mariovalente.it/Rechnung-Bestellung-97866
35.214.179.6301 Moved Permanently 261 B URL HTTP/1.1 mariovalente.it/Rechnung-Bestellung-97866
IP 35.214.179.6:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 16bbc35122dee8e8e0729c7324ef3fab
34b985c5fea23e8452a9721e44c39b1e3b4a0883
8b149c4ac66a4beb0df23693514f23af55d5d3a1bfc7da87288ac56e231be056
Analyzer Verdict Alert fortinet Malware
GET /Rechnung-Bestellung-97866 HTTP/1.1
Host: mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 29 Nov 2022 21:15:58 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 261
Connection: keep-alive
Location: https://www.mariovalente.it/Rechnung-Bestellung-97866
Host-Header: 6b7412fb82ca5edfd0917e3957f05d89
X-Proxy-Cache: MISS
X-Proxy-Cache-Info: 0301 NC:000000 UP:
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10906
Expires: Wed, 30 Nov 2022 00:17:44 GMT
Date: Tue, 29 Nov 2022 21:15:58 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 964
Content-Type: text/html
Date: Tue, 29 Nov 2022 21:15:58 GMT
Etag: "638650c5-37"
Last-Modified: Tue, 29 Nov 2022 18:34:45 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 55
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13006
Expires: Wed, 30 Nov 2022 00:52:44 GMT
Date: Tue, 29 Nov 2022 21:15:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 20:19:38 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3380
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8TXYb4Z3qklBBjL8XNEcDfp/FkHlWGvmSqbfiM2PgRkp6XJhcveWvafIWCbRhpqJrVvdVxhaR7o=
x-amz-request-id: MQZKZDSA2215YPQ8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 20:44:57 GMT
age: 1861
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 21:11:13 GMT
cache-control: public,max-age=3600
age: 286
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3631
Cache-Control: max-age=132680
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 21:15:59 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:07:19 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 21:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mariovalente.it/wp-includes/css/classic-themes.min.css?ver=1
35.214.179.6200 OK 617 B URL HTTP/2 www.mariovalente.it/wp-includes/css/classic-themes.min.css?ver=1
IP 35.214.179.6:0
Hash 485d693c953ad7648eee4aa0cd34bbe2
4fad1001b4f9f022b76105e73e3f5a623360a71f
fe54295439e9ad74c48fdbc2c6e33e4b4dafe833179d6a3fb1228257e38bcff7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Thu, 03 Nov 2022 11:09:08 GMT
vary: Accept-Encoding
etag: W/"6363a154-d9"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.191.251.76101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.251.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: x35dCY77Y7Dj7JqMxefogA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FMsOkvLiIkMVHsEWH5PJT0uXGhs=
www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/backend/resources/js/moment.min.js?ver=21.2
35.214.179.6200 OK 150 kB URL HTTP/2 www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/backend/resources/js/moment.min.js?ver=21.2
IP 35.214.179.6:0
File type ASCII text, with very long lines (32010)
Size 150 kB (149549 bytes)
Hash 16a2d8362b610281f2a1b56fc102fe44
d72bec0ab0d59f5c45fa028369ceb6d0d680b9e9
fa179ea1350f3d3945765e5bc653009210b8e8764958ec9300d9ac0583305a7d
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/backend/resources/js/moment.min.js?ver=21.2 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Mon, 10 Oct 2022 14:00:54 GMT
vary: Accept-Encoding
etag: W/"63442596-8a57"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/picker.date.js?ver=21.2
35.214.179.6200 OK 81 kB URL HTTP/2 www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/picker.date.js?ver=21.2
IP 35.214.179.6:0
File type ASCII text, with very long lines (12685)
Hash 84c089dce9e0852f76abf5c67d489262
b50dad4e699fc0fb16b86592955d6f98ba3cbc12
0820769e7b6b0267315f3c86533d19155a049f9c675106fe4faca592a85213c7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/picker.date.js?ver=21.2 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Mon, 10 Oct 2022 14:00:54 GMT
vary: Accept-Encoding
etag: W/"63442596-31ec"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.30
35.214.179.6200 OK 263 kB URL HTTP/2 www.mariovalente.it/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.30
IP 35.214.179.6:0
File type ASCII text, with very long lines (64288)
Size 263 kB (262990 bytes)
Hash 441c1d0eb67d054543ee83e5c9e6976e
940c37e42f4a2e015273db35df5bf043417eeb93
40c862dc2b676bd2ba68806c6d70cc76110e3d551c9c577275b7564bbe15f5d7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.30 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:04:42 GMT
vary: Accept-Encoding
etag: W/"6315bbaa-5fa2e"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/bookly-addon-pro/frontend/modules/customer_profile/resources/js/customer-profile.js?ver=5.5
35.214.179.6200 OK 902 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/bookly-addon-pro/frontend/modules/customer_profile/resources/js/customer-profile.js?ver=5.5
IP 35.214.179.6:0
Hash 8920a4a16f25e2f4f3106e398813143c
f1d2e5d16f24ba00f60d161a45d51550c804e6d8
596e41468d95501729d502c61e72fe7245f228cf5a2e0a1fb893353f531c6c65
GET /wp-content/plugins/bookly-addon-pro/frontend/modules/customer_profile/resources/js/customer-profile.js?ver=5.5 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Sun, 16 Oct 2022 02:26:59 GMT
vary: Accept-Encoding
etag: W/"634b6bf3-533"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
35.214.179.6200 OK 63 kB URL HTTP/2 www.mariovalente.it/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
IP 35.214.179.6:0
File type ASCII text, with very long lines (45108)
Hash 34c0b8ae472925e9ea0bde95da252b28
1255494b34427439526d89cf18398b94d065b864
e76adcc4744fd3c7f56bd634a21ca04745b0beb9b85897993d69078ff0617029
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:04:42 GMT
vary: Accept-Encoding
etag: W/"6315bbaa-1f69c"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/bookly.min.js?ver=21.2
35.214.179.6200 OK 42 kB URL HTTP/2 www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/bookly.min.js?ver=21.2
IP 35.214.179.6:0
File type Unicode text, UTF-8 text, with very long lines (35176), with NEL line terminators
Hash 6b8aa72b0bc85bb2b2fdf6dc1953cdf4
3f132487768f6bf7601f957b62a97b33e68561e7
ab988bdad6606a239a09669fd8a3845ea843f0f728e89681cfa77a569b702172
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/bookly.min.js?ver=21.2 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Mon, 10 Oct 2022 14:00:54 GMT
vary: Accept-Encoding
etag: W/"63442596-23659"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/picker.js?ver=21.2
35.214.179.6200 OK 27 kB URL HTTP/2 www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/picker.js?ver=21.2
IP 35.214.179.6:0
File type ASCII text, with very long lines (8031)
Hash 750356ac76e35408596f878fa0853b62
f81fd0e2b92d89975abea68a5b0ef26cc87af02d
6daaaacfef9f0598403a722b542d4407ce604003a477e169d282a995c85c7705
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/picker.js?ver=21.2 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Mon, 10 Oct 2022 14:00:54 GMT
vary: Accept-Encoding
etag: W/"63442596-1fee"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.time.js?ver=2.5.1
35.214.179.6200 OK 7.9 kB URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.time.js?ver=2.5.1
IP 35.214.179.6:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash ad4eba169a9d563d79602e4768666e45
a9a530815d8d02e63220a12ee94c49a11f6389af
e1c3ba42370e72f27ec6a44c133b99d9494b3c92bb8accc0c725c3e5627dd4ac
GET /wp-content/plugins/ultimate-member/assets/js/pickadate/picker.time.js?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-80df"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/uploads/fbrfg/apple-touch-icon.png
35.214.179.6200 OK 14 kB URL HTTP/2 www.mariovalente.it/wp-content/uploads/fbrfg/apple-touch-icon.png
IP 35.214.179.6:0
File type PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Hash 041f62bdb0393aa39252274347000574
255e2710550408e6d6ee79a8a6d23bf95f710484
e502b8e58b583e816982865667f9281699dba4598c2fb5626e6b8b82af9718e0
GET /wp-content/uploads/fbrfg/apple-touch-icon.png HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:16:00 GMT
content-type: image/png
content-length: 14209
last-modified: Mon, 04 Oct 2021 21:02:22 GMT
etag: "615b6bde-3781"
expires: Wed, 29 Nov 2023 21:16:00 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/uploads/fbrfg/favicon-16x16.png
35.214.179.6200 OK 1.1 kB URL HTTP/2 www.mariovalente.it/wp-content/uploads/fbrfg/favicon-16x16.png
IP 35.214.179.6:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash e021281ea5766fd75c03620b1208827d
82ea46d461283a40f7f8fef4b93e198ea70e12a5
1aceccac7380896154de36aea0557eb806ea45575a798416572f2821973b449b
GET /wp-content/uploads/fbrfg/favicon-16x16.png HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:16:00 GMT
content-type: image/png
content-length: 1095
last-modified: Mon, 04 Oct 2021 21:02:22 GMT
etag: "615b6bde-447"
expires: Wed, 29 Nov 2023 21:16:00 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8470
Expires: Tue, 29 Nov 2022 23:37:10 GMT
Date: Tue, 29 Nov 2022 21:16:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8470
Expires: Tue, 29 Nov 2022 23:37:10 GMT
Date: Tue, 29 Nov 2022 21:16:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8470
Expires: Tue, 29 Nov 2022 23:37:10 GMT
Date: Tue, 29 Nov 2022 21:16:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8470
Expires: Tue, 29 Nov 2022 23:37:10 GMT
Date: Tue, 29 Nov 2022 21:16:00 GMT
Connection: keep-alive
www.mariovalente.it/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
35.214.179.6200 OK 5.5 kB URL HTTP/2 www.mariovalente.it/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
IP 35.214.179.6:0
File type ASCII text, with very long lines (1626)
Hash 0cb0ac8e1ffe91b3feabd1ba3ab31eaf
a284e689b374ae862c4d3985298ee59b2328583f
d3bc54c24fdf0a2f162305d1d279e2c2bbb363b8ccfae7daad09017a1ed4ace1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Sun, 09 Apr 2017 07:46:58 GMT
vary: Accept-Encoding
etag: W/"58e9e6f2-71b"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/themes/Impreza/css/style.min.css?ver=8.10
35.214.179.6200 OK 72 kB URL HTTP/2 www.mariovalente.it/wp-content/themes/Impreza/css/style.min.css?ver=8.10
IP 35.214.179.6:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1413aa6bfbf47729e6174608764ef353
c25d3ed0f95300a9f846112e642dbfba5d555a8a
3db407d58279b7ff81b46a4d85e36dc59d3e10a87b69199a11e331a9e635c6dd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Impreza/css/style.min.css?ver=8.10 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Tue, 23 Aug 2022 10:28:35 GMT
vary: Accept-Encoding
etag: W/"6304abd3-66e7b"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/bookly-main.css?ver=21.2
35.214.179.6200 OK 16 kB URL HTTP/2 www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/bookly-main.css?ver=21.2
IP 35.214.179.6:0
Hash c6efdff9d12270e2d76ba756a4cbf574
4fab585252541c7fc5dd67adfeb92d13be95b084
b4ed180b0f4365abda5ead847ed1f21b6242e3994bd8d3c5f8119a9d5178e4e2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/bookly-main.css?ver=21.2 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Mon, 10 Oct 2022 14:00:54 GMT
vary: Accept-Encoding
etag: W/"63442596-92bb"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:01:55 GMT
age: 83645
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:49:50 GMT
age: 59170
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/intlTelInput.css?ver=21.2
35.214.179.6200 OK 7.4 kB URL HTTP/2 www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/intlTelInput.css?ver=21.2
IP 35.214.179.6:0
File type ASCII text, with very long lines (20761), with no line terminators
Hash e629aa91e62ce7776e5b9ce22a955c0c
d2cb9480596f760e90771ea99a3f322444e45989
9ad015b6ca36301e7a6bd8eadc1dc1293ed228ca95566ef812fa67f203df8c14
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/intlTelInput.css?ver=21.2 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Mon, 10 Oct 2022 14:00:54 GMT
vary: Accept-Encoding
etag: W/"63442596-5119"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-conditional.min.js?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-conditional.min.js?ver=2.5.1
IP 35.214.179.6:0
GET /wp-content/plugins/ultimate-member/assets/js/um-conditional.min.js?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-2604"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-functions.min.js?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-functions.min.js?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/um-functions.min.js?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-3908"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-fonticons-fa.css?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-fonticons-fa.css?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/um-fonticons-fa.css?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-7519"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-crop.min.js?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-crop.min.js?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/um-crop.min.js?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-4287"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-jquery-form.min.js?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-jquery-form.min.js?ver=2.5.1
IP 35.214.179.6:0
GET /wp-content/plugins/ultimate-member/assets/js/um-jquery-form.min.js?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-38f9"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-fileupload.js?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-fileupload.js?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/um-fileupload.js?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-2658"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/picker.classic.css?ver=21.2
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/picker.classic.css?ver=21.2
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/picker.classic.css?ver=21.2 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Mon, 10 Oct 2022 14:00:54 GMT
vary: Accept-Encoding
etag: W/"63442596-66f"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-crop.css?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-crop.css?ver=2.5.1
IP 35.214.179.6:0
GET /wp-content/plugins/ultimate-member/assets/css/um-crop.css?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-10fa"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-account.css?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-account.css?ver=2.5.1
IP 35.214.179.6:0
GET /wp-content/plugins/ultimate-member/assets/css/um-account.css?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-118c"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-raty.min.js?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-raty.min.js?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/um-raty.min.js?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-23ae"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-responsive.min.js?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-responsive.min.js?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/um-responsive.min.js?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-dd"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-profile.min.js?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-profile.min.js?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/um-profile.min.js?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-adb"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 35.214.179.6:0
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 23:21:37 GMT
vary: Accept-Encoding
etag: W/"63757081-172a9"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-misc.css?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-misc.css?ver=2.5.1
IP 35.214.179.6:0
GET /wp-content/plugins/ultimate-member/assets/css/um-misc.css?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-871"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Fri, 27 May 2022 10:59:22 GMT
vary: Accept-Encoding
etag: W/"6290af0a-48b9"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/themes/Impreza/js/us.core.min.js?ver=8.10
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/themes/Impreza/js/us.core.min.js?ver=8.10
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Impreza/js/us.core.min.js?ver=8.10 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Tue, 23 Aug 2022 10:28:35 GMT
vary: Accept-Encoding
etag: W/"6304abd3-2c3ba"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-includes/js/wp-util.min.js?ver=6.1.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-includes/js/wp-util.min.js?ver=6.1.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 11:09:08 GMT
vary: Accept-Encoding
etag: W/"6363a154-592"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-tipsy.min.js?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-tipsy.min.js?ver=2.5.1
IP 35.214.179.6:0
GET /wp-content/plugins/ultimate-member/assets/js/um-tipsy.min.js?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-110e"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/backend/resources/bootstrap/css/bootstrap.min.css?ver=21.2
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/backend/resources/bootstrap/css/bootstrap.min.css?ver=21.2
IP 35.214.179.6:0
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/backend/resources/bootstrap/css/bootstrap.min.css?ver=21.2 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Mon, 10 Oct 2022 14:00:54 GMT
vary: Accept-Encoding
etag: W/"63442596-43262"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/pickadate/default.time.css?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/pickadate/default.time.css?ver=2.5.1
IP 35.214.179.6:0
GET /wp-content/plugins/ultimate-member/assets/css/pickadate/default.time.css?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-9ef"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/spin.min.js?ver=21.2
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/spin.min.js?ver=21.2
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/spin.min.js?ver=21.2 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Mon, 10 Oct 2022 14:00:54 GMT
vary: Accept-Encoding
etag: W/"63442596-10b5"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-gdpr.min.js?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-gdpr.min.js?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/um-gdpr.min.js?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-1a0"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/hammer.min.js?ver=21.2
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/hammer.min.js?ver=21.2
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/hammer.min.js?ver=21.2 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Mon, 10 Oct 2022 14:00:54 GMT
vary: Accept-Encoding
etag: W/"63442596-4d09"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/select2/select2.full.min.js?ver=4.0.13
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/select2/select2.full.min.js?ver=4.0.13
IP 35.214.179.6:0
GET /wp-content/plugins/ultimate-member/assets/js/select2/select2.full.min.js?ver=4.0.13 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-1356d"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-includes/js/underscore.min.js?ver=1.13.4
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-includes/js/underscore.min.js?ver=1.13.4
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 11:09:08 GMT
vary: Accept-Encoding
etag: W/"6363a154-4991"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/select2/select2.min.css?ver=4.0.13
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/select2/select2.min.css?ver=4.0.13
IP 35.214.179.6:0
GET /wp-content/plugins/ultimate-member/assets/css/select2/select2.min.css?ver=4.0.13 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-3a77"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-modal.css?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-modal.css?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/um-modal.css?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-e92"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/pickadate/default.date.css?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/pickadate/default.date.css?ver=2.5.1
IP 35.214.179.6:0
GET /wp-content/plugins/ultimate-member/assets/css/pickadate/default.date.css?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-1779"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-fonticons-ii.css?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-fonticons-ii.css?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/um-fonticons-ii.css?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-a14a"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/jquery.hammer.min.js?ver=21.2
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/jquery.hammer.min.js?ver=21.2
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/jquery.hammer.min.js?ver=21.2 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Mon, 10 Oct 2022 14:00:54 GMT
vary: Accept-Encoding
etag: W/"63442596-3db"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-account.min.js?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-account.min.js?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/um-account.min.js?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-afc"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-scripts.min.js?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-scripts.min.js?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/um-scripts.min.js?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-3073"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-fileupload.css?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-fileupload.css?ver=2.5.1
IP 35.214.179.6:0
GET /wp-content/plugins/ultimate-member/assets/css/um-fileupload.css?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-e9f"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/simplebar.css?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/simplebar.css?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/simplebar.css?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-faa"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-modal.min.js?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/um-modal.min.js?ver=2.5.1
IP 35.214.179.6:0
GET /wp-content/plugins/ultimate-member/assets/js/um-modal.min.js?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-149d"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-includes/js/imagesloaded.min.js?ver=4.1.4
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Tue, 02 Mar 2021 08:20:59 GMT
vary: Accept-Encoding
etag: W/"603df56b-15fd"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/ladda.min.css?ver=21.2
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/ladda.min.css?ver=21.2
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/ladda.min.css?ver=21.2 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Mon, 10 Oct 2022 14:00:54 GMT
vary: Accept-Encoding
etag: W/"63442596-23e0"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.date.js?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.date.js?ver=2.5.1
IP 35.214.179.6:0
GET /wp-content/plugins/ultimate-member/assets/js/pickadate/picker.date.js?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-c1bb"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-styles.css?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-styles.css?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/um-styles.css?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-627b"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/pickadate/default.css?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/pickadate/default.css?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/pickadate/default.css?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-f52"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-responsive.css?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-responsive.css?ver=2.5.1
IP 35.214.179.6:0
GET /wp-content/plugins/ultimate-member/assets/css/um-responsive.css?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-3241"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/pickadate/translations/it_IT.js?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/pickadate/translations/it_IT.js?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/pickadate/translations/it_IT.js?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-3b1"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-profile.css?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-profile.css?ver=2.5.1
IP 35.214.179.6:0
GET /wp-content/plugins/ultimate-member/assets/css/um-profile.css?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-26fd"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.30
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.30
IP 35.214.179.6:0
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.30 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 09:04:42 GMT
vary: Accept-Encoding
etag: W/"6315bbaa-e330"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.js?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.js?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/pickadate/picker.js?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-9adb"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 35.214.179.6:0
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 11:09:08 GMT
vary: Accept-Encoding
etag: W/"6363a154-459f"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/simplebar.min.js?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/js/simplebar.min.js?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/simplebar.min.js?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-ad47"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Fri, 27 May 2022 10:59:22 GMT
vary: Accept-Encoding
etag: W/"6290af0a-194b"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Fri, 27 May 2022 10:59:22 GMT
vary: Accept-Encoding
etag: W/"6290af0a-132e"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-includes/js/masonry.min.js?ver=4.2.2
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-includes/js/masonry.min.js?ver=4.2.2
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Tue, 02 Mar 2021 08:20:59 GMT
vary: Accept-Encoding
etag: W/"603df56b-5e4a"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-raty.css?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-raty.css?ver=2.5.1
IP 35.214.179.6:0
GET /wp-content/plugins/ultimate-member/assets/css/um-raty.css?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-44b"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/uploads/ultimatemember/um_old_settings.css?ver=6.1.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/uploads/ultimatemember/um_old_settings.css?ver=6.1.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/ultimatemember/um_old_settings.css?ver=6.1.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Wed, 18 Apr 2018 12:12:47 GMT
vary: Accept-Encoding
etag: W/"5ad7363f-166a"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/intlTelInput.min.js?ver=21.2
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/intlTelInput.min.js?ver=21.2
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/intlTelInput.min.js?ver=21.2 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Mon, 10 Oct 2022 14:00:54 GMT
vary: Accept-Encoding
etag: W/"63442596-5aac"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 11:09:08 GMT
vary: Accept-Encoding
etag: W/"6363a154-15e54"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/ladda.min.js?ver=21.2
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/ladda.min.js?ver=21.2
IP 35.214.179.6:0
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/ladda.min.js?ver=21.2 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Mon, 10 Oct 2022 14:00:54 GMT
vary: Accept-Encoding
etag: W/"63442596-ea9"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/Rechnung-Bestellung-97866
35.214.179.6404 Not Found 0 B URL HTTP/2 www.mariovalente.it/Rechnung-Bestellung-97866
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /Rechnung-Bestellung-97866 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.mariovalente.it/wp-json/>; rel="https://api.w.org/"
set-cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146; path=/; HttpOnly
x-httpd: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:SKIP_CACHE_SET_COOKIE
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/bookly-addon-pro/frontend/modules/customer_profile/resources/css/customer-profile.css?ver=5.5
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/bookly-addon-pro/frontend/modules/customer_profile/resources/css/customer-profile.css?ver=5.5
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bookly-addon-pro/frontend/modules/customer_profile/resources/css/customer-profile.css?ver=5.5 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Sun, 16 Oct 2022 02:26:59 GMT
vary: Accept-Encoding
etag: W/"634b6bf3-620"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-tipsy.css?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-tipsy.css?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/um-tipsy.css?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-8df"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-old-default.css?ver=2.5.1
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-content/plugins/ultimate-member/assets/css/um-old-default.css?ver=2.5.1
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/um-old-default.css?ver=2.5.1 HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 02:27:30 GMT
vary: Accept-Encoding
etag: W/"6359ec92-186e"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C400%2C700%7CLato%3A400%2C700&display=swap&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C400%2C700%7CLato%3A400%2C700&display=swap&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Roboto%3A100%2C400%2C700%7CLato%3A400%2C700&display=swap&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 21:15:59 GMT
date: Tue, 29 Nov 2022 21:15:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.mariovalente.it/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
35.214.179.6200 OK 0 B URL HTTP/2 www.mariovalente.it/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 35.214.179.6:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: www.mariovalente.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mariovalente.it/Rechnung-Bestellung-97866
Cookie: PHPSESSID=5c9bb7cd1c1f3d0525c9bb379c489146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:15:59 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 11:09:08 GMT
vary: Accept-Encoding
etag: W/"6363a154-27f6"
expires: Wed, 29 Nov 2023 21:15:59 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2