amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
192.135.27.157301 Moved Permanently 401 B URL HTTP/1.1 amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
IP 192.135.27.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8eb6135785ba4643bcee389ee461c054
0a52fb4418348af993e1f2948ebb7a5aa7665c6b
49dbb0a7002b3c3fece072980c277e91bf3ec86b7cf8ac53264bb31fc1c5ecb0
Analyzer Verdict Alert fortinet Malware
GET /index.php/performance/itemlist/category/54-piano-della-performance HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 21 Nov 2022 18:36:06 GMT
Server: Apache
Location: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Content-Length: 401
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6ed951622549ed76959631f8a1bf497b
682b2dd2a72190510e3fa7bdb0c0c6f25a322dfb
86f5e5ae2da408a899d16c83b7ca441033ac0c30062cd29f2db1b1b5be666746
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86F5E5AE2DA408A899D16C83B7CA441033AC0C30062CD29F2DB1B1B5BE666746"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3450
Expires: Mon, 21 Nov 2022 19:27:50 GMT
Date: Mon, 21 Nov 2022 18:30:20 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4843de3bf95411e6aa89834def44bb86
1f1882351ac63fba73a22014382f69df5e02ec96
1e6ed1df02f8fa6c89ddca66f7c9981f8a06127d7ec90b503703137e823bb4b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5836
Cache-Control: max-age=149893
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 18:30:20 GMT
Etag: "637b5375-1d7"
Expires: Wed, 23 Nov 2022 12:08:33 GMT
Last-Modified: Mon, 21 Nov 2022 10:31:17 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 21 Nov 2022 18:09:16 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1264
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1cee7787feebac18f9eca273e56e3741
3a7dac544172921e24c2a1701beef5079b21d01b
79ff4a450c749d64e116c00ca3b00d40e968906c5c3881d6eeb2dc6374a4c858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79FF4A450C749D64E116C00CA3B00D40E968906C5C3881D6EEB2DC6374A4C858"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4437
Expires: Mon, 21 Nov 2022 19:44:17 GMT
Date: Mon, 21 Nov 2022 18:30:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hDsOSRJw5qg+9iwgmvZpXRVnIoUhnn2u886gRIF7N6c2Fb6mA+68OFP+Y3tYiwuaq/RTsNP5X+g=
x-amz-request-id: RRZKMZEPKYAYXR7D
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 21 Nov 2022 17:42:12 GMT
age: 2888
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 18:30:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
geant.ocsp.sectigo.com/
104.18.32.68200 OK 728 B IP 104.18.32.68:0
Hash 9a0cf2c71c0e213fa058c746b793e63f
73e1d02ca081ce310104993b5afd4a25f4ef049a
d4b6d1e236f1b93d3609cd0cc691b5ddf65555508d8c863701d39f719d833229
POST / HTTP/1.1
Host: geant.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:30:20 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 17:50:50 GMT
Expires: Fri, 25 Nov 2022 17:50:49 GMT
Etag: "73e1d02ca081ce310104993b5afd4a25f4ef049a"
Cache-Control: max-age=342628,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76db7ef98807b4ed-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 21 Nov 2022 18:08:47 GMT
cache-control: public,max-age=3600
age: 1293
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2db0ebb9efcf3be3c92f23b61de5c065
dd830565723f18a7944c26d24b0fb142d06a71a5
8615316184c4d1d64db923a5364363bbb3d25e146a042c5fbd5bf0cfcec8effb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 889
Cache-Control: max-age=139883
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 18:30:20 GMT
Etag: "637b3fae-1d7"
Expires: Wed, 23 Nov 2022 09:21:43 GMT
Last-Modified: Mon, 21 Nov 2022 09:06:54 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
192.135.27.157200 OK 15 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
IP 192.135.27.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (30341), with CRLF, CR, LF line terminators
Hash 8277b07d8dacb60eef4aa55f6eb8307c
9ff5f49c0c811c04db11b24595b34333a0e40d2e
260e7ec346ae373114a812fb5f0da8f6640858f38901cd45365006eedc207409
Analyzer Verdict Alert fortinet Malware
GET /index.php/performance/itemlist/category/54-piano-della-performance HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:07 GMT
Server: Apache
Set-Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1; path=/; HttpOnly
X-Logged-In: False
X-Content-Powered-By: K2 v2.7.1 (by JoomlaWorks)
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Last-Modified: Mon, 21 Nov 2022 18:36:07 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 14663
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
amministrazionetrasparente.gssi.it/media/k2/assets/css/k2.fonts.css?v2.7.1
192.135.27.157200 OK 2.8 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/media/k2/assets/css/k2.fonts.css?v2.7.1
IP 192.135.27.157:0
File type ASCII text, with very long lines (3266)
Hash 6b8a54041a1695037c68bb5363497762
103972ec360ccf80f3014b1a944425392ad36e32
d67bf71768060e97371e272125de110a858654532f37d141e5ee29109f5ade93
Analyzer Verdict Alert fortinet Malware
GET /media/k2/assets/css/k2.fonts.css?v2.7.1 HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Wed, 16 May 2018 11:10:44 GMT
ETag: "306a-56c50c5268220-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 2760
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8796b1bba5e0df458c07179adea64173
b3c3f64718de099805a200e156774ea356a08132
ae32033094ed99df37e4537b91ec3d52a8fd2f0d2f538e3c81901e1f9c29a0a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 18:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
amministrazionetrasparente.gssi.it/templates/protostarplus/css/template.css
192.135.27.157200 OK 24 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/templates/protostarplus/css/template.css
IP 192.135.27.157:0
File type troff or preprocessor input, ASCII text
Hash 14a2cbaf594c0513a8f4a413f6691390
74db1e493865088ef012097e5fb7e50734494c4d
2b08639d4176a40602ccf8a258ede521dc96a7b48597ae3beb2705a5d0797d74
GET /templates/protostarplus/css/template.css HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Wed, 16 Aug 2017 14:53:20 GMT
ETag: "26d89-556e00e8da460-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 24518
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
amministrazionetrasparente.gssi.it/plugins/content/responsive-tables/responsive-tables.css
192.135.27.157200 OK 485 B URL HTTP/1.1 amministrazionetrasparente.gssi.it/plugins/content/responsive-tables/responsive-tables.css
IP 192.135.27.157:0
Hash 455bffd9a1fefe944bb1971884bd5db3
238fc1aaeb1528a34212e8d629c813c316145d40
c3644ee5048a8cbbdfeb27e0d8aeac9916f16eda6b04fad0cd108278aabd4a1e
GET /plugins/content/responsive-tables/responsive-tables.css HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2017 09:30:25 GMT
ETag: "4fd-54bb2fe3df340-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 485
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
amministrazionetrasparente.gssi.it/components/com_k2/css/k2.css?v2.7.1
192.135.27.157200 OK 8.9 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/components/com_k2/css/k2.css?v2.7.1
IP 192.135.27.157:0
File type assembler source, ASCII text
Hash 0462dad98371fdb6628c40ac45a3ceda
9c704fb51fbc09767895a4010f35906b81abf8ea
2fe2c0084fcc9b460c56d96de0eafdc3dd4df1b036e477f0cf46d5cbe9d6a08d
Analyzer Verdict Alert fortinet Malware
GET /components/com_k2/css/k2.css?v2.7.1 HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Tue, 14 Mar 2017 09:06:43 GMT
ETag: "c869-54aad259366c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 8852
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.css
104.17.25.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.css
IP 104.17.25.14:0
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash 7dc55ce153193497e76e3a148ffc80cd
d6a36e23c8470c3fd3136a86c429ffd8eb1c051d
2cb71236c6e9992854cc8ac9c65d140ccfa3d7172f0bc19ac7bfeace68e499fd
GET /ajax/libs/font-awesome/4.6.3/css/font-awesome.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 18:30:21 GMT
content-type: text/css; charset=utf-8
content-length: 5565
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-893e"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 14501847
expires: Sat, 11 Nov 2023 18:30:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kv2EVMXacLlQUMmUN8DO2ACPN58Qmcm9Or0QbWD4UjSffYtMfYCVFTzKpN2lQJsbp9Ui1tz6PkRmPE55CiUSSdFtg2Hm0F5Xdtf%2BDOTVU2Je%2FS3bTTRzHkcxq226RA%2FfNK0bMJkX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76db7efeabe10b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
amministrazionetrasparente.gssi.it/plugins/system/ns_fontawesome/fontawesome/css/font-awesome.css
192.135.27.157200 OK 7.4 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/plugins/system/ns_fontawesome/fontawesome/css/font-awesome.css
IP 192.135.27.157:0
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash 57a8ee32de25312ab303210ef3c556a9
388f783ee7c84801442370bf8d3812213a1198f5
8bdd62fda01c7b19a4d2ee31cfb4d2fc6123a958cb23bf902c9fead7fc6a9c0d
GET /plugins/system/ns_fontawesome/fontawesome/css/font-awesome.css HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Wed, 15 Mar 2017 09:29:01 GMT
ETag: "9226-54ac193299240-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 7439
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
amministrazionetrasparente.gssi.it/templates/protostarplus/css/font-awesome.min.css
192.135.27.157200 OK 6.2 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/templates/protostarplus/css/font-awesome.min.css
IP 192.135.27.157:0
File type ASCII text, with very long lines (27303)
Hash f14f185447db679e05c7b381ec56b6a9
f3e14686cab8519fd93955410d5b281ae86d6e69
26c6be13c6ab47c65829a0584e5c8af70013edb222abb8eb94f5a92bb7702863
GET /templates/protostarplus/css/font-awesome.min.css HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Wed, 16 Aug 2017 14:53:20 GMT
ETag: "6b4a-556e00e8d3700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 6243
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
amministrazionetrasparente.gssi.it/modules/mod_accordeonck/themes/simple/mod_accordeonck_css.php?cssid=accordeonck106
192.135.27.157200 OK 485 B URL HTTP/1.1 amministrazionetrasparente.gssi.it/modules/mod_accordeonck/themes/simple/mod_accordeonck_css.php?cssid=accordeonck106
IP 192.135.27.157:0
Hash 3a12350fd2d7842b159be6b420d0f9fb
9a6b1bc0929ca2175c44b5dc728d2f4b44a02b37
7a9dca3a890d61bb0ce8e2604089480909ff267dcaf292e759242ff5ee0d64e0
Analyzer Verdict Alert fortinet Malware
GET /modules/mod_accordeonck/themes/simple/mod_accordeonck_css.php?cssid=accordeonck106 HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 485
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8
amministrazionetrasparente.gssi.it/modules/mod_datetime/tmpl/default.css
192.135.27.157200 OK 332 B URL HTTP/1.1 amministrazionetrasparente.gssi.it/modules/mod_datetime/tmpl/default.css
IP 192.135.27.157:0
Hash c9baecd05cd9ea80f87ed129097585f2
90eae9f82bac687d255c2297cd325826d3302347
8d07b83cbe638ed374e4d4b1d2ea7dedd4b1a24b5176eaea9a38b1e7a2a9f63e
GET /modules/mod_datetime/tmpl/default.css HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Thu, 28 Sep 2017 09:10:59 GMT
ETag: "252-55a3c496504c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 332
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
fonts.googleapis.com/css?family=Open+Sans
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans
IP 142.250.74.10:0
Hash 7fb67f48afa3fde58176d065949a1128
0641c96c23710661861aaccd64b113921bc1874a
f364cc83a9567cfa279f5f9449d88f70feeccaa7a9077f7ed6c1117b502009e2
GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 21 Nov 2022 18:30:21 GMT
date: Mon, 21 Nov 2022 18:30:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
amministrazionetrasparente.gssi.it/modules/mod_jf_mobilemenu/assets/jf_mm.min.css
192.135.27.157200 OK 1.3 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/modules/mod_jf_mobilemenu/assets/jf_mm.min.css
IP 192.135.27.157:0
File type ASCII text, with very long lines (3717), with CRLF line terminators
Hash 11c2363fb4882fa12830bf9e4f7d356b
2036948ef46f4e3d7be9481e3f5249fa7878e329
2893d32fcf1540bf65954764421a43ff380aecd4fb9a624e870cbf56b0ce7362
GET /modules/mod_jf_mobilemenu/assets/jf_mm.min.css HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Thu, 28 Sep 2017 07:50:52 GMT
ETag: "fb9-55a3b2adc0d60-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 1273
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
54.148.213.75101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.213.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tdfZhKij/8G/XSSQaTPkDA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kvUwPP6+XKvTQnSi+5SkcjPgQx8=
amministrazionetrasparente.gssi.it/media/jui/js/jquery-noconflict.js
192.135.27.157200 OK 21 B URL HTTP/1.1 amministrazionetrasparente.gssi.it/media/jui/js/jquery-noconflict.js
IP 192.135.27.157:0
Hash e2060c4e5e5955c824723b13a212d3ec
18420ce484978f8ba3d7371febf1638828bb7a67
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
Analyzer Verdict Alert fortinet Malware
GET /media/jui/js/jquery-noconflict.js HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Wed, 16 May 2018 11:10:14 GMT
ETag: "15-56c50c35af980"
Accept-Ranges: bytes
Content-Length: 21
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
amministrazionetrasparente.gssi.it/media/jui/js/jquery-migrate.min.js
192.135.27.157200 OK 4.0 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/media/jui/js/jquery-migrate.min.js
IP 192.135.27.157:0
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert fortinet Malware
GET /media/jui/js/jquery-migrate.min.js HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Wed, 16 May 2018 11:10:14 GMT
ETag: "2748-56c50c35ada40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 4014
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
amministrazionetrasparente.gssi.it/media/k2/assets/js/k2.frontend.js?v2.7.1&sitepath=/
192.135.27.157200 OK 2.6 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/media/k2/assets/js/k2.frontend.js?v2.7.1&sitepath=/
IP 192.135.27.157:0
Hash a5e4cbedc0ede8ebcb926aa05dd81bdc
881f27c3d90235ece925b5d25ef66d6e1d8d48ed
6d7b4b83323e566b99c4f24d802eaaa6673dcd4327aeaffdd84f724ccf85042a
GET /media/k2/assets/js/k2.frontend.js?v2.7.1&sitepath=/ HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Wed, 16 May 2018 11:10:45 GMT
ETag: "24f3-56c50c533ff40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 2627
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
amministrazionetrasparente.gssi.it/media/jui/js/bootstrap.min.js
192.135.27.157200 OK 7.7 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/media/jui/js/bootstrap.min.js
IP 192.135.27.157:0
File type ASCII text, with very long lines (29002)
Hash fc8b97507794f272cffac61360a304c0
9ea0634a66aec33fa44b92c71fc09c9fbb37b3d9
1004988d51baf8a1b7a14bd468fc219ecb180644a1baa36076dcb09c440bef19
Analyzer Verdict Alert fortinet Malware
GET /media/jui/js/bootstrap.min.js HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Wed, 16 May 2018 11:10:14 GMT
ETag: "71e4-56c50c357cd00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 7701
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
amministrazionetrasparente.gssi.it/templates/protostarplus/js/template.js
192.135.27.157200 OK 577 B URL HTTP/1.1 amministrazionetrasparente.gssi.it/templates/protostarplus/js/template.js
IP 192.135.27.157:0
Hash 12700cb78b7baa4e9b55914f827f6248
27d16179e6b85e2ca20e004c881783f31fb87d32
678a058f3dac8c1c0566703029df803818c92ac6a7cf964f59be2db3c77b49e7
Analyzer Verdict Alert fortinet Malware
GET /templates/protostarplus/js/template.js HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Wed, 16 Aug 2017 14:53:20 GMT
ETag: "53c-556e00e8f0bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 577
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
amministrazionetrasparente.gssi.it/media/jui/js/jquery.min.js
192.135.27.157200 OK 34 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/media/jui/js/jquery.min.js
IP 192.135.27.157:0
File type ASCII text, with very long lines (32077)
Hash 90af67e8fd4d5ab0d104b28b82a5f9e3
0172e38010ebd25ebcb3f0a4094be0e20f72ac48
971b268c15450ab1dded5c1e8e7875660b086b2ca6c45a31ddfa82486b1d06d3
Analyzer Verdict Alert fortinet Malware
GET /media/jui/js/jquery.min.js HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Wed, 16 May 2018 11:10:14 GMT
ETag: "17b8b-56c50c35c60e0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 33760
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
amministrazionetrasparente.gssi.it/media/jui/js/jquery.ui.core.min.js
192.135.27.157200 OK 7.6 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/media/jui/js/jquery.ui.core.min.js
IP 192.135.27.157:0
File type ASCII text, with very long lines (20988)
Hash b12e89f1de64367008d57a8abc897bf5
05595c6fe91274d05980362ac86b643db0bc83e2
995908fbef28487d752c6e45b4e297193736c7a65077ee2764c99c606ba90390
Analyzer Verdict Alert fortinet Malware
GET /media/jui/js/jquery.ui.core.min.js HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Wed, 16 May 2018 11:10:14 GMT
ETag: "52de-56c50c35ed1e0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 7580
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
amministrazionetrasparente.gssi.it/modules/mod_accordeonck/assets/mod_accordeonck.js
192.135.27.157200 OK 1.9 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/modules/mod_accordeonck/assets/mod_accordeonck.js
IP 192.135.27.157:0
File type ASCII text, with very long lines (1838)
Hash 00a5fdbf1d34eb5ea054c01b85ccda75
4c2f4f2f4dde984bcaa046674edb1b21b525e402
0629db72687523ad41231e9dac04130cd5969b5065861d33d13769263cfa0004
Analyzer Verdict Alert fortinet Malware
GET /modules/mod_accordeonck/assets/mod_accordeonck.js HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Mon, 13 Mar 2017 11:31:35 GMT
ETag: "125e-54a9b0dc5b3c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 1887
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
amministrazionetrasparente.gssi.it/modules/mod_accordeonck/assets/jquery.easing.1.3.js
192.135.27.157200 OK 2.9 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/modules/mod_accordeonck/assets/jquery.easing.1.3.js
IP 192.135.27.157:0
File type Unicode text, UTF-8 text, with very long lines (1830)
Hash 275466cea17c99d3d400f624b75995f3
65c9c2c086a6cc7887f4cf6654e84553ecd47f94
95b6fa32a44c28a96fb99a02c83dca930ebea66768c1d86e95ff97cd6ed4e785
Analyzer Verdict Alert fortinet Malware
GET /modules/mod_accordeonck/assets/jquery.easing.1.3.js HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Mon, 13 Mar 2017 11:31:35 GMT
ETag: "26c4-54a9b0dc5b3c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 2940
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
amministrazionetrasparente.gssi.it/media/system/js/html5fallback.js
192.135.27.157200 OK 2.4 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/media/system/js/html5fallback.js
IP 192.135.27.157:0
File type Unicode text, UTF-8 text, with very long lines (6524), with no line terminators
Hash d43e8dddec43b5186ad1bfc836d5af98
79d82d33a759e8dd410d269ce20f7bd686a8154e
51ccd88320ecd916393e6e5d7b05d7a6ccdde19d7a64ce67cc5943c6174bdc9b
Analyzer Verdict Alert fortinet Malware
GET /media/system/js/html5fallback.js HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Wed, 16 May 2018 11:10:31 GMT
ETag: "1980-56c50c4649980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 2367
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
amministrazionetrasparente.gssi.it/modules/mod_jf_mobilemenu/assets/jquery.jf_multilevelpushmenu.min.js
192.135.27.157200 OK 6.4 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/modules/mod_jf_mobilemenu/assets/jquery.jf_multilevelpushmenu.min.js
IP 192.135.27.157:0
File type ASCII text, with very long lines (26656)
Hash 8935ec75308b2654f3998b5d7080ba37
568b42a1e8af06ff9101d985e9f854509572c06b
b8647afdf907bc5c794c5918e34e28ff3bc7c3bd8b2cfc314ebd92c996f7364d
Analyzer Verdict Alert fortinet Malware
GET /modules/mod_jf_mobilemenu/assets/jquery.jf_multilevelpushmenu.min.js HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Thu, 28 Sep 2017 07:50:52 GMT
ETag: "6930-55a3b2ad92f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 6373
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
amministrazionetrasparente.gssi.it/modules/mod_jf_mobilemenu/assets/jf_mm.min.js
192.135.27.157200 OK 2.0 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/modules/mod_jf_mobilemenu/assets/jf_mm.min.js
IP 192.135.27.157:0
File type ASCII text, with very long lines (3925), with CRLF line terminators
Hash d5ee146327ab4c1ed2657910a90689af
071f1b4a30a7f63cc7fc7944ee1360dc2b480e76
cdaccef941228291e4b6c83b3239aeee8b40ef392eea45c5c40e7bf4ba7a39b3
Analyzer Verdict Alert fortinet Malware
GET /modules/mod_jf_mobilemenu/assets/jf_mm.min.js HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Thu, 28 Sep 2017 07:50:52 GMT
ETag: "1089-55a3b2ad92f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 2000
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
amministrazionetrasparente.gssi.it/images/logo-gssi-new.png
192.135.27.157200 OK 24 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/images/logo-gssi-new.png
IP 192.135.27.157:0
File type PNG image data, 280 x 103, 8-bit/color RGBA, non-interlaced\012- data
Hash 79859467c0232136f09ac0ec57f5dae2
8bc0d68c029164b2d5f7e2c25b3ff288479e927a
25d8ef79d77f90544884c05ea219e9707a3a29eca2ab07f13023e1ead4af619a
GET /images/logo-gssi-new.png HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Mon, 13 Mar 2017 11:15:35 GMT
ETag: "5ec8-54a9ad4979460"
Accept-Ranges: bytes
Content-Length: 24264
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
amministrazionetrasparente.gssi.it/media/system/images/arrow.png
192.135.27.157200 OK 107 B URL HTTP/1.1 amministrazionetrasparente.gssi.it/media/system/images/arrow.png
IP 192.135.27.157:0
File type PNG image data, 9 x 9, 8-bit/color RGB, non-interlaced\012- data
Hash fabb7d983ab5d85e40a4cac217434f91
0f1affe3748426e03504d98b01f30eb402f70fa4
1f52c94170d531a2e706e6eba721d81bffc13847e1873592f729ff49acf58d4b
GET /media/system/images/arrow.png HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Wed, 16 May 2018 11:10:30 GMT
ETag: "6b-56c50c4516f40"
Accept-Ranges: bytes
Content-Length: 107
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
amministrazionetrasparente.gssi.it/modules/mod_accordeonck/assets/plus.png
192.135.27.157200 OK 794 B URL HTTP/1.1 amministrazionetrasparente.gssi.it/modules/mod_accordeonck/assets/plus.png
IP 192.135.27.157:0
File type PNG image data, 8 x 8, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f8805b66e1269db2018c0f9eb66c373
64f64fa121d2fe1b5a4a83e7a78582a4c57ef4ce
d7e7b9a803fb37ed56024380ca8547c29fba12b30bed5366e2913a90fc0c782f
GET /modules/mod_accordeonck/assets/plus.png HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Tue, 14 Mar 2017 09:22:16 GMT
ETag: "31a-54aad5d278d00"
Accept-Ranges: bytes
Content-Length: 794
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d9afe0ae0199aff69fefbe5a55490d31
126f648ad266469bf531b5c08f7f71a973d0eeb0
105d272d89fa39de018c77cb85f97c12af739243c6bf8172e2914217bd2efec5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 18:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
amministrazionetrasparente.gssi.it/media/jui/fonts/IcoMoon.woff
192.135.27.157200 OK 25 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/media/jui/fonts/IcoMoon.woff
IP 192.135.27.157:0
File type Web Open Font Format, CFF, length 25424, version 1.0\012- data
Hash 910a8fd387e6c5ac62dbe014dc131960
78d797741e92a0fb3094ad076dfd0ae8f1c36713
6d362fa22342a2d22cbe8d4472d2d11a8d0864310ee2e8e48ede3148465a609d
Analyzer Verdict Alert fortinet Malware
GET /media/jui/fonts/IcoMoon.woff HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/templates/protostarplus/css/template.css
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Wed, 16 May 2018 11:10:13 GMT
ETag: "6350-56c50c34c3440"
Accept-Ranges: bytes
Content-Length: 25424
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/font-woff
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://amministrazionetrasparente.gssi.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 18:53:39 GMT
expires: Tue, 14 Nov 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 603402
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
amministrazionetrasparente.gssi.it/templates/protostarplus/fonts/fontawesome-webfont.woff2?v=4.5.0
192.135.27.157404 Not Found 338 B URL HTTP/1.1 amministrazionetrasparente.gssi.it/templates/protostarplus/fonts/fontawesome-webfont.woff2?v=4.5.0
IP 192.135.27.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0f618967c23961536d7390ad63b60449
6bbe4dd70be29f280ddb41b7f25400fa7c7b7d8f
528cde7be790e2a0f85cbbfebae8c5b5b5dcf7e7053289e8673b142198667a72
Analyzer Verdict Alert fortinet Malware
GET /templates/protostarplus/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/templates/protostarplus/css/font-awesome.min.css
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Content-Length: 338
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d9afe0ae0199aff69fefbe5a55490d31
126f648ad266469bf531b5c08f7f71a973d0eeb0
105d272d89fa39de018c77cb85f97c12af739243c6bf8172e2914217bd2efec5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 18:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
amministrazionetrasparente.gssi.it/media/k2/assets/fonts/Simple-Line-Icons.ttf?v=2.2.2
192.135.27.157200 OK 53 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/media/k2/assets/fonts/Simple-Line-Icons.ttf?v=2.2.2
IP 192.135.27.157:0
File type TrueType Font data, 11 tables, 1st "OS/2", 18 names, Macintosh, type 1 string, simple-line-icons\012- data
Hash b2892aa62b0fb2c21c8d7700e2ef6e56
acb3e2b0f5ba11b8e4e43b7f73223ec048054861
937e59152189ecedb8688efcd8b927fc40d43b5c5225a05a25f4cf537ad8ca7c
Analyzer Verdict Alert fortinet Malware
GET /media/k2/assets/fonts/Simple-Line-Icons.ttf?v=2.2.2 HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/media/k2/assets/css/k2.fonts.css?v2.7.1
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Wed, 16 May 2018 11:10:44 GMT
ETag: "d078-56c50c52af6c0"
Accept-Ranges: bytes
Content-Length: 53368
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/font-sfnt
amministrazionetrasparente.gssi.it/modules/mod_accordeonck/assets/minus.png
192.135.27.157200 OK 726 B URL HTTP/1.1 amministrazionetrasparente.gssi.it/modules/mod_accordeonck/assets/minus.png
IP 192.135.27.157:0
File type PNG image data, 8 x 8, 8-bit/color RGBA, non-interlaced\012- data
Hash 9cfdbf58a381e034ea47f241e9d114f4
2914e6e8d41fe9e79ebbe2fc8caeb7abf45637a2
3be59d29896f8ce9eb4cf59c144a6dbc49294236c49d1f8d836ecb02a316a2ef
GET /modules/mod_accordeonck/assets/minus.png HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Tue, 14 Mar 2017 09:22:14 GMT
ETag: "2d6-54aad5d131aa0"
Accept-Ranges: bytes
Content-Length: 726
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
amministrazionetrasparente.gssi.it/templates/protostarplus/favicon.ico
192.135.27.157200 OK 3.3 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/templates/protostarplus/favicon.ico
IP 192.135.27.157:0
File type MS Windows icon resource - 1 icon, 32x32, 24 bits/pixel\012- data
Hash 37158999fb6153343bfa9d780ce9dc45
3d5105e0cc860a82126b1a16fe85751821b1bf1a
f4c5cd601571f3d810c52febae2d78875228dc20dfe6e852ef3122ccd7a4ef74
GET /templates/protostarplus/favicon.ico HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/index.php/performance/itemlist/category/54-piano-della-performance
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Fri, 15 Feb 2019 11:48:43 GMT
ETag: "cbe-581ed5b6291a0"
Accept-Ranges: bytes
Content-Length: 3262
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
amministrazionetrasparente.gssi.it/templates/protostarplus/fonts/fontawesome-webfont.woff?v=4.5.0
192.135.27.157404 Not Found 337 B URL HTTP/1.1 amministrazionetrasparente.gssi.it/templates/protostarplus/fonts/fontawesome-webfont.woff?v=4.5.0
IP 192.135.27.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6b1de1aa03c1c40a80bfffd9b73cf8e8
282b93700745d6690fe548f30c48573d7a78013a
ff71f7a808accd73d92999974bee5e6cf2ecad041f02d680e5a82edea85aa762
GET /templates/protostarplus/fonts/fontawesome-webfont.woff?v=4.5.0 HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/templates/protostarplus/css/font-awesome.min.css
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Content-Length: 337
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
amministrazionetrasparente.gssi.it/templates/protostarplus/fonts/fontawesome-webfont.ttf?v=4.5.0
192.135.27.157404 Not Found 336 B URL HTTP/1.1 amministrazionetrasparente.gssi.it/templates/protostarplus/fonts/fontawesome-webfont.ttf?v=4.5.0
IP 192.135.27.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1294a192f55f2c6200ac56927b210363
c1e23bd8cc7b478978beff3412d78977d3b21cc1
b66ae2ce18b4e3c10e08aef780fb31570120af4b676a55055c3d4b4cd708c0ed
Analyzer Verdict Alert fortinet Malware
GET /templates/protostarplus/fonts/fontawesome-webfont.ttf?v=4.5.0 HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/templates/protostarplus/css/font-awesome.min.css
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Content-Length: 336
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
amministrazionetrasparente.gssi.it/plugins/system/ns_fontawesome/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
192.135.27.157200 OK 77 kB URL HTTP/1.1 amministrazionetrasparente.gssi.it/plugins/system/ns_fontawesome/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 192.135.27.157:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /plugins/system/ns_fontawesome/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: amministrazionetrasparente.gssi.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://amministrazionetrasparente.gssi.it/plugins/system/ns_fontawesome/fontawesome/css/font-awesome.css
Cookie: 598a2a9f48b2b45b808aebb4c77ff7c7=mnm7pass3ls5hgapsduoruhig1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 18:36:08 GMT
Server: Apache
Last-Modified: Wed, 15 Mar 2017 09:29:01 GMT
ETag: "12d68-54ac1932982a0"
Accept-Ranges: bytes
Content-Length: 77160
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21154
Expires: Tue, 22 Nov 2022 00:22:56 GMT
Date: Mon, 21 Nov 2022 18:30:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21154
Expires: Tue, 22 Nov 2022 00:22:56 GMT
Date: Mon, 21 Nov 2022 18:30:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21154
Expires: Tue, 22 Nov 2022 00:22:56 GMT
Date: Mon, 21 Nov 2022 18:30:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9e0f5c07511d0f6ad0f2441db92797d
2dcc6187d7173ce741975ad4ec24435c9dcb0880
3c57bf58bab9d54dd152eb0260a203b1cb201a9e2d960f25a0cea685b539ea04
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5342
x-amzn-requestid: e396cea4-ddae-4b88-a73a-ceafb1e11620
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0b91EMLoAMFYYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63780d25-7f1187713f288a0c158508ea;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 22:54:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: PkFAourr7ixQ5NYcdMugerMxFTdCLgIAaBz6erANuppgzE2Tm4yVpA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 22:34:27 GMT
age: 71755
etag: "2dcc6187d7173ce741975ad4ec24435c9dcb0880"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: s1153EpshSWYGLcN7Zzzs4PgXl9cddZ20gTwh5bK2HOBu4e_PSNCpQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 05:19:29 GMT
age: 47453
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F645dc32f-cd66-4021-92e9-77c4eff2fa1f.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F645dc32f-cd66-4021-92e9-77c4eff2fa1f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96135f96986369533c0362367c1e6fd8
bc8b0612b79cb30817880fac9728318f837854b4
f4eab133baf21daae8b809966e8ffbe64a2414fd334538a226a2a39ab39c3d46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F645dc32f-cd66-4021-92e9-77c4eff2fa1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5045
x-amzn-requestid: 93295168-385b-4b26-92e0-65858db59541
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0PgfGfVoAMFjWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377f936-7d3d9e44191051f454bd53ca;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:29:26 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hYkfj6mcRyzHioX7RAjvhpITDBX_CXLhum92tHz6ilGAY2C0fNi48g==
via: 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 08:37:09 GMT
age: 35593
etag: "bc8b0612b79cb30817880fac9728318f837854b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23dd0640-fd46-469c-ae06-acb832cc4160.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23dd0640-fd46-469c-ae06-acb832cc4160.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 901093397261ec8888c61a6c88f8b7cd
1f07e8182159f68134776366e0bea78a130c5b85
9982e83a02d1595431c397a00a0a339067681fdbcb7538ca40ffd7138c7aa9f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23dd0640-fd46-469c-ae06-acb832cc4160.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11271
x-amzn-requestid: 144705ac-0cc1-46ba-a6a9-3942bf3c9433
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b61qlFriIAMF7oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637a9ca9-27e45603577195a2769b3fc3;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 21:31:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Qql-MEI9tkdxS-lGdnkBCB8h39ZgJBi7ODA2TMUYn8kqEjP8AjMCZg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 21:50:50 GMT
age: 74372
etag: "1f07e8182159f68134776366e0bea78a130c5b85"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff64f225f-d92d-42e1-a0cd-0b9c89e36291.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff64f225f-d92d-42e1-a0cd-0b9c89e36291.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a8070a1aa0d48b75c639fa24eec3d96
14a81b4e2bdcdcdd951aa6660dc640c0292a2109
70b29ce3872a0c46d8d0e61f2801df1a98c8ea6e516adb1c2fe1bdad35f654f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff64f225f-d92d-42e1-a0cd-0b9c89e36291.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9042
x-amzn-requestid: 02203d7e-e15a-40d8-a09e-c40299c6f332
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bu2bSH6xoAMF1FA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375d114-79f15fbc1c64941e54c6d5e3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 06:13:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YHoIX9fgjqNaOq_84IdURDMNigg62C8616_qky56Xx7ok4LJvvqEfw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 12:54:30 GMT
age: 20152
etag: "14a81b4e2bdcdcdd951aa6660dc640c0292a2109"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 79ccaf63b8e37223509518f540b26f54
fd48bd3737d35bc53a0ec4593c8769ea9fe1cc71
950ae082472515d39c9e3440cee399376e99840651ff04c4d2581951e44163de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9653
x-amzn-requestid: 43209d37-210a-4339-a6ba-9fb26349e6fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jZkHXqoAMFZog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c3d-66898b374a984c1b409c28ad;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eswxmUa59R-4pum8RNXKrKJg6g6tn17CnOpe4LZUPgEbvxfp9MzeDg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 21:41:31 GMT
age: 74931
etag: "fd48bd3737d35bc53a0ec4593c8769ea9fe1cc71"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2