jqr.psicologoroma.lazio.it/
104.21.49.108200 OK 6.3 kB URL User Request GET HTTP/2 jqr.psicologoroma.lazio.it/
IP 104.21.49.108:443
Certificate IssuerGoogle Trust Services LLC
Subjectpsicologoroma.lazio.it
Fingerprint7F:9B:CB:52:33:5F:E7:F0:98:A4:BC:B9:01:60:4C:01:D4:74:5D:77
ValidityWed, 24 May 2023 09:03:15 GMT - Tue, 22 Aug 2023 09:03:14 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6654), with no line terminators
Hash bd6c2a8d1bf801df09cf558149896ef4
30777b9189dfb0e61e15387dea592f3c07d91a56
cf699e46d92f6a6cb3be3697d8c4cecffaa7cdb00d35f81f225bc0ce700e9a03
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: jqr.psicologoroma.lazio.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 16:28:16 GMT
content-type: text/html; charset=UTF-8
set-cookie: antibot_uid=7c488d85daecc2bf18f4f49ac0fc0392; expires=Tue, 28-May-2024 16:28:16 GMT; Max-Age=31536000; path=/
antibot_country=NO; expires=Thu, 08-Jun-2023 16:28:16 GMT; Max-Age=864000; path=/
antibot_lang=en; expires=Thu, 08-Jun-2023 16:28:16 GMT; Max-Age=864000; path=/
antibot_ptr=s919042154.blix.com; expires=Thu, 08-Jun-2023 16:28:16 GMT; Max-Age=864000; path=/
x-robots-tag: noindex
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate
link: <https://antibotcloud.com/antibot7.php>; rel=dns-prefetch
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSTkcmUF44t%2BHEGFIFZIAdtMIqZ1n4oaelfFXRXfYEKfQGAdoVDFw%2F4r%2B99i4Iy8kB1SBdXaCFwRtC72Y11UN2ejBVEQlBIbgaV7xNh%2ByA5cdCIGteAWgb1BWf5viCzuzCST%2B44wkBWYJG65XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf01c09ae31b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
antibotcloud.com/antibot7.php
188.114.97.1200 OK 13 B URL POST HTTP/2 antibotcloud.com/antibot7.php
IP 188.114.97.1:443
Requested by https://jqr.psicologoroma.lazio.it/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint86:63:A6:F6:44:54:1F:35:37:4C:3C:C7:E4:A8:C6:76:82:03:93:9B
ValidityFri, 21 Oct 2022 00:00:00 GMT - Sat, 21 Oct 2023 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 5c4574a44f4bf7f3182c54196a07ca7d
105d72e5960cb824dcd1c28e1106c109d4371a6e
cdac7c5f2417fa82236003401e02fc42fc757c42e0d1f3177e5ec291998024ad
POST /antibot7.php HTTP/1.1
Host: antibotcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded;
Content-Length: 311
Origin: https://jqr.psicologoroma.lazio.it
DNT: 1
Connection: keep-alive
Referer: https://jqr.psicologoroma.lazio.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 16:28:16 GMT
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate
vary: Accept-Encoding
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-allow-headers: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gAtDduIqa9R8FP9WtjJdJAkuufwhGBSxZSUd7rWOsTIvgo9ebbukTSjkOSGhEgchrMrFDfCWPVCwXF2%2FyLSgAR%2FnJHvEbPpVHkbX2IH27hTqP2WuoOT3muCzu8V%2FLV0kcFwX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf01c0d2e0fb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
jqr.psicologoroma.lazio.it/favicon.ico
104.21.49.108200 OK 23 kB URL GET HTTP/3 jqr.psicologoroma.lazio.it/favicon.ico
IP 104.21.49.108:443
Requested by https://jqr.psicologoroma.lazio.it/
Certificate IssuerGoogle Trust Services LLC
Subjectpsicologoroma.lazio.it
Fingerprint7F:9B:CB:52:33:5F:E7:F0:98:A4:BC:B9:01:60:4C:01:D4:74:5D:77
ValidityWed, 24 May 2023 09:03:15 GMT - Tue, 22 Aug 2023 09:03:14 GMT
File type MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel\012- data
Hash 5ce0167c6fdc85c76015b498256f47fd
b293005c6bba3d4cc57ba207f865d1ad5d07a5fe
7623ba1b33d9a292896967f0f58b6eb30aac246b20281936fe346cc727686ea9
GET /favicon.ico HTTP/1.1
Host: jqr.psicologoroma.lazio.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jqr.psicologoroma.lazio.it/
DNT: 1
Connection: keep-alive
Cookie: antibot_uid=7c488d85daecc2bf18f4f49ac0fc0392; antibot_country=NO; antibot_lang=en; antibot_ptr=s919042154.blix.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 29 May 2023 16:28:17 GMT
content-type: image/x-icon
last-modified: Mon, 13 Mar 2023 17:27:32 GMT
etag: W/"640f5d04-5b57"
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4Rq0uOJ%2BvAPTa09yKeVqGTHvFDJg1LL2A01xztZVnGAo5G3WE9OJHMLf6II5FApbhUdYwDiA8Oj0tEliUzOiQ6UDOV%2F7hVj6t2lWcUOPzuY4oSVZB9FEqSAOjiCLDYqNUPZJhMZhrqvo0gCpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf01c0d6a780afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400