it/login","date":"2025-10-08T22:28:26.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://vtmtrasporti.it\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 08 Oct 2025 17:22:44 GMT\r\nexpires: Thu, 08 Oct 2026 17:22:44 GMT\r\ncache-control: public, max-age=31536000\r\nage: 18342\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-04T11:49:36.492347Z","times_seen":133063,"resource_available":false,"data":null}},"time_used":223,"timings":{"blocked":93,"dns":1,"connect":15,"send":0,"wait":15,"receive":21,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vtmtrasporti.it/assets/img/favicon/favicon-16x16.png","fqdn":"vtmtrasporti.it","domain":"vtmtrasporti.it","tld":"it"},"ip":{"addr":"3.167.2.129","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vtmtrasporti.it/login","date":"2025-10-08T22:28:26.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vtmtrasporti.it","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 16 Sep 2025 00:00:00 GMT","end":"Thu, 15 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:12:BC:D2:5A:77:06:15:56:A8:17:3C:8B:68:08:AB:82:34:02:BE","sha256":"DD:33:57:D0:FC:41:34:07:E7:D1:F6:1F:07:D9:87:B5:92:FC:88:02:08:06:89:08:43:96:41:6D:A8:1C:F2:0A"}}},"request":{"raw":"GET /assets/img/favicon/favicon-16x16.png HTTP/1.1\r\nHost: vtmtrasporti.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vtmtrasporti.it/login\r\nCookie: PHPSESSID=2844b6e31e27aed914a58710c3065310\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: application/xml\r\nx-amz-cf-pop: OSL50-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver: AmazonS3\r\ndate: Wed, 08 Oct 2025 22:28:26 GMT\r\nx-cache: Error from cloudfront\r\nvia: 1.1 f1dfb112336c56393fdb3341c0df8da0.cloudfront.net (CloudFront)\r\nx-amz-cf-id: dM62aZiV3gYTbZhO6W6sIZvT562KY599VCC5DU88l6W18L-an0OgJQ==\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":111,"size_decoded":0,"mime_type":"application/xml","magic":"XML 1.0 document, ASCII text","md5":"b6c792c0f58fa3ec92173c074885221f","sha1":"0dde8fd9111d807e202b2fb37f8bcc4052fd861e","sha256":"a824bc7739e226e1b40ea0f8c4e4f4c6f796fc3b4abfa6e9abe3bd119a30d938","sha512":"83c8b765edcc44f6aaf19445881c315239095b4ac90e9bb85716084db9b9ec75f74876b49340cbaf5ae8d173e517af9eaf82e628d1d32090cd0b4ac8a5d08875","ssdeep":"","tlshash":"51b09201b208a82a19514e3a373cf110e310593102c426a8aa96a88317828914d08325","first_seen":"2025-01-13T10:02:12.3839Z","last_seen":"2026-04-04T10:14:45.609472Z","times_seen":4688,"resource_available":true,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"vtmtrasporti.it","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vtmtrasporti.it/build/345.293cb41b.css","fqdn":"vtmtrasporti.it","domain":"vtmtrasporti.it","tld":"it"},"ip":{"addr":"3.167.2.129","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vtmtrasporti.it/login","date":"2025-10-08T22:28:26.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vtmtrasporti.it","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 16 Sep 2025 00:00:00 GMT","end":"Thu, 15 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"89:12:BC:D2:5A:77:06:15:56:A8:17:3C:8B:68:08:AB:82:34:02:BE","sha256":"DD:33:57:D0:FC:41:34:07:E7:D1:F6:1F:07:D9:87:B5:92:FC:88:02:08:06:89:08:43:96:41:6D:A8:1C:F2:0A"}}},"request":{"raw":"GET /build/345.293cb41b.css HTTP/1.1\r\nHost: vtmtrasporti.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vtmtrasporti.it/login\r\nCookie: PHPSESSID=2844b6e31e27aed914a58710c3065310\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 23\r\nlast-modified: Fri, 12 Sep 2025 16:26:22 GMT\r\ncontent-encoding: br\r\nx-amz-server-side-encryption: AES256\r\nserver: AmazonS3\r\ndate: Wed, 08 Oct 2025 22:28:04 GMT\r\netag: W/\"6b4592e8a9cd4823961ddf82a5947330\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f1dfb112336c56393fdb3341c0df8da0.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: W1n4GBYlZ7nHv_JkyXARD0TZuc8ftBa1WXf7TF2l6qtGwqUUHZRdoA==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":33486,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (13533)","md5":"6b4592e8a9cd4823961ddf82a5947330","sha1":"6b79e1c8df833e217cb3e5c1a7dd08c09199e252","sha256":"dadb2af36dd2a37163c970326860bfbb11fee483ff40bd637e9f3c94d64e5979","sha512":"1ed51718715f0f71d4aef39d13e503089c53065876819f98d9f9277dd0e05fe9cf44d78252e3922f3222c0e520ca49cee84084217f6954f0c7c30e1e0038e908","ssdeep":"384:DkUJwam2ukG6y2C8vSc7nfZBhVflU237Q0clSaRmR3LKBld1eGblg9qyVAaFV:IUJHm2ukG6y2C8hBhnqgH","tlshash":"32e265716083252efe33c23050e16ef8912bc205fd925ebde09af69956e68f4857bd70","first_seen":"2025-10-08T22:28:56.840533Z","last_seen":"2025-10-14T15:34:02.619576Z","times_seen":2,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"vtmtrasporti.it","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}