info.ciampinobus.com/
185.136.89.218301 Moved Permanently 162 B IP 185.136.89.218:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 26 Mar 2023 06:18:18 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://info.ciampinobus.com/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20821
Expires: Sun, 26 Mar 2023 12:05:19 GMT
Date: Sun, 26 Mar 2023 06:18:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8020
Expires: Sun, 26 Mar 2023 08:31:58 GMT
Date: Sun, 26 Mar 2023 06:18:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 26 Mar 2023 06:15:33 GMT
content-type: application/json
age: 165
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1313ee2f06606d09c45b06ff9e8e1001
285ca89d1d3ea45d35832bc6d9827f834b3bfe21
63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15138
Expires: Sun, 26 Mar 2023 10:30:36 GMT
Date: Sun, 26 Mar 2023 06:18:18 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: L8y8PDVDOfi1l16hoOH5dc1Z71HMBOEDKp81Ip5IvHUzCNYTSRjDrT8MzZLmEOaFFCdadDiuuGc=
x-amz-request-id: 1WCFE7KZY9P19TRB
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 26 Mar 2023 05:55:12 GMT
age: 1386
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:18 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 26 Mar 2023 06:17:24 GMT
age: 55
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1cfb742f711e722fb971fe73409f4614
600458073c6c0346db3d51421d7a40df2e4ed209
aebf1a5a0a529d233b1763a0e6557d22501e4157098f4f65ef24868922df5f84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEBF1A5A0A529D233B1763A0E6557D22501E4157098F4F65EF24868922DF5F84"
Last-Modified: Thu, 23 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21587
Expires: Sun, 26 Mar 2023 12:18:06 GMT
Date: Sun, 26 Mar 2023 06:18:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 70300b32357c46f3448d567189b64cb3
6ba66a5cf63cdbfeaec59b936151cc812bac56df
5a2b4f9fc5ebaa8062058bf68eae75fc28e06c6ef6a0e79c3c761c1d92f81cb9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A2B4F9FC5EBAA8062058BF68EAE75FC28E06C6EF6A0E79C3C761C1D92F81CB9"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15305
Expires: Sun, 26 Mar 2023 10:33:24 GMT
Date: Sun, 26 Mar 2023 06:18:19 GMT
Connection: keep-alive
push.services.mozilla.com/
54.149.229.221101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.229.221:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: e0sBmSneezkO+CAGjmEiDQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: G3y8Xn000ne3/Ae0lsuQUsjpGBg=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 63ca8c4e17e0b692d1829cd62b9af3af
d0bbecbe0b93ea21026898dbd13edee5fc071cb2
1208545ecf01edb7bcef0b3c288d9edd34d2034c7404ba68a64c2ef251cb42f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Mar 2023 06:18:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 63ca8c4e17e0b692d1829cd62b9af3af
d0bbecbe0b93ea21026898dbd13edee5fc071cb2
1208545ecf01edb7bcef0b3c288d9edd34d2034c7404ba68a64c2ef251cb42f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Mar 2023 06:18:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7532
Expires: Sun, 26 Mar 2023 08:23:52 GMT
Date: Sun, 26 Mar 2023 06:18:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7532
Expires: Sun, 26 Mar 2023 08:23:52 GMT
Date: Sun, 26 Mar 2023 06:18:20 GMT
Connection: keep-alive
info.ciampinobus.com/
185.136.89.218200 OK 23 kB IP 185.136.89.218:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (49644)
Hash 7c281d7e521cf3186fff5054a217eb25
a7727aed3a01678b2e5c5b08736afeee00391876
55edd9629b07af4948f333e6eb7f5ea51112acbc97fd8f9ac28d1175e132fc37
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/html; charset=UTF-8
link: <https://info.ciampinobus.com/wp-json/>; rel="https://api.w.org/", <https://info.ciampinobus.com/wp-json/wp/v2/pages/200>; rel="alternate"; type="application/json", <https://info.ciampinobus.com/>; rel=shortlink
set-cookie: vchideactivationmsg_vc11=6.8.0
x-powered-by: PHP/7.3.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe0a145a-86f7-4b1e-b358-642fa12ca205.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe0a145a-86f7-4b1e-b358-642fa12ca205.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10516a123390334c320d8773ea821dc9
2fc3d5240bebf7f3bd842cc6492529751340cd50
1c37df0c0a20975f417624558d414b2d983cb94e1ad3ba1f3925b4dfdb380cba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe0a145a-86f7-4b1e-b358-642fa12ca205.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3448
x-amzn-requestid: 3e8be4b7-166b-4f0b-9d45-ec9d65900fd2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1soGkMIAMF1SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6983-7bbb03ed537b36ac30a1eb69;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:07 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: jXhFg-xyl5QYNjV6NJumkmm-IUOEqiN3_evPa2LFN4UBDuhx6OWjKg==
via: 1.1 6af36c6902a46beec743522a9bbb3ab0.cloudfront.net (CloudFront), 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:07 GMT
etag: "2fc3d5240bebf7f3bd842cc6492529751340cd50"
content-type: image/jpeg
age: 31273
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/js/slick.min.js?ver=1.0
185.136.89.218200 OK 16 kB URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/js/slick.min.js?ver=1.0
IP 185.136.89.218:0
File type ASCII text, with very long lines (42862)
Hash b04df9ed1e1394c4a788ae6682a142a6
34f6fec0743096f9a0589a602b98cef48006d14d
934e9457473f661b5b56ffeaba2d62e16236ecc9034f4938e28631b1919ddd3e
GET /wp-content/themes/metamax/js/slick.min.js?ver=1.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: application/javascript
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-a76f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.8.0
185.136.89.218200 OK 15 kB URL HTTP/2 info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.8.0
IP 185.136.89.218:0
File type Unicode text, UTF-8 text, with very long lines (8853)
Hash 5aaa0b9d494f8c3aebf09f2315535a43
47c229a733a58ff4afb21496b3781e0d7c1ec991
421ddb9a2cdbdbd2a28c2118f59dc1e6627d6d0e64cf53f03c554cef4ca62876
GET /wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.8.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 10:15:05 GMT
etag: W/"620ccea9-2415"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/fonts/flaticon/flaticon.css?ver=6.1.1
185.136.89.218200 OK 7.4 kB URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/fonts/flaticon/flaticon.css?ver=6.1.1
IP 185.136.89.218:0
Hash 4ad12b040b81a809019f788c8f90c2db
8396da47dc256411d0c82ca06392bb4cee83239d
5c8f01d4063205f6bf571749b2c77139986871abe7966672c87563fc8eea3357
GET /wp-content/themes/metamax/fonts/flaticon/flaticon.css?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-1d72"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
185.136.89.218200 OK 15 kB URL HTTP/2 info.ciampinobus.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 185.136.89.218:0
File type ASCII text, with very long lines (15660)
Hash a719b1c7502a245eecfd31601fe40463
271e78cb3699306e63484dbb4b8fab2a976910ea
7dbf6802417a5f3a42075804dc2f359602d1a49ce555caf04ab4bd2b6d22a765
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: application/javascript
last-modified: Wed, 25 May 2022 03:39:03 GMT
etag: W/"628da4d7-48b9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ec08d4bd079a92161fc80f41281b5a9
bf61369962342cce85de8f48942b4b150fd2721e
8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3589
x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1uyE2joAMF50g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: pjRA439kqSg5daR_Zuvsf2l45R4oqv3AMWNiMCGQ_C5o2KA8kEd3TQ==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:21 GMT
etag: "bf61369962342cce85de8f48942b4b150fd2721e"
content-type: image/jpeg
age: 31259
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/uploads/logo-1_03ec011b1_450.png
185.136.89.218200 OK 62 kB URL HTTP/2 info.ciampinobus.com/wp-content/uploads/logo-1_03ec011b1_450.png
IP 185.136.89.218:0
File type PNG image data, 1004 x 283, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b3f5dd5e58ded6a3295a2a15fa72420
78bd7b9f491f10016784af476a61351b4044479c
61dda81bcf0aa216bcd69babe6d99de6e88585045b2d6d0be58a4b7ebf690ea1
GET /wp-content/uploads/logo-1_03ec011b1_450.png HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: image/png
content-length: 62547
last-modified: Tue, 22 Sep 2020 09:04:14 GMT
etag: "5f69be0e-f453"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b644abd1d83faa6f0327486dae33b18d
cb745aa55db6976159ef31ff8835e2b26fd32109
784e1b0a41a50629890a6fd6f58beb9f3a6eb5ba56aa35c671e5217d839aeeac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Mar 2023 06:18:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.8.0
185.136.89.218200 OK 12 kB URL HTTP/2 info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.8.0
IP 185.136.89.218:0
File type ASCII text, with very long lines (56243)
Hash 0d81c7f32295dc12e575b5b971902e68
a4417c63875988e67d7a20acd7afa5a12a679393
bf2107ecf1b4ba448a5047184fda019551541ccc81ed24221cd4e8efc0fec01d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.8.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 10:15:04 GMT
etag: W/"620ccea8-dc69"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/cws-megamenu/assets/js/cws_megamenu_front.js?ver=6.1.1
185.136.89.218200 OK 1.9 kB URL HTTP/2 info.ciampinobus.com/wp-content/plugins/cws-megamenu/assets/js/cws_megamenu_front.js?ver=6.1.1
IP 185.136.89.218:0
Hash aa8cb16f9cb7dc6edf899cb21bb9d8a1
12dc8aabbf82623a2c27bbb87816c5c1a55ca3df
752f003bee0832fdee1d351b28893d7997a473605051450444ac5378e2449398
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cws-megamenu/assets/js/cws_megamenu_front.js?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: application/javascript
last-modified: Mon, 13 Jul 2020 17:20:17 GMT
etag: W/"5f0c97d1-162a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/rubik/v26/iJWKBXyIfDnIV7nBrXw.woff2
216.58.207.227200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v26/iJWKBXyIfDnIV7nBrXw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 33868, version 1.0\012- data
Hash a55fefd02b25a2cb141efe2d17776d60
ba132269410be55bbd81032011d5904ceb33bc64
e5b4655e2fac9e5887dfc63e54a5ea312f8779ad2a4316765a690c5177ef1acc
GET /s/rubik/v26/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://info.ciampinobus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33868
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:46 GMT
expires: Sat, 23 Mar 2024 10:26:46 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Mar 2023 21:37:56 GMT
content-type: font/woff2
age: 157895
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b644abd1d83faa6f0327486dae33b18d
cb745aa55db6976159ef31ff8835e2b26fd32109
784e1b0a41a50629890a6fd6f58beb9f3a6eb5ba56aa35c671e5217d839aeeac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Mar 2023 06:18:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
216.58.207.227200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://info.ciampinobus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:27:11 GMT
expires: Sat, 23 Mar 2024 10:27:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
age: 157870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/uploads/logo-1_00fa00460_450.png
185.136.89.218200 OK 13 kB URL HTTP/2 info.ciampinobus.com/wp-content/uploads/logo-1_00fa00460_450.png
IP 185.136.89.218:0
File type PNG image data, 248 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash b92dae2891a6a5b392b79837fb1a6ef6
ad9e390c1b535ed6451d8749d3cad055f11e137e
e41b7997558606299a25ac8ab2c2d3c65fcdc5595dcf2871759aa228ad54f72d
GET /wp-content/uploads/logo-1_00fa00460_450.png HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: image/png
content-length: 13259
last-modified: Tue, 22 Sep 2020 09:06:45 GMT
etag: "5f69bea5-33cb"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/uploads/logo-dark-1_07d802371_451.png
185.136.89.218200 OK 90 kB URL HTTP/2 info.ciampinobus.com/wp-content/uploads/logo-dark-1_07d802371_451.png
IP 185.136.89.218:0
File type PNG image data, 2008 x 567, 8-bit/color RGBA, non-interlaced\012- data
Hash 3862fad7d1b34a0f4efd82929cbf34b7
c3719879a7704132d9a5af4ff346b2edbad15b01
3d8ef98555076cb94d8da013b7f25de9e1f505cca5e05a7d574f3caa7cb9ad87
GET /wp-content/uploads/logo-dark-1_07d802371_451.png HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: image/png
content-length: 89629
last-modified: Tue, 22 Sep 2020 09:06:47 GMT
etag: "5f69bea7-15e1d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b644abd1d83faa6f0327486dae33b18d
cb745aa55db6976159ef31ff8835e2b26fd32109
784e1b0a41a50629890a6fd6f58beb9f3a6eb5ba56aa35c671e5217d839aeeac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Mar 2023 06:18:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
info.ciampinobus.com/wp-content/themes/metamax/fonts/cws-iconpack/Flaticon.woff2
185.136.89.218200 OK 28 kB URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/fonts/cws-iconpack/Flaticon.woff2
IP 185.136.89.218:0
File type Web Open Font Format (Version 2), TrueType, length 28524, version 1.0\012- data
Hash 9ea7e687e990ed77db419dec2fb34df4
0e1d6ed823aeeb0b7bbbc9459ed7a2cc2ca688c0
304bc94b0a82879653e1c883b29df76e1afe331437ad9ee090b0d7627d6a185d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/metamax/fonts/cws-iconpack/Flaticon.woff2 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://info.ciampinobus.com/wp-content/themes/metamax/fonts/cws-iconpack/flaticon.css?ver=6.1.1
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:20 GMT
content-type: font/woff2
content-length: 28524
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: "5f0c97b1-6f6c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/tablepress/js/jquery.datatables.min.js?ver=2.1
185.136.89.218200 OK 104 kB URL HTTP/2 info.ciampinobus.com/wp-content/plugins/tablepress/js/jquery.datatables.min.js?ver=2.1
IP 185.136.89.218:0
File type Unicode text, UTF-8 text, with very long lines (65450)
Size 104 kB (104326 bytes)
Hash b8b606ea28eda93d5da0826a76fabdaa
82a4078b01c77495d462b6f7a85a74ca32b77412
5a908409bf459f302b50187844c2da56a30a3c44506b97524d6e0dac435127aa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/tablepress/js/jquery.datatables.min.js?ver=2.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: application/javascript
last-modified: Wed, 22 Mar 2023 16:55:35 GMT
etag: W/"641b3307-15337"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2
185.136.89.218200 OK 14 kB URL HTTP/2 info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2
IP 185.136.89.218:0
File type Web Open Font Format (Version 2), TrueType, length 13564, version 330.32636\012- data
Hash e7d4bfa72a1f7d352fa6605501a3e2f2
afd94b571eff9da7d85490bdb4c9874419cd260d
d144631af733437b73fba8e784ab694a97fab80476e82325f7a58f6408b28850
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.8.0
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:20 GMT
content-type: font/woff2
content-length: 13564
last-modified: Wed, 16 Feb 2022 10:15:04 GMT
etag: "620ccea8-34fc"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/js_composer/assets/css/lib/vc-entypo/fonts/vc_entypo.woff
185.136.89.218200 OK 45 kB URL HTTP/2 info.ciampinobus.com/wp-content/plugins/js_composer/assets/css/lib/vc-entypo/fonts/vc_entypo.woff
IP 185.136.89.218:0
File type Web Open Font Format, TrueType, length 45152, version 1.0\012- data
Hash 5460a9ba11448e34f332f25e72dc16df
9729b28b6872d971935ff58f460cf3c26dcb7380
434d5a30d2359d95efc266dbe0fffcac2c1846e133d4713bebb7c337bdfb84ce
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/css/lib/vc-entypo/fonts/vc_entypo.woff HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://info.ciampinobus.com/wp-content/plugins/js_composer/assets/css/lib/vc-entypo/vc_entypo.min.css?ver=6.8.0
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:20 GMT
content-type: application/font-woff
content-length: 45152
last-modified: Wed, 16 Feb 2022 10:15:05 GMT
etag: "620ccea9-b060"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/uploads/ciampino-bus-shuttle-station.jpg
185.136.89.218200 OK 135 kB URL HTTP/2 info.ciampinobus.com/wp-content/uploads/ciampino-bus-shuttle-station.jpg
IP 185.136.89.218:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x600, components 3\012- data
Size 135 kB (135079 bytes)
Hash 3d2c456eb55fae5ed1aa041b99760017
8d091fa0088535cfb6c2839b980edccd5436a9d8
93c9e5ae74d39eaae98a76e6960419e1386ed70cbe9aa336aba36fd897dc1988
GET /wp-content/uploads/ciampino-bus-shuttle-station.jpg HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:20 GMT
content-type: image/jpeg
content-length: 135079
last-modified: Mon, 13 Jul 2020 19:58:53 GMT
etag: "5f0cbcfd-20fa7"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/uploads/gwpf_icon/favicon.ico
185.136.89.218200 OK 68 kB URL HTTP/2 info.ciampinobus.com/wp-content/uploads/gwpf_icon/favicon.ico
IP 185.136.89.218:0
File type MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel\012- data
Hash b5bf6a901d4a308c8bc82e4f4d2a37ba
ad0424a4913641dd9c899b295dd8e178371c70f8
f72270552591fefa13463676ba0af297bbc09599dd11c635981757de1343ccc0
GET /wp-content/uploads/gwpf_icon/favicon.ico HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0; pll_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:21 GMT
content-type: image/vnd.microsoft.icon
content-length: 67646
last-modified: Fri, 25 Sep 2020 09:07:09 GMT
etag: "5f6db33d-1083e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/uploads/cabecera_rya-1536x364.png
185.136.89.218200 OK 682 kB URL HTTP/2 info.ciampinobus.com/wp-content/uploads/cabecera_rya-1536x364.png
IP 185.136.89.218:0
File type PNG image data, 1536 x 364, 8-bit/color RGBA, non-interlaced\012- data
Size 682 kB (682386 bytes)
Hash 840d6777c97091954dee64d7ae18eea5
bec2b8ae7420328dd344d7ac5b661069441af739
3c3849f32f8d92519e01229445a0127aef0947b3f81f8a04e0f06d7b35468487
GET /wp-content/uploads/cabecera_rya-1536x364.png HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:20 GMT
content-type: image/png
content-length: 682386
last-modified: Mon, 13 Jul 2020 18:47:25 GMT
etag: "5f0cac3d-a6992"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/style.css?ver=6.1.1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/style.css?ver=6.1.1
IP 185.136.89.218:0
GET /wp-content/themes/metamax/style.css?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"318-5aa55e5a08e40"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.3
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.3
IP 185.136.89.218:0
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.3 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: application/javascript
last-modified: Tue, 03 Dec 2019 15:09:50 GMT
etag: W/"5de67abe-4307e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: application/javascript
last-modified: Wed, 09 Dec 2020 04:55:08 GMT
etag: W/"5fd058ac-2bd8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 04:55:02 GMT
etag: W/"63746d26-172a9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/css/select2.css?ver=1.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/css/select2.css?ver=1.0
IP 185.136.89.218:0
GET /wp-content/themes/metamax/css/select2.css?ver=1.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-44de"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 185.136.89.218:0
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: application/javascript
last-modified: Mon, 14 Nov 2022 10:24:00 GMT
etag: W/"63721740-15e54"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.8.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.8.0
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.8.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 10:15:05 GMT
etag: W/"620ccea9-caa8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/js/jquery.easing.1.3.min.js?ver=1.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/js/jquery.easing.1.3.min.js?ver=1.0
IP 185.136.89.218:0
GET /wp-content/themes/metamax/js/jquery.easing.1.3.min.js?ver=1.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: application/javascript
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-1b37"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/cws-essentials//assets/css/main.css?ver=6.1.1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/cws-essentials//assets/css/main.css?ver=6.1.1
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cws-essentials//assets/css/main.css?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Mon, 13 Jul 2020 17:20:17 GMT
etag: W/"290-5aa55e788d640"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/uploads/js_composer/custom.css?ver=6.8.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/uploads/js_composer/custom.css?ver=6.8.0
IP 185.136.89.218:0
GET /wp-content/uploads/js_composer/custom.css?ver=6.8.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Wed, 16 Feb 2022 10:15:13 GMT
etag: W/"3c-5d81fecdc4e40"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/js_composer/assets/css/lib/vc-entypo/vc_entypo.min.css?ver=6.8.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/js_composer/assets/css/lib/vc-entypo/vc_entypo.min.css?ver=6.8.0
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/css/lib/vc-entypo/vc_entypo.min.css?ver=6.8.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 10:15:05 GMT
etag: W/"620ccea9-33a0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/cws-svgicons/cwssvgi_f.css?ver=6.1.1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/cws-svgicons/cwssvgi_f.css?ver=6.1.1
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cws-svgicons/cwssvgi_f.css?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Mon, 13 Jul 2020 17:20:17 GMT
etag: W/"63-5aa55e788d640"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/fonts/font-awesome/font-awesome.css?ver=1.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/fonts/font-awesome/font-awesome.css?ver=1.0
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/metamax/fonts/font-awesome/font-awesome.css?ver=1.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-116e1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/cws-essentials/assets/js/ajax_plugin.js?ver=6.1.1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/cws-essentials/assets/js/ajax_plugin.js?ver=6.1.1
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cws-essentials/assets/js/ajax_plugin.js?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: application/javascript
last-modified: Mon, 13 Jul 2020 17:20:17 GMT
etag: W/"5f0c97d1-ab85"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/cws-svgicons/cwssvgi_f.js?ver=1.5.4
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/cws-svgicons/cwssvgi_f.js?ver=1.5.4
IP 185.136.89.218:0
GET /wp-content/plugins/cws-svgicons/cwssvgi_f.js?ver=1.5.4 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: application/javascript
last-modified: Mon, 13 Jul 2020 17:20:17 GMT
etag: W/"5f0c97d1-526"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/js/scripts.js?ver=1.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/js/scripts.js?ver=1.0
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/metamax/js/scripts.js?ver=1.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: application/javascript
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-1b40f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/css/jquery.fancybox.css?ver=1.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/css/jquery.fancybox.css?ver=1.0
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/metamax/css/jquery.fancybox.css?ver=1.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-137f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.5.1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.5.1
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.5.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: application/javascript
last-modified: Fri, 24 Mar 2023 14:24:04 GMT
etag: W/"641db284-2801"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/cws-essentials/assets/js/simple-likes-public.js?ver=0.5
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/cws-essentials/assets/js/simple-likes-public.js?ver=0.5
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cws-essentials/assets/js/simple-likes-public.js?ver=0.5 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: application/javascript
last-modified: Mon, 13 Jul 2020 17:20:17 GMT
etag: W/"5f0c97d1-534"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.8.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.8.0
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.8.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 10:15:05 GMT
etag: W/"620ccea9-76891"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.8.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.8.0
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.8.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 10:15:04 GMT
etag: W/"620ccea8-4e9c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/css/main.css?ver=6.1.1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/css/main.css?ver=6.1.1
IP 185.136.89.218:0
GET /wp-content/themes/metamax/css/main.css?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-a56d0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/tablepress/css/build/default.css?ver=2.1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/tablepress/css/build/default.css?ver=2.1
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/tablepress/css/build/default.css?ver=2.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
last-modified: Wed, 22 Mar 2023 16:55:35 GMT
etag: W/"641b3307-17c7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.5.1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.5.1
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.5.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: application/javascript
last-modified: Fri, 24 Mar 2023 14:24:04 GMT
etag: W/"641db284-328f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-includes/css/classic-themes.min.css?ver=1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-includes/css/classic-themes.min.css?ver=1
IP 185.136.89.218:0
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Mon, 14 Nov 2022 10:24:00 GMT
etag: W/"d9-5ed6ba34dda28"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.5.1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.5.1
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.5.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
last-modified: Fri, 24 Mar 2023 14:24:04 GMT
etag: W/"641db284-b2b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.3
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.3
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.3 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
last-modified: Tue, 03 Dec 2019 15:09:50 GMT
etag: W/"5de67abe-e1a2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/css/animate.css?ver=1.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/css/animate.css?ver=1.0
IP 185.136.89.218:0
GET /wp-content/themes/metamax/css/animate.css?ver=1.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-11ced"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/fonts/cws-iconpack/flaticon.css?ver=6.1.1
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/fonts/cws-iconpack/flaticon.css?ver=6.1.1
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/metamax/fonts/cws-iconpack/flaticon.css?ver=6.1.1 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-1ceb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: application/javascript
last-modified: Tue, 03 Dec 2019 15:09:50 GMT
etag: W/"5de67abe-24ca1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Rubik%3A300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%7CRubik%3Aregular%7CNunito%3Aregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin&ver=6.1.1
172.217.21.170200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Rubik%3A300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%7CRubik%3Aregular%7CNunito%3Aregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin&ver=6.1.1
IP 172.217.21.170:0
GET /css?family=Rubik%3A300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%7CRubik%3Aregular%7CNunito%3Aregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 26 Mar 2023 06:18:20 GMT
date: Sun, 26 Mar 2023 06:18:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/themes/metamax/js/sticky_sidebar.js?ver=1.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/themes/metamax/js/sticky_sidebar.js?ver=1.0
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/metamax/js/sticky_sidebar.js?ver=1.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: application/javascript
last-modified: Mon, 13 Jul 2020 17:19:45 GMT
etag: W/"5f0c97b1-3a49"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.8.0
185.136.89.218200 OK 0 B URL HTTP/2 info.ciampinobus.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.8.0
IP 185.136.89.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.8.0 HTTP/1.1
Host: info.ciampinobus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://info.ciampinobus.com/
Cookie: vchideactivationmsg_vc11=6.8.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 06:18:19 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 10:15:04 GMT
etag: W/"620ccea8-865f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2