santorotto.it/
46.37.14.198301 Moved Permanently 162 B IP 46.37.14.198:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Dec 2022 06:00:59 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://santorotto.it/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4034
Expires: Mon, 05 Dec 2022 07:08:13 GMT
Date: Mon, 05 Dec 2022 06:00:59 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2368
Cache-Control: max-age=104986
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 06:00:59 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:10:45 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 05:20:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2446
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15927
Expires: Mon, 05 Dec 2022 10:26:26 GMT
Date: Mon, 05 Dec 2022 06:00:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XXHcMdWD3ynbXXEGD7a+wljiEwZIb7O5bQe0ghNs0sGD0onVRc+AWSg3K5TMJxzG+z8HjvV7I0M=
x-amz-request-id: MX95V69M17N77ZNW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 05:47:17 GMT
age: 822
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:00:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ddeea63af59296fc6cca9c0f57157ee4
485830814b03d9d7658b279839023e4bddb760a3
e8ca721d169471dae30eda3d8edc4682b61c54175692d7ab7053dfde7335c8c9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8CA721D169471DAE30EDA3D8EDC4682B61C54175692D7AB7053DFDE7335C8C9"
Last-Modified: Sun, 04 Dec 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21502
Expires: Mon, 05 Dec 2022 11:59:22 GMT
Date: Mon, 05 Dec 2022 06:01:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 05:08:58 GMT
cache-control: public,max-age=3600
age: 3122
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2323
Cache-Control: max-age=99874
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 06:01:00 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:45:34 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.190.4101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.190.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: A4XGaWvZGwsK+lijspPnog==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iUiouXhOh/kRXbNhbovv4u7DiTM=
santorotto.it/wp-content/themes/betheme/style.css?ver=21.1.4
46.37.14.198200 OK 663 B URL HTTP/2 santorotto.it/wp-content/themes/betheme/style.css?ver=21.1.4
IP 46.37.14.198:0
Hash 8aaa8dbde849976dc8919c4ad64f4a85
be9700dba0a4a5be1a94796f792b566a1b0fa1ec
fb7c88c38c9e28d11b8119953f93f033727f27031c166a010c4c9348f2cb2177
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/style.css?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Thu, 12 Mar 2020 13:14:34 GMT
etag: W/"15e-5a0a82255f579"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/sitepress-multilingual-cms/res/flags/it.png
46.37.14.198200 OK 267 B URL HTTP/2 santorotto.it/wp-content/plugins/sitepress-multilingual-cms/res/flags/it.png
IP 46.37.14.198:0
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 9c6287bdf64843201af93ff1afbfac6c
a31d1f6a6dc624c02a6e7767bd9d5ad894c7cddb
85d05871f6315412de38a72c7164fd4917efba135ba06ed9972c502c1fd811ff
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/it.png HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: image/png
content-length: 267
x-accel-version: 0.01
last-modified: Thu, 12 Mar 2020 13:14:45 GMT
etag: "10b-5a0a822fae877"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/assets/animations/animations.min.css?ver=21.1.4
46.37.14.198200 OK 4.8 kB URL HTTP/2 santorotto.it/wp-content/themes/betheme/assets/animations/animations.min.css?ver=21.1.4
IP 46.37.14.198:0
File type ASCII text, with very long lines (58508), with no line terminators
Hash 97f344e2b4f4cfe9c53eeb6b0af1a5dd
b24aa7e6fb26658682f679326cd628b1af10ad0e
ed1ead19aa1adeaa9eecfe4607a2d4d9b49470f61d982bba8bd2da8101a86d4c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/assets/animations/animations.min.css?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-e48c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/uploads/2019/04/camere-hotel-santorotto-valdichiana-sinalunga-business.jpg
46.37.14.198301 Moved Permanently 162 B URL HTTP/1.1 santorotto.it/wp-content/uploads/2019/04/camere-hotel-santorotto-valdichiana-sinalunga-business.jpg
IP 46.37.14.198:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/uploads/2019/04/camere-hotel-santorotto-valdichiana-sinalunga-business.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Dec 2022 06:01:01 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://santorotto.it/wp-content/uploads/2019/04/camere-hotel-santorotto-valdichiana-sinalunga-business.jpg
santorotto.it/wp-content/uploads/2019/04/sinalunga-hotel-ristorante-santorotto-val-di-chiana.jpg
46.37.14.198301 Moved Permanently 162 B URL HTTP/1.1 santorotto.it/wp-content/uploads/2019/04/sinalunga-hotel-ristorante-santorotto-val-di-chiana.jpg
IP 46.37.14.198:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/uploads/2019/04/sinalunga-hotel-ristorante-santorotto-val-di-chiana.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Dec 2022 06:01:01 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://santorotto.it/wp-content/uploads/2019/04/sinalunga-hotel-ristorante-santorotto-val-di-chiana.jpg
santorotto.it/wp-content/uploads/2015/02/hotel_about.jpg
46.37.14.198301 Moved Permanently 162 B URL HTTP/1.1 santorotto.it/wp-content/uploads/2015/02/hotel_about.jpg
IP 46.37.14.198:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/uploads/2015/02/hotel_about.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Dec 2022 06:01:01 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://santorotto.it/wp-content/uploads/2015/02/hotel_about.jpg
santorotto.it/wp-content/uploads/2019/04/ristorante-hotel-santorotto-valdichiana-sinalunga-business.jpg
46.37.14.198301 Moved Permanently 162 B URL HTTP/1.1 santorotto.it/wp-content/uploads/2019/04/ristorante-hotel-santorotto-valdichiana-sinalunga-business.jpg
IP 46.37.14.198:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/uploads/2019/04/ristorante-hotel-santorotto-valdichiana-sinalunga-business.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Dec 2022 06:01:01 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://santorotto.it/wp-content/uploads/2019/04/ristorante-hotel-santorotto-valdichiana-sinalunga-business.jpg
santorotto.it/wp-content/uploads/2019/05/SANTOROTTO-logo.png
46.37.14.198301 Moved Permanently 162 B URL HTTP/1.1 santorotto.it/wp-content/uploads/2019/05/SANTOROTTO-logo.png
IP 46.37.14.198:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/uploads/2019/05/SANTOROTTO-logo.png HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Dec 2022 06:01:01 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://santorotto.it/wp-content/uploads/2019/05/SANTOROTTO-logo.png
santorotto.it/wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business-camera.jpg
46.37.14.198200 OK 247 kB URL HTTP/2 santorotto.it/wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business-camera.jpg
IP 46.37.14.198:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1800x1301, components 3\012- data
Size 247 kB (247013 bytes)
Hash b092ec371c3252723ef97d7d9bfe1e05
437290840b33d3e0cf2945454f3a73973a9fb16c
d1a0fb36e1ee99362526fa758398723fdfc0d7a8c5383ccee3953d42ea03c454
GET /wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business-camera.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: image/jpeg
content-length: 247013
last-modified: Thu, 12 Mar 2020 13:14:37 GMT
etag: "5e6a35bd-3c4e5"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
46.37.14.198200 OK 600 B URL HTTP/2 santorotto.it/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
IP 46.37.14.198:0
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 2878f64a0217a154e531853f6a822c65
ac7a53e9f53b9de8a344c38222e217d50d559b83
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: image/png
content-length: 600
x-accel-version: 0.01
last-modified: Thu, 12 Mar 2020 13:14:45 GMT
etag: "258-5a0a822fa407e"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
santorotto.it/wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business-colazione.jpg
46.37.14.198200 OK 490 kB URL HTTP/2 santorotto.it/wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business-colazione.jpg
IP 46.37.14.198:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1800x1254, components 3\012- data
Size 490 kB (490345 bytes)
Hash 40ea30adefa4abcccf44e872e4e6649c
ab2b24e7c86f44b5097d1d22338b105277bcfa8b
9b67aa5e374d543b1d32529772f020c6d11eaa935b6a63d632f8d3f8d1ff0975
GET /wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business-colazione.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: image/jpeg
content-length: 490345
last-modified: Thu, 12 Mar 2020 13:14:37 GMT
etag: "5e6a35bd-77b69"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
santorotto.it/wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business-ingresso-reception.jpg
46.37.14.198200 OK 456 kB URL HTTP/2 santorotto.it/wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business-ingresso-reception.jpg
IP 46.37.14.198:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1800x1350, components 3\012- data
Size 456 kB (455537 bytes)
Hash 25c1b9467605b6a24837ebd17d9e4de1
419d1e8741bc32d9b63423f7887fe802b4e8278b
4fdb0954cfd81df01b004f3bce64f9f7fae2ac1960f36479fc7a2f5577aed33a
GET /wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business-ingresso-reception.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: image/jpeg
content-length: 455537
last-modified: Thu, 12 Mar 2020 13:14:37 GMT
etag: "5e6a35bd-6f371"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 06:01:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
santorotto.it/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.8.1
46.37.14.198200 OK 19 kB URL HTTP/2 santorotto.it/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.8.1
IP 46.37.14.198:0
File type Unicode text, UTF-8 text, with very long lines (23514)
Hash 22eb3cfc66ed10fe3edd088ad2c82ed7
e8205774df7f7a3a8c72230940db29d784a0b2a6
1cf52320ede9d88f6fc98e68be79a9c12e43339f2ba04af7b76e4ee50047d37c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.8.1 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:26 GMT
etag: W/"5e6a35b2-5d17"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 06:01:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
santorotto.it/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
46.37.14.198200 OK 17 kB URL HTTP/2 santorotto.it/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
IP 46.37.14.198:0
File type ASCII text, with very long lines (2927)
Hash 5046ae8f1440f5097350b5581bb02401
38c81aff7ca6ab018c82fcb42d8a68dfd7c960ce
d70e3002d791df8dd00c001250f429829e129466ba24242aa1d1622630ed6b7a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-c46"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 06:01:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
santorotto.it/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
46.37.14.198200 OK 15 kB URL HTTP/2 santorotto.it/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
IP 46.37.14.198:0
File type ASCII text, with very long lines (6603)
Hash 01b17eb1edab5ed00c6986bde4d689a7
af47282a374b8f4814f66310ec6f20e8ae33c6eb
40a69edec118852cd0a8c9374a8451fd13bf23c1a7e3768b2167574a54a047f5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-1aab"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4
46.37.14.198200 OK 18 kB URL HTTP/2 santorotto.it/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4
IP 46.37.14.198:0
File type ASCII text, with very long lines (8339)
Hash d7872c91b8495b7f390c76ae3717c700
026c9ce4d9f093476c4f1e383b36945b553a254b
7064a9aef3b2bfda3d401ce0902986a76657d7787ad894d20b1c79329351cd08
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-2172"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
46.37.14.198200 OK 21 kB URL HTTP/2 santorotto.it/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
IP 46.37.14.198:0
File type ASCII text, with very long lines (11799)
Hash 1e955bd8db1be18c625415baf1bac9b3
f3779b1f2f469ad8ccb0a746ca91883a4b6b127b
8e13bbb8a56ed7673faae644d857522b15bcc75cd117c5e7c43538216fe61fde
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-2eec"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/css/base.css?ver=21.1.4
46.37.14.198200 OK 92 kB URL HTTP/2 santorotto.it/wp-content/themes/betheme/css/base.css?ver=21.1.4
IP 46.37.14.198:0
File type ASCII text, with very long lines (464)
Hash e9045406705c0876e9cbbee0097d0c4e
37c81b9e9ef55cb9280730fdd8f5fa0d34454b50
7111dc6b7c7b69905c844ad580e75c724af9c29a2f41dfaade81706882d0a5e4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/css/base.css?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-da6b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3
46.37.14.198200 OK 18 kB URL HTTP/2 santorotto.it/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3
IP 46.37.14.198:0
File type ASCII text, with very long lines (64614), with CRLF line terminators
Hash 76885f250d0f1213d5fc6ad7ee16f56f
abb696617810863ae3127e42b18ab3e3adf568dd
c3ddd39bf67f06df9689e8f2e8e722f6c2f51acb96d8b0e5e9f284202192e3ad
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-fdb5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/uploads/2019/04/camere-hotel-santorotto-valdichiana-sinalunga-business.jpg
46.37.14.198200 OK 37 kB URL HTTP/2 santorotto.it/wp-content/uploads/2019/04/camere-hotel-santorotto-valdichiana-sinalunga-business.jpg
IP 46.37.14.198:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x350, components 3\012- data
Hash 3800acd50b0dc79731a57b9ad3636772
4a93117f7e7b41a343b9e13eb2d646e4f64f3101
6acdb94bb64876c94ca9938af147bd17b423d9115bce70193e0e7969d34bae18
GET /wp-content/uploads/2019/04/camere-hotel-santorotto-valdichiana-sinalunga-business.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: image/jpeg
content-length: 36818
last-modified: Thu, 12 Mar 2020 13:14:36 GMT
etag: "5e6a35bc-8fd2"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=1.8.1
46.37.14.198200 OK 96 kB URL HTTP/2 santorotto.it/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=1.8.1
IP 46.37.14.198:0
Hash ee13f1d7c26d8fa85c844e87873d5aa4
5bd317e6e5bbf05e09d5b31499fd27b6f779236b
0394833deef79a255ad5d605563f3abf8586b62fce104263a8775a218bd156c3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=1.8.1 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:27 GMT
etag: W/"5e6a35b3-553f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=21.1.4
46.37.14.198200 OK 97 kB URL HTTP/2 santorotto.it/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=21.1.4
IP 46.37.14.198:0
File type ASCII text, with very long lines (365)
Hash 61e5ab491e7856e7ca951fadf333285a
41dc91ddff39cb323454b995d8438762f1a4640c
14cddf2f5f1f2c3c7de94adc54c8887af1efa9a3eec6f32b1a732ea385371d22
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-48eb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d744382.1918873474!2d11.193374576926434!3d43.21488080542298!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x132be1ad3e70e70d%3A0x6770b4ccd7c74897!2sHotel+Santorotto!5e0!3m2!1sit!2sit!4v1558702609816!5m2!1sit!2sit
142.250.74.132200 OK 1.4 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d744382.1918873474!2d11.193374576926434!3d43.21488080542298!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x132be1ad3e70e70d%3A0x6770b4ccd7c74897!2sHotel+Santorotto!5e0!3m2!1sit!2sit!4v1558702609816!5m2!1sit!2sit
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2426)
Hash 433c37aa60a53eb20974abb2926ed505
11b52a50b5420937ad98faeabcf005dfe1aa26c0
cdb4a5ca0d48110fad8c15ac3d4ad2f5bccf087ceffa3144770ce4dc7df93d79
GET /maps/embed?pb=!1m18!1m12!1m3!1d744382.1918873474!2d11.193374576926434!3d43.21488080542298!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x132be1ad3e70e70d%3A0x6770b4ccd7c74897!2sHotel+Santorotto!5e0!3m2!1sit!2sit!4v1558702609816!5m2!1sit!2sit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 06:01:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-JOMPhgNQpesG7BiDfQIh_g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1361
x-xss-protection: 0
server-timing: gfet4t7; dur=190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/css/responsive.css?ver=21.1.4
46.37.14.198200 OK 102 kB URL HTTP/2 santorotto.it/wp-content/themes/betheme/css/responsive.css?ver=21.1.4
IP 46.37.14.198:0
File type ASCII text, with very long lines (612)
Size 102 kB (102142 bytes)
Hash 9c1370b905df82a757577764c684f8ff
ec9b6dc6fb4cbe4831299c51c4953383a830f985
0725df5a599ec0ffeaf11c3acc40c01bb60eade8390421bec8d7041f63afe386
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/css/responsive.css?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-dceb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
46.37.14.198200 OK 9.7 kB URL HTTP/2 santorotto.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 46.37.14.198:0
File type ASCII text, with very long lines (9959)
Hash cadf76547e3661ac8cb59f256e8eda8f
ccc37a522bc66050b7624dfd3d0c5da0e057efd4
8cf249dcdc25235ceb8d63d98d49d8168207f6120be5652771e2786742aab16a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:43 GMT
etag: W/"5e6a35c3-2748"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 06:01:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
santorotto.it/wp-content/themes/betheme/images/favicon.ico
46.37.14.198200 OK 5.4 kB URL HTTP/2 santorotto.it/wp-content/themes/betheme/images/favicon.ico
IP 46.37.14.198:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 9d1b031ca1395a94a6886087e245cb7b
f3f85d209c8f92593b568197814f0f0fcee45ad7
b47275b5b6878455d8937e95b32301f17c3caf0a233be8e864e9dc07493806f1
GET /wp-content/themes/betheme/images/favicon.ico HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: image/vnd.microsoft.icon
content-length: 5430
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: "5e6a35b9-1536"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8
46.37.14.198200 OK 64 kB URL HTTP/2 santorotto.it/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8
IP 46.37.14.198:0
File type ASCII text, with very long lines (28818), with CRLF line terminators
Hash cb84e30b4c717f0ee2438292c446eb05
5afa28090b367f16e6c8da2a9dc329e64e58278c
8a049fad04e830db4f2a4fe0988e1d75f060961c2c8382f1167bd8f36e14165a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://santorotto.it/
Cookie: cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-718e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.8.1
46.37.14.198200 OK 4.4 kB URL HTTP/2 santorotto.it/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.8.1
IP 46.37.14.198:0
Hash 3ef33a7295456b6dca866eacec40322c
bb5a34e74e0202656c4d64faa54a5325318b0017
070923ff044ee7f08002710db40dfafd61fbcd04d629601e8b808d706565ad49
GET /wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.8.1 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:26 GMT
etag: W/"5e6a35b2-583f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/
46.37.14.198200 OK 22 kB IP 46.37.14.198:0
File type HTML document, ASCII text, with very long lines (36614)
Hash 9bad6f1d73fe120f47de94dba8393781
035526c38d658bc1527661d96ecaa896c7d3d141
14b73910fb6f14d6a22e4cfd528e2106a57ecd87a674f402229450b6eba32153
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:00 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14401
Expires: Mon, 05 Dec 2022 10:01:03 GMT
Date: Mon, 05 Dec 2022 06:01:02 GMT
Connection: keep-alive
santorotto.it/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=1.8.1
46.37.14.198200 OK 4.2 kB URL HTTP/2 santorotto.it/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=1.8.1
IP 46.37.14.198:0
Hash 9d0875a2fc52b0a10392311719acd6f1
9f049519bae438e270320a69b6d9b5c8da3206fc
4b369b9ca75b799cf65b9a258bafe65a124259a5a268672f2b9e885dc58f4e55
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=1.8.1 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:27 GMT
etag: W/"5e6a35b3-5c22"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14401
Expires: Mon, 05 Dec 2022 10:01:03 GMT
Date: Mon, 05 Dec 2022 06:01:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8e6f84dff61fedd8ff9baa9bb648883
f8d5cc7b315879b66a11b403463da1330617d2fa
025c66a4a0e7927353e1733d7f8cfb6ec3c9c0228d34267cbff11f09cf112127
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12348
x-amzn-requestid: 72f681ef-9ae7-4fc5-8539-230e1d4277a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKa_HpTIAMFrcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abddf-43ef45165fd982997e5018c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:09:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGsNaADKr1KoJT7rxDSFf8dxM1_IXsaF67Eqe8DIO9PAJy8HtqQKng==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 04:17:03 GMT
age: 6239
etag: "f8d5cc7b315879b66a11b403463da1330617d2fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c36448c65274ebbe1eb21e3bf02385e
e03cf1c7c2ec15b3cc50d9c54bebbf81aa08cf28
6f17788a394f1305755805a1b92117b1c1a03a1e3a075cb97a0da5184d574553
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6430
x-amzn-requestid: ae2ec151-d383-4554-9ac2-3d204701251c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_ttFDKoAMFp0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1324-15aebb1a06253068472a6ab0;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kYXmy10msfeWdDYgvq0PXyGpy9UJyQkSLAhR_Q5PQMllJPXOOTnalw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:53 GMT
age: 29709
etag: "e03cf1c7c2ec15b3cc50d9c54bebbf81aa08cf28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b8e1482-c241-410e-81b0-55ea5ac84c98.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b8e1482-c241-410e-81b0-55ea5ac84c98.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 50eeb012f0903f0848c8afcd6b26a7ec
ff7740d3c12ce7ab23291272221c0d9503f9c139
f4aeac45941c34d8e0794d20a4bb2658b020fed85c5059f247844f2755bc9d72
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b8e1482-c241-410e-81b0-55ea5ac84c98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7631
x-amzn-requestid: 9fc3a621-dcd9-4332-b085-6cda0cb25ac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYF2toAMFVkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-36f6c7d67940ed18394328c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dl8jhq0YETppiEYYnJeap1IgU8-xFLAUnsleTdG1EZMwZfHmDaQQQg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:25:28 GMT
age: 9334
etag: "ff7740d3c12ce7ab23291272221c0d9503f9c139"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
santorotto.it/wp-includes/css/dist/block-library/style.min.css?ver=5.1.15
46.37.14.198200 OK 9.2 kB URL HTTP/2 santorotto.it/wp-includes/css/dist/block-library/style.min.css?ver=5.1.15
IP 46.37.14.198:0
File type ASCII text, with very long lines (25245), with no line terminators
Hash 43b79abdb50e9ebf99786f1434df9561
5fc4811f8398013698db28e346a74baa119b41eb
8afda26cff88dc8d19c7a62bd6425e541b1f559c79428d47c9829256e68195c8
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.1.15 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: text/css
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-629d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 28681
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99d1ff8fa2e095dcf2bda3d1e1af1221
f914f04a0e1fb45a221d31d2105bfc73015b03e6
90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10183
x-amzn-requestid: 0cdea572-aab4-4d52-948b-976170a787a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uLHQZoAMF4hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1327-7948052f39c4f6071b4a0e0d;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Vhtd0Bo5kTQySEn0vD_RJin0usoC7GQvK74fhVtrtZNEy64_vrWQNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:46 GMT
age: 29716
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
46.37.14.198200 OK 79 kB URL HTTP/2 santorotto.it/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
IP 46.37.14.198:0
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash 037b228d17ed16160147c0d63c37eb42
24166264fef998ed2c3e1e4e2b1e04e02241d36a
3a13f1e5a4da434d9109b041ef3415b0a4e971bc3a949b7ca50ca7c0cb712c75
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-9b8c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/revslider/public/assets/assets/loader.gif
46.37.14.198200 OK 2.5 kB URL HTTP/2 santorotto.it/wp-content/plugins/revslider/public/assets/assets/loader.gif
IP 46.37.14.198:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 4b3afb84b2b71ef56df09997a350bd04
accdac8a7abeab0e21c49539aad0a973addb28ef
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
Cookie: cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:02 GMT
content-type: image/gif
content-length: 2545
last-modified: Thu, 12 Mar 2020 13:14:30 GMT
etag: "5e6a35b6-9f1"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
santorotto.it/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4
46.37.14.198200 OK 76 kB URL HTTP/2 santorotto.it/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4
IP 46.37.14.198:0
File type HTML document, ASCII text, with very long lines (24607)
Hash 44f87c7fd63113ca35ed25d42abfeeb3
80314bb2822ec96a9ff56e6701bf6a824bcccb7b
8f9837dcc6a8f9e48e48ce5819e8ab4a161e1f012066156961cd8681651e08fa
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-60fc"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 383227
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37b58bb09c00b591c2819c89e371d927
aa487f4a7767cb4591fe620592da65bde90c0aa2
9b7791d79d1e9702c23e63450d556e7f1f287f4d02788fc147822c1d90f64657
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9825
x-amzn-requestid: 1ab366f4-78f2-4aaa-af7b-aa203c2d8234
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_1ZE23IAMFnhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1355-35c7b5bb6e4623e93900810c;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qJYTPoArDEx6lR34nZ3DPCAtuWr2lW5qybqaGAu1gSQVdfRq8zlhOg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:57:03 GMT
age: 29045
etag: "aa487f4a7767cb4591fe620592da65bde90c0aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/js/parallax/translate3d.js?ver=21.1.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/themes/betheme/js/parallax/translate3d.js?ver=21.1.4
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/js/parallax/translate3d.js?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:34 GMT
etag: W/"5e6a35ba-1228"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A1%2C100%2C300%2C400%2C400italic%2C700%7CPatua+One%3A1%2C100%2C300%2C400%2C400italic%2C700&ver=5.1.15
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A1%2C100%2C300%2C400%2C400italic%2C700%7CPatua+One%3A1%2C100%2C300%2C400%2C400italic%2C700&ver=5.1.15
IP 142.250.74.74:0
GET /css?family=Roboto%3A1%2C100%2C300%2C400%2C400italic%2C700%7CPatua+One%3A1%2C100%2C300%2C400%2C400italic%2C700&ver=5.1.15 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 06:01:01 GMT
date: Mon, 05 Dec 2022 06:01:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.8.1
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.8.1
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.8.1 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:26 GMT
etag: W/"5e6a35b2-1e970"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
IP 46.37.14.198:0
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-f59"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-1afe4"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-includes/js/jquery/jquery.js?ver=1.12.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:43 GMT
etag: W/"5e6a35c3-17a69"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-includes/js/wp-embed.min.js?ver=5.1.15
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-includes/js/wp-embed.min.js?ver=5.1.15
IP 46.37.14.198:0
GET /wp-includes/js/wp-embed.min.js?ver=5.1.15 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-56f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.1.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.1.4
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-71e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/css/shortcodes.css?ver=21.1.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/themes/betheme/css/shortcodes.css?ver=21.1.4
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/css/shortcodes.css?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-2171e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/js/menu.js?ver=21.1.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/themes/betheme/js/menu.js?ver=21.1.4
IP 46.37.14.198:0
GET /wp-content/themes/betheme/js/menu.js?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:34 GMT
etag: W/"5e6a35ba-98d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-includes/js/comment-reply.min.js?ver=5.1.15
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-includes/js/comment-reply.min.js?ver=5.1.15
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/comment-reply.min.js?ver=5.1.15 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-870"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:26 GMT
etag: W/"5e6a35b2-1cb35"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business.jpg
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business.jpg
IP 46.37.14.198:0
GET /wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: image/jpeg
content-length: 437857
last-modified: Thu, 12 Mar 2020 13:14:37 GMT
etag: "5e6a35bd-6ae61"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
santorotto.it/wp-includes/js/wp-emoji-release.min.js?ver=5.1.15
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-includes/js/wp-emoji-release.min.js?ver=5.1.15
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.1.15 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-2eaf"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/css/layout.css?ver=21.1.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/themes/betheme/css/layout.css?ver=21.1.4
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/css/layout.css?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-1ca47"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/js/scripts.js?ver=21.1.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/themes/betheme/js/scripts.js?ver=21.1.4
IP 46.37.14.198:0
GET /wp-content/themes/betheme/js/scripts.js?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:34 GMT
etag: W/"5e6a35ba-10971"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=21.1.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=21.1.4
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-266a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/js/plugins.js?ver=21.1.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/themes/betheme/js/plugins.js?ver=21.1.4
IP 46.37.14.198:0
GET /wp-content/themes/betheme/js/plugins.js?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:34 GMT
etag: W/"5e6a35ba-2f7c3"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.1.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.1.4
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 06:01:01 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-cd96"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2