cataleta.com/k3vkj/498972-cosa-mi-aspetto-dalla-scuola-dell'infanzia
116.203.191.224200 OK 30 kB URL HTTP/1.1 cataleta.com/k3vkj/498972-cosa-mi-aspetto-dalla-scuola-dell'infanzia
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12425), with CR, LF line terminators
Hash 6fa2884b3d81cd35c5c0fb3bf17a6853
52d604b9aee11078b30b27fe07fb4d41aba5b997
e0853b2318026cbc7f21b157bfdc61463342d843d534711eadac4bccbf1bff94
Analyzer Verdict Alert fortinet Malware
NIDS Severity Alert suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
GET /k3vkj/498972-cosa-mi-aspetto-dalla-scuola-dell'infanzia HTTP/1.1
Host: cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 03:12:10 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 29675
Keep-Alive: timeout=2, max=100
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1965860f5630f7dda817a236cb72ea24
beec8147d48911a007287014564ce544d296a5fd
00b4aafe530f6ceb3d6d4de42fffdaee0cb4e0a60834c85b1d21e42e5db2ef91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00B4AAFE530F6CEB3D6D4DE42FFFDAEE0CB4E0A60834C85B1D21E42E5DB2EF91"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11129
Expires: Tue, 04 Apr 2023 06:17:40 GMT
Date: Tue, 04 Apr 2023 03:12:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0c17f530e6db706fa5f9eb36a6cca4a4
446b60a425aae47b0adf5abd7e18e9f90f52c0bc
ccf1a90e945a18fb951654d29f128acdb3916d4dca315b0fad44ae8cc95be48e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCF1A90E945A18FB951654D29F128ACDB3916D4DCA315B0FAD44AE8CC95BE48E"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14791
Expires: Tue, 04 Apr 2023 07:18:42 GMT
Date: Tue, 04 Apr 2023 03:12:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Length, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 04 Apr 2023 02:28:43 GMT
content-type: application/json
age: 2608
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 903ed2d58f1f33d069b70c4b53f1cb1f
0ef89cd6eb79a2ddd74434f9233cf486fffc1142
d8c984b50f04fcdb1ebc99d982502d85193302c85239ee7497666247edfc0061
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8C984B50F04FCDB1EBC99D982502D85193302C85239EE7497666247EDFC0061"
Last-Modified: Sun, 02 Apr 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14721
Expires: Tue, 04 Apr 2023 07:17:32 GMT
Date: Tue, 04 Apr 2023 03:12:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 95f61d351f5fc9533cc78e255ce9bc06
fba284117f347782ac23c51d141d7e3ec15a867e
7fcc5f9e52e389d8d7c6df7f1f2a1291ae0aaae8e554f3022239ab092b2ef3c3
GET /chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kqHH5pqeoHEjQNhlasbvhQcAap7ktkZtAwJ+nNtsrOA7dAqeOvnid/cNQYackuv8x6aj9Mv2SsZVnS+PLOYuaQ==
x-amz-request-id: 1N4CYAVB58PJYMKY
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Apr 2023 02:52:59 GMT
age: 1152
last-modified: Fri, 31 Mar 2023 17:04:39 GMT
etag: "95f61d351f5fc9533cc78e255ce9bc06"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 03:12:11 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
142.250.74.106200 OK 986 B URL HTTP/1.1 fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
IP 142.250.74.106:0
Hash bc8b61c501bd4460492b9bd962f6eba8
4471aef36d8fdafae822d40c1daf5cae669343be
4e5b998ab4121e32e65f6ccd9e9e54720c6d3f6476e7094111418ef9150b951e
GET /css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cataleta.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 04 Apr 2023 03:12:11 GMT
Date: Tue, 04 Apr 2023 03:12:11 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 30735a8260b9c875d42add2d33a9a6c0
ea1076f012420c6d3ae054f07a6948352c96a598
995b7ad71da6aa8933947de9bd441a5c4a366e143864ad4fc5a9af3c6f193aca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 03:12:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 30735a8260b9c875d42add2d33a9a6c0
ea1076f012420c6d3ae054f07a6948352c96a598
995b7ad71da6aa8933947de9bd441a5c4a366e143864ad4fc5a9af3c6f193aca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 03:12:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0237e30273f51fb39e4e8d96814dfa9
77e1e6e6c8ad59f1c2851926c5d5c6a2b6a7dd8d
bddd9407b8e505566ad90a26fc8b384eeb631affd70aade4f61ca4a43eb12764
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD9407B8E505566AD90A26FC8B384EEB631AFFD70AADE4F61CA4A43EB12764"
Last-Modified: Sun, 02 Apr 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 04 Apr 2023 09:12:12 GMT
Date: Tue, 04 Apr 2023 03:12:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ba53b00508f28d309241bfe84306a8b
bb674d2206463c97eaaa9b70681187c056616fb2
8d8b59997bee89368fe48a9d734862b94306f5b3a0fc7b84adf8f5febe325a8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D8B59997BEE89368FE48A9D734862B94306F5B3A0FC7B84ADF8F5FEBE325A8F"
Last-Modified: Sat, 01 Apr 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Tue, 04 Apr 2023 09:12:01 GMT
Date: Tue, 04 Apr 2023 03:12:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0237e30273f51fb39e4e8d96814dfa9
77e1e6e6c8ad59f1c2851926c5d5c6a2b6a7dd8d
bddd9407b8e505566ad90a26fc8b384eeb631affd70aade4f61ca4a43eb12764
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD9407B8E505566AD90A26FC8B384EEB631AFFD70AADE4F61CA4A43EB12764"
Last-Modified: Sun, 02 Apr 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21585
Expires: Tue, 04 Apr 2023 09:11:57 GMT
Date: Tue, 04 Apr 2023 03:12:12 GMT
Connection: keep-alive
saskmade.net/foot.js?ver=1.0.0
188.114.97.1404 Not Found 7.8 kB URL HTTP/2 saskmade.net/foot.js?ver=1.0.0
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash 3753d44960ee76e3d05db3a6fce5e2f4
6d869d3deb2df8631c802ce9553ccf06ba8a675c
fc56fdf7045fbafb089d4442d5400e71c3f5a14f16278f7666a9f6057ffa4b54
Analyzer Verdict Alert quad9 Sinkholed
GET /foot.js?ver=1.0.0 HTTP/1.1
Host: saskmade.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Tue, 04 Apr 2023 03:12:11 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
link: <https://saskmade.net/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Locz08UQuHKmag6ps7Hu19lmMioVctui%2FjjnoG%2FrKtcffGFrh8XqWYph1A%2FtvcV73SdBJn7Gu3GQ7umuovoDg8PyAl435wtBjqyHLnwjEpXkaEuUVkJODGWT8tsFJbI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b265e486df2b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0237e30273f51fb39e4e8d96814dfa9
77e1e6e6c8ad59f1c2851926c5d5c6a2b6a7dd8d
bddd9407b8e505566ad90a26fc8b384eeb631affd70aade4f61ca4a43eb12764
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD9407B8E505566AD90A26FC8B384EEB631AFFD70AADE4F61CA4A43EB12764"
Last-Modified: Sun, 02 Apr 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Tue, 04 Apr 2023 09:11:14 GMT
Date: Tue, 04 Apr 2023 03:12:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Backoff, Last-Modified, Alert, Content-Length, Pragma, Cache-Control, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 04 Apr 2023 02:14:44 GMT
age: 3448
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 30735a8260b9c875d42add2d33a9a6c0
ea1076f012420c6d3ae054f07a6948352c96a598
995b7ad71da6aa8933947de9bd441a5c4a366e143864ad4fc5a9af3c6f193aca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 03:12:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ba53b00508f28d309241bfe84306a8b
bb674d2206463c97eaaa9b70681187c056616fb2
8d8b59997bee89368fe48a9d734862b94306f5b3a0fc7b84adf8f5febe325a8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D8B59997BEE89368FE48A9D734862B94306F5B3A0FC7B84ADF8F5FEBE325A8F"
Last-Modified: Sat, 01 Apr 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21555
Expires: Tue, 04 Apr 2023 09:11:27 GMT
Date: Tue, 04 Apr 2023 03:12:12 GMT
Connection: keep-alive
www.cataleta.com/wp-content/themes/worldwides/css/megnor/custom.css?ver=4.9.16
116.203.191.224200 OK 737 B URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/css/megnor/custom.css?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash a7cc6d085a1c3e9406bc183fbe10f1ad
9efef5a5d326501e7a76c9065bafbb2c9159951f
3f233ccf5cea5b96d41476128176cd82228e5842f0060aff91b1e5fe387f5f59
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/worldwides/css/megnor/custom.css?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "8a0-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 737
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/woocommerce-accepted-payment-methods/assets/css/style.css?ver=4.9.16
116.203.191.224200 OK 646 B URL HTTP/2 www.cataleta.com/wp-content/plugins/woocommerce-accepted-payment-methods/assets/css/style.css?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
Hash fd332ac73a55ee01966315c1438db900
5204c7edbb0ad1d254249d704e15b547d0fa5940
bc6d41eab5a6112e8c4de9aa358c0276e605521062be4ce49949b7a8d8da9c4f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce-accepted-payment-methods/assets/css/style.css?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:24 GMT
etag: "d0a-57b1727b21600-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 646
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=4.9.16
116.203.191.224200 OK 1.2 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
Hash c2e0c87f92e991c29b3f937ddb48e830
87685eda565206cf0b68a50c4e4ebb5270983043
675a0d451fded139e2c7a064d222b5139798eac47b3d8a7509715709d9d5c60a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:35 GMT
etag: "ee4-57b172859eec0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1230
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.6.4
116.203.191.224200 OK 9.6 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.6.4
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash 3c7f295d5d0c4ae7fc2a952a15e52955
bffc889b83980ff7072302b6a9a259995a71869e
69abe3628e56319b88059ce432fcc943a086d3b203aa396534ec46ca527f43dc
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.6.4 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:42:30 GMT
etag: "9b4b-57b1720e69580-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 9552
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.5
116.203.191.224200 OK 671 B URL HTTP/2 www.cataleta.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.5
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
Hash 63dc88a9eaede6fccb60583f4a6e94df
45ba9e7d20aee8b8379dc57add7598b733f33dbb
6b89fca44b725e09dbb37f64eceea968703689f34bf2bc0183dab84699b2a395
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.5 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:15 GMT
etag: "6cf-57b172728c1c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 671
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/yith-woocommerce-quick-view/assets/css/yith-quick-view.css?ver=4.9.16
116.203.191.224200 OK 874 B URL HTTP/2 www.cataleta.com/wp-content/plugins/yith-woocommerce-quick-view/assets/css/yith-quick-view.css?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
Hash bb46f0c75919db73e12354e4ff8eed13
bb2cb2ce07023dd405079ec173d71c93cbd239ab
924c45508ae777dc18debe973d926b95bada4709d1c3c879537b1a764830cdeb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-quick-view/assets/css/yith-quick-view.css?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:31 GMT
etag: "d80-57b17281ce5c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 874
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/css/megnor/animate.min.css?ver=4.9.16
116.203.191.224200 OK 5.2 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/css/megnor/animate.min.css?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 96a711f6985a3b4222c67233424488f7
3baf94181f637fe23e4b063de5b32b7d68691497
4d822a5e78faca09e5444ea839a07c2a967d13e59051dd3ba728f470b1441269
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/worldwides/css/megnor/animate.min.css?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "1400f-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5245
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/css/megnor/woocommerce.css?ver=4.9.16
116.203.191.224200 OK 16 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/css/megnor/woocommerce.css?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type assembler source, ASCII text, with very long lines (583), with CRLF line terminators
Hash b94a1e8cdc00d412094ca200aa0c3576
a92020f3eac6377fd70f304482008f82b2efa698
26bec1641d2f091d78c1734526eba9250248efa2d0f1ab7c62bc65bd420da807
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/worldwides/css/megnor/woocommerce.css?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "1afad-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 16399
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.5.1
116.203.191.224200 OK 1.9 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.5.1
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9152), with no line terminators
Hash 23f9556c7654e2e5a83b2b436b102642
a1fe7b8fee22a0aabc9c015dabad637ec22ad1c6
873a70b9f1f9c101e7e399e8eddf1f92b67ccce457a94b9fac356c6a84b76bc5
GET /wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.5.1 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 22:25:53 GMT
etag: "23c0-5d9e4b26fde40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1921
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/wordwides_antique/style.css?ver=1.0
116.203.191.224200 OK 1.7 kB URL HTTP/2 www.cataleta.com/wp-content/themes/wordwides_antique/style.css?ver=1.0
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 9646182bb48a391e92119c996ca66b65
7fe605e242233974eeca6b878464cacbf0b3465d
e6a808c5ee1106257ce5ca502eaae5e8d8782e5d6d2516aab740420cbba0066b
GET /wp-content/themes/wordwides_antique/style.css?ver=1.0 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "11aa-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1677
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/fonts/css/font-awesome.css?ver=4.7.0
116.203.191.224200 OK 7.4 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/fonts/css/font-awesome.css?ver=4.7.0
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash a3da2d958751f0b1fe34226e55ccc6e2
fe26fe97513deecf856918d339d8140e0e33d44e
a3c413b67d819ffd1df4c0c360bc34fb6fb2f4234c58a0358d0e0fb6edbd0bb9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/worldwides/fonts/css/font-awesome.css?ver=4.7.0 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "9220-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7438
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.css?ver=3.5.1
116.203.191.224200 OK 3.0 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.css?ver=3.5.1
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
Hash f5ec68753f6d934a2a629e33cd1e825d
89b04f75a0dfeacf218c940f1329b265313ad8bd
06c4518dba077befeb92e26148852f89856e7f7a5a082dedc7fe4aa2063d1e7d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.css?ver=3.5.1 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 22:25:53 GMT
etag: "2d45-5d9e4b26fde40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2970
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/style.css?ver=4.9.16
116.203.191.224200 OK 32 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/style.css?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (433), with CRLF line terminators
Hash 969c43180523f1f5e11d80736bc5031b
ce28b247cbf80ac50e057d42bd8b599d0cb1870b
d572d43ef23f809ae9ae7e2e463c69c8b3aaa539ba589efea7e8280335f0edec
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/worldwides/style.css?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "27158-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 31946
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/wordwides_antique/responsive.css?ver=4.9.16
116.203.191.224200 OK 699 B URL HTTP/2 www.cataleta.com/wp-content/themes/wordwides_antique/responsive.css?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash a942d652d2078949c239b10a1ad27cd1
f16ddfe40932d655bc8b60e1605cbfe471a2d17b
eae01e88c5e2a297449ea365f01c045a3c7e6b624d404369460ac89a0a47209f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/wordwides_antique/responsive.css?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "848-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 699
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/css/megnor/shadowbox.css?ver=4.9.16
116.203.191.224200 OK 741 B URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/css/megnor/shadowbox.css?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 7b9ea46f33ced06152b3fbc555fb35a8
63e329ac852bb00a525f256672915a7e28e2805d
14fd3af4c6fe10b5a5f200b947f675ea7b7e4b5439e22dd1f47f705853d6abc3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/worldwides/css/megnor/shadowbox.css?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "8a5-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 741
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/css/isotop-port.css?ver=4.9.16
116.203.191.224200 OK 3.1 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/css/isotop-port.css?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 996912be4e7bcbf969dc8ec513aba666
911140a10008803e896ddb0e04c84a683e086189
9873accda69fc9156fdf71637ab59ce63834708d3ced04ecaae36726996d4eb5
GET /wp-content/themes/worldwides/css/isotop-port.css?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "36c7-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3133
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.43.228.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.228.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EfQTPRPwAg/EXgiUUwMM3w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dWL41k9/zCkKgrPO/2g0eveKWWk=
www.cataleta.com/wp-content/themes/worldwides/css/megnor/shortcode_style.css?ver=4.9.16
116.203.191.224200 OK 11 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/css/megnor/shortcode_style.css?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash b426f66942a104650a53906e6c681ed8
ed106076d07a17a431da0699254bc8b41d939184
69ca6289794b37d164213d3753efa66ca4ca50420ef29e26b33c80f886fcdb6f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/worldwides/css/megnor/shortcode_style.css?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "f700-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11255
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/newsletter/style.css?ver=5.7.8
116.203.191.224200 OK 1.2 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/newsletter/style.css?ver=5.7.8
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
Hash 06bbe27407f47798fc36f9546b2c358a
cdc82d67475f208102e600b3de76c578a074418f
4a65be372cab519df134d84afd06519b20e4dad6c3fa043c56dfa1cbfecfca0f
GET /wp-content/plugins/newsletter/style.css?ver=5.7.8 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:18 GMT
etag: "18c8-57b1727568880-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1192
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.5.1
116.203.191.224200 OK 952 B URL HTTP/2 www.cataleta.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.5.1
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (2652), with no line terminators
Hash a7c29c2e7db73ed05256ef7d35047a43
5447c1ba9868d9be9fc5481b4317a74081bc0d8d
0107983caf8f1d51f78b44bad1fad71640946b32b33242afcc22ee7828fab863
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.5.1 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 22:25:53 GMT
etag: "a5c-5d9e4b26fde40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 952
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/css/megnor/owl.transitions.css?ver=4.9.16
116.203.191.224200 OK 694 B URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/css/megnor/owl.transitions.css?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
Hash 362e4dd89f3c395772f34d1da91ec825
27bd3517a54cfaddcbc2e95efd7b352ce33053e9
eb2e7e8bf64be66d46606d962377640542f464c66945ec46790b91db68bdb06b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/worldwides/css/megnor/owl.transitions.css?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "117c-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 694
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.css?ver=3.5.1
116.203.191.224200 OK 1.6 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.css?ver=3.5.1
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
Hash 23b91df4dfc4b09abe4af173fffffe3f
95a551d97f87fcdb990309fe171cb69d35e14c52
3ce4a6619aafb32a313fb479870f23ddc6bd6b02947a15b4d4aaec121589ac4b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.css?ver=3.5.1 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 22:25:53 GMT
etag: "1384-5d9e4b26fde40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1569
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/css/megnor/owl.carousel.css?ver=4.9.16
116.203.191.224200 OK 1.4 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/css/megnor/owl.carousel.css?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash a23ff336d8c9bd91cb564793036af87f
d13da44a2ad43b06d6912e9722bb1e4ab3630401
04266730014a0fe37708079c7fa9d350836ae903ec89f053ec4e0a646842ff3a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/worldwides/css/megnor/owl.carousel.css?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "11c5-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1387
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
116.203.191.224200 OK 3.5 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9172)
Hash c5ed233484e496839d8a5c379017e476
2c281f9e4e88b9f64f97c20ddcb1003064705bca
7e7f8ed6d44a1fc906799b6c41f26575b45176b5abb8ff093bb8fe0babd7c078
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 22:25:53 GMT
etag: "255e-5d9e4b26fde40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3533
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
116.203.191.224200 OK 4.0 kB URL HTTP/2 www.cataleta.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 20 May 2016 06:11:28 GMT
etag: "2748-5333ff613c400-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4014
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/owl.carousel.min.js?ver=4.9.16
116.203.191.224200 OK 6.5 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/owl.carousel.min.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (635), with CRLF line terminators
Hash bca8efec71e36e262f5ae6ee79ee5a28
e5facc746dd93358616399dee2036991e9d94a1c
3b64c9ec97696556f123506f92b7963da8bc1a9e1a485ebc62a13c57dc6a5893
GET /wp-content/themes/worldwides/js/megnor/owl.carousel.min.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "5d80-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6492
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
116.203.191.224200 OK 34 kB URL HTTP/2 www.cataleta.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (31997)
Hash 6b2ceda6218e6810713286b29db017fb
71175271d84c90ca5f05ecc04d7f7a1052873380
de7a4d9a1cb75f0d1a4bf1a71907a44b85b9356da5c4f9e7f6729b8e69a38974
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 05 Sep 2019 07:03:02 GMT
etag: "17a6a-591c8e9969580-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 33776
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.easypiechart.min.js?ver=4.9.16
116.203.191.224200 OK 2.1 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.easypiechart.min.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (3695), with CRLF line terminators
Hash 21433ccfef13c8201c61c1526135fa69
1339982c11482d6ba8da42076d487ff47abf9780
3219aba98861ccc52ca4f449fd0e570b09683bdb139524e50e9d995086fec6b2
GET /wp-content/themes/worldwides/js/megnor/jquery.easypiechart.min.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "1421-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2145
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.jqtransform.script.js?ver=4.9.16
116.203.191.224200 OK 613 B URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.jqtransform.script.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1256), with CRLF line terminators
Hash 47015d43b325e768c64284f73940678b
9f02f479992021b9e77d7fac51b23e40f0724d29
00f84e5528b31aca38731290f4ca2094649606fa048b105a40ad31d380df05ed
GET /wp-content/themes/worldwides/js/megnor/jquery.jqtransform.script.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "52a-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 613
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.jqtransform.js?ver=4.9.16
116.203.191.224200 OK 4.1 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.jqtransform.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1229), with CRLF line terminators
Hash bb6963060a0515325f726681989cb96b
2a0d127d4445ed924f5152e04d82671ebb112a04
0bbb06c4152ce5dd1bb621373a4f27cbf14e27259d239c1b0eda61af76a2916d
GET /wp-content/themes/worldwides/js/megnor/jquery.jqtransform.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "37c7-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4138
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/megnor.min.js?ver=4.9.16
116.203.191.224200 OK 2.2 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/megnor.min.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 09a982f71f7785faeebdeea1a6843b65
09b3c942b571570ed7e1325bc066bcda9cbb9e4e
6d2ced3e712dd23d2f914eb04e476ed70915379240a735dd9e3bc4c9d27a188f
GET /wp-content/themes/worldwides/js/megnor/megnor.min.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "259c-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2210
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/countUp.js?ver=4.9.16
116.203.191.224200 OK 2.0 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/countUp.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash afada8dac3137800365a5ef6039162f4
3019cea9936c02cf76c7796234f3845f5446926f
13ec3020644e43ddf9f82f3ae44b01b429a6b42a64f229bd176e3c259317fe49
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/worldwides/js/megnor/countUp.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "1b21-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2014
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/shadowbox.js?ver=4.9.16
116.203.191.224200 OK 20 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/shadowbox.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (28582), with CRLF, CR line terminators
Hash a024fabc2c8176f4d0652d7fde80e764
381bb7f042a96050763dfabb68a28a2a85031380
6a5c6462a8ef26270ccb1d99461a6b8632f5465aa16efd78451eee5a86bf8897
GET /wp-content/themes/worldwides/js/megnor/shadowbox.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "107a5-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 19933
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/megnorloadmore.js?ver=4.9.16
116.203.191.224200 OK 584 B URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/megnorloadmore.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash a4a04ddecab6f3c151b0b2e4db66203b
7c1e91cb599b939a9beebc72fd5fb2e2d6e31972
cf364e520a93392b2874e42881663ffe91d5d7ed11440a591e7ea7cfec6e68b1
GET /wp-content/themes/worldwides/js/megnor/megnorloadmore.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "8da-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 584
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
116.203.191.224200 OK 981 B URL HTTP/2 www.cataleta.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1680)
Hash 2238631cf6be3be50e2ab84374f6381d
f1525686e4d6b7d39727aaf30db49ac9b2bc3fa8
8e46659318c5590dc20944c2d2464b93a06a89e0a4f7353112da4cf06bc213e6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 22:25:53 GMT
etag: "736-5d9e4b26fde40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 981
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.5.1
116.203.191.224200 OK 924 B URL HTTP/2 www.cataleta.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.5.1
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2568), with no line terminators
Hash 555b56286f56c3905c9a14f1b85ab351
b0c6bd020ac99a78c0d6021a2e545a0b6c54e158
eb46cf16fdee6b9e1e479e949803dccd534d6c28268d4658195558267f7884ea
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.5.1 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 22:25:53 GMT
etag: "a08-5d9e4b26fde40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 924
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/yith-woocommerce-quick-view/assets/js/frontend.min.js?ver=1.3.5
116.203.191.224200 OK 1.1 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/yith-woocommerce-quick-view/assets/js/frontend.min.js?ver=1.3.5
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2306)
Hash 9693fb3b9363f0e1fccfada6eb56ece3
8ff1f68c7601bcb3b920a93ac5d8efbed3194a9e
7f0a186cfc3f75ea2ceb54c5b426af2a5dda707a9e2d89ff7cc6743df3909729
GET /wp-content/plugins/yith-woocommerce-quick-view/assets/js/frontend.min.js?ver=1.3.5 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:31 GMT
etag: "979-57b17281ce5c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1129
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.2.5
116.203.191.224200 OK 2.7 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.2.5
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
Hash 56aa6d96935119b315c01dcdc85a8745
ddb20f6938ca8ec7791ee0e975919247b540106d
7f30ea135834d9e1375581600b9bfe82dda7d1e3028709ab7e5e0feec2d31317
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.2.5 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:33 GMT
etag: "3747-57b17283b6a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2743
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/navigation.js?ver=1.0
116.203.191.224200 OK 406 B URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/navigation.js?ver=1.0
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 86725f8398e981fb43d13abd1ebd9685
97a6e7755234f7ac0281875057a94fcd9a6773e3
c340fe632a7f4f15e031feb71f333496e5b2fe78bf0173b98e042b80e5d4d610
GET /wp-content/themes/worldwides/js/navigation.js?ver=1.0 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "37f-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 406
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/newsletter/subscription/validate.js?ver=5.7.8
116.203.191.224200 OK 374 B URL HTTP/2 www.cataleta.com/wp-content/plugins/newsletter/subscription/validate.js?ver=5.7.8
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
Hash 6cb6dfce35465e6c0296aec28003bc49
9910c85cd65eee965ac4f673309bf01689d92d5e
a35824fd55cab76bf80dd58daa699665e0719bd2913012af360d75bb4055d081
GET /wp-content/plugins/newsletter/subscription/validate.js?ver=5.7.8 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:18 GMT
etag: "441-57b1727568880-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 374
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/doubletaptogo.js?ver=4.9.16
116.203.191.224200 OK 502 B URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/doubletaptogo.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 05f0228e4ea8f6eaf2d8e71e8fe67b8f
01fe718aa1b01d22509462ad6cdb85ad19d2e7b6
9e0344357730b74ffef74a1b83dad3906da8e89bd78235189ce64d2be6f27d30
GET /wp-content/themes/worldwides/js/megnor/doubletaptogo.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "3ca-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 502
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/easyResponsiveTabs.js?ver=4.9.16
116.203.191.224200 OK 1.9 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/easyResponsiveTabs.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash e66225269eeefabc9bc54a14d6fdf7b5
1e9f50f81ce2f3bced21e099aabce4cf16337c6f
565d7ba4600fc6701c47a52731d0093e2dd5837520775de2b21e9864dc578021
GET /wp-content/themes/worldwides/js/megnor/easyResponsiveTabs.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "2212-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1939
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/functions.js?ver=2014-02-01
116.203.191.224200 OK 1.3 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/functions.js?ver=2014-02-01
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 40e28ed2a97146706262bc183c496b58
7f0adfd156ca049666280b444a6ff4de38e20ebf
220d308928caee3da3be2a9e0ed1facb3ed39e5afc2b4709024c607a58a67670
GET /wp-content/themes/worldwides/js/functions.js?ver=2014-02-01 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "bbf-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1309
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/respond.min.js?ver=4.9.16
116.203.191.224200 OK 2.1 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/respond.min.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (3180), with CRLF line terminators
Hash 6092c0e53fb8cf8aff0d69f99bc03ba1
73b3f92666abb99ac23148de41c700961a967e83
9b020371c805a33d740d8944ade6d9f5ca66f9c0440d5d6a748db9976810c7c8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/worldwides/js/megnor/respond.min.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "fd5-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2063
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.treeview.js?ver=4.9.16
116.203.191.224200 OK 2.9 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.treeview.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (1229), with CRLF line terminators
Hash d5f30802ca98ca24a07e00627e74a6f8
cf45a95ade730c89efa62c1200c8b15eabcf9a9b
086fe6f2ce281a77daf418e7a3d2284fa876c2b1cfa7ad35bae3d77be046a2db
GET /wp-content/themes/worldwides/js/megnor/jquery.treeview.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "2464-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2923
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.megamenu.js?ver=4.9.16
116.203.191.224200 OK 2.7 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.megamenu.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (4298), with CRLF, CR line terminators
Hash 7ee442fc15a032718f824447d76650ea
94eba2bab7444c79824590729fab2a0b79f73e5a
0f4591dba007178402686696c067a185088fb4865fe9f8e85dfb50fbc3c1095c
GET /wp-content/themes/worldwides/js/megnor/jquery.megamenu.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "1d13-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2650
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-includes/js/wp-util.min.js?ver=4.9.16
116.203.191.224200 OK 563 B URL HTTP/2 www.cataleta.com/wp-includes/js/wp-util.min.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1042), with no line terminators
Hash f0e45443d3b88766b9df4187bf9a1c51
66b78fc82ff127c78c5565d6ea557c8c58fef3de
44cfadc6574891ab7a9b2aadfc6f6fcb33b7f565854644652db2545137f2f0b2
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-util.min.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 08:05:30 GMT
etag: "412-5bffe53ad0680-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 563
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.4.5
116.203.191.224200 OK 2.6 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.4.5
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (7808)
Hash ce37923565b26522f8e8cbd5070f03a1
139bdb311e96f326a2a7040e012a32bfa5331251
2c3ab394646b898c62e876a367ca8ac8dd9a81ff46559d3e4765487b7125b0d3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.4.5 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:10 GMT
etag: "1f6c-57b1726dc7680-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2615
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.5.1
116.203.191.224200 OK 591 B URL HTTP/2 www.cataleta.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.5.1
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1402), with no line terminators
Hash 4380e7ab9aa888e12cb1a391b71638ae
718403244f48059dff634871c056679d6e2fc3e4
a2ceba8511849f4dbaaa2e9b84e6e163e77bc8916c817441fd90d62fba616e5c
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.5.1 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 22:25:53 GMT
etag: "57a-5d9e4b26fde40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 591
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.formalize.min.js?ver=4.9.16
116.203.191.224200 OK 1.3 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.formalize.min.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type exported SGML document, ASCII text, with very long lines (3368), with no line terminators
Hash b01ec1a1e4de910d0fe27527c1e46f11
b3d4e76216d8520892428731fc027205afbec92b
07f8257bc13cc3cbb10b789bed4c73ed0cb57a5a219a1feb5d982e80b56ea2e6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/worldwides/js/megnor/jquery.formalize.min.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "d28-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1299
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.2.5
116.203.191.224200 OK 2.7 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.2.5
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (577)
Hash c0d22150aca356e0397b1df08f041762
5b6925396a9c737dab0fee4febc6ab36c388dc7f
24b6a14ccf1b5e7472fc79bbc9254eadf2dad5c7c6b2886ffd2e7864a432fb76
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.2.5 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:33 GMT
etag: "2795-57b17283b6a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2729
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.validate.js?ver=4.9.16
116.203.191.224200 OK 10 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.validate.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (1239), with CRLF, CR line terminators
Hash c1e6fe23302e701f31448607628eb03f
ee9724a23859d8bcbf6ebeecb71471ff518e2aed
31f35b5ecd93361e6566c6c12da756331ce04cfb10d603a5440f2dfcd6f10359
GET /wp-content/themes/worldwides/js/megnor/jquery.validate.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "a444-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 10515
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0
116.203.191.224200 OK 7.1 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:33 GMT
etag: "7918-57b17283b6a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7053
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/carousel.min.js?ver=4.9.16
116.203.191.224200 OK 5.2 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/carousel.min.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (17924), with CRLF, CR line terminators
Hash 35cfd1006c37b9545064f3a673887386
ebf29708fb46f55be0068b1ad4019a81b5b4d244
1521bd14af9470b9b608425d9e3ff297bd54f11c94da4ea2e1371a758097e96b
GET /wp-content/themes/worldwides/js/megnor/carousel.min.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "478c-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5159
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.6.4
116.203.191.224200 OK 38 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.6.4
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (27287), with CRLF line terminators
Hash b3f6ae7f52e3ddf070f5feabadc734bf
dac54ab898bdcf072dbdbbde6f9510a297fe0a77
cdefb165539978a80a9f42c532f89ca421cf95ee58a1ac1a60704b7985b8301e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.6.4 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:42:30 GMT
etag: "1afe3-57b1720e69580-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 38335
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
116.203.191.224200 OK 1.0 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
Hash 7f046eb8ca1a67b89dd74a47d03ffccf
66e28ae939b80ec7fd96c4b74b0c6777f14dc3a0
05a64429ad07959bd15ae2c23c63c32d318fdf3ebcbb0704a81f4c4364a18860
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:33 GMT
etag: "df4-57b17283b6a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1027
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-includes/js/wp-embed.min.js?ver=4.9.16
116.203.191.224200 OK 739 B URL HTTP/2 www.cataleta.com/wp-includes/js/wp-embed.min.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1391), with no line terminators
Hash 60d8829560031a011771efa2f39708af
a4689c3b70f773deb896eec78028e0902ef15097
a0176bd4cc53bd2e920b0dfd10f56d2a4a3820d671539414ef4b3e2b3e50b9b7
GET /wp-includes/js/wp-embed.min.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 08:05:30 GMT
etag: "56f-5bffe53ad0680-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 739
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21
116.203.191.224200 OK 1.2 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2550)
Hash 55c40b1da51c9f88b684a66c0b0b380e
194c90b6240f0430c5786787c0cf532f987a1ddd
71494f2339302138d11cc5b6bc73ea7d74c6ec4632a33858e16d516552ce2707
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 22:25:53 GMT
etag: "a38-5d9e4b26fde40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1176
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1
116.203.191.224200 OK 3.7 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (9742)
Hash db81723e9aed5287be8b9365b5c1fdbb
2d86d16962554aaebcc9f10ce5b176bda08b53be
06d37731bc42c42d543936161b68ce576f9e1ca048ca5579dc0c5cfa8c606144
GET /wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 22:25:53 GMT
etag: "267d-5d9e4b26fde40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3730
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
116.203.191.224200 OK 5.9 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (21592), with no line terminators
Hash e7ea1633b959bbaaae6977cc8576e0fd
9647a1164a2ea96dc87c396decea74be81276530
2b552dac8d5fb1334c0ab4061deb1d7e4b841dad3a7eec49fe832dfbf84629e5
GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 22:25:53 GMT
etag: "5458-5d9e4b26fde40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5851
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/wordwides_antique/js/megnor/custom.js?ver=4.9.16
116.203.191.224200 OK 5.9 kB URL HTTP/2 www.cataleta.com/wp-content/themes/wordwides_antique/js/megnor/custom.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (460), with CRLF line terminators
Hash 5212434a184726af771fe65af9f80d58
46b255ab4dcb554eb1a900db89905d888b2aaffc
9faf42921b0adac42a367a05566183ede2cbf702010c38d24df032885f11b177
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/wordwides_antique/js/megnor/custom.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "76f9-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5905
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=5.4.5
116.203.191.224200 OK 9.7 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=5.4.5
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32003)
Hash d8dda1d20edde0f505b16493b286b5d0
1aa75ab17728d5c3127995cdc37f2ca57109c128
45bd654406e644a521b99759a22315ff5becc4618e498d6eea3e8a0136f6e40f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=5.4.5 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:10 GMT
etag: "8b28-57b1726dc7680-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 9714
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.bxslider.js?ver=4.9.16
116.203.191.224200 OK 12 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.bxslider.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1230), with CRLF line terminators
Hash 05a734b31e4a58ac8912238b7ce9e7df
185607d5b0f96f59c6d6a71a771452d2f92104b8
4c7df6a3bf164af46a2704c78aa7b903972b6671bc87279c31c734a76633a86b
GET /wp-content/themes/worldwides/js/megnor/jquery.bxslider.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "cf72-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 12534
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.custom.min.js?ver=4.9.16
116.203.191.224200 OK 1.4 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.custom.min.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (3221), with no line terminators
Hash e9d4cd2d7bbb877251f7991cee024cf1
08e66ca66bbb56b2e7a5839f807425d4e68fb4d9
646a86a4585cd75667090975ce57971e8ec89214704868b578ab7b5cd3f58048
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/worldwides/js/megnor/jquery.custom.min.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "c95-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1351
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.4.5
116.203.191.224200 OK 351 B URL HTTP/2 www.cataleta.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.4.5
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
Hash caa6ca5d23d1adf35e63b219631fff8e
786acb0cf5a9033939c4c4b8f5c4109e2e15401f
50973c0a98e9463c4417b2ccd9424a5f89a9924b80878548f19422b25d23d901
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.4.5 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:10 GMT
etag: "37f-57b1726dc7680-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 351
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.3.5
116.203.191.224200 OK 1.3 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.3.5
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (4528), with no line terminators
Hash 1120cd5b0edd556b7f9e55ddb7590130
ab56b011fd9fdd5c7d34d3bd8b91f9935d9f5e17
debc926596bb3db188ba7bf42b6376c63df9eecd6825ff949d0d4b26310d8ddd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.3.5 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:35 GMT
etag: "11b0-57b172859eec0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1322
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.countdown.min.js?ver=4.9.16
116.203.191.224200 OK 2.9 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.countdown.min.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (4136)
Hash 6268113e66f1f120cb7f3411497fe22c
838928a659ae4b6d013b23c91130b2982a6313af
d5e3bf5e38a0f4501fa4cd73432af84a0a69d86cabe64035bcc7ba71b7a573fc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/worldwides/js/megnor/jquery.countdown.min.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "19a6-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2867
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.5
116.203.191.224200 OK 4.0 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.5
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
Hash cc76150566e288ba52c395d105fc43e1
512f5dd7dd49dc388f095dcde797f442b66b98d1
ab81562eb44e8846c82a44f1157ad551e3c6cd33a4b7e55c32be48a00d0a5565
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.5 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:15 GMT
etag: "3976-57b172728c1c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4047
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-includes/js/underscore.min.js?ver=1.8.3
116.203.191.224200 OK 5.8 kB URL HTTP/2 www.cataleta.com/wp-includes/js/underscore.min.js?ver=1.8.3
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (16194)
Hash 0de80519eb796dc06fa34efcf454c797
1274f536f1c2c51ad2b0c0f121da21cc43854ea5
059bc818c4f66d482fcd7a623fde7a0c66d9767f49a0fca0eed2fb4a6ccfdbf6
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Feb 2016 15:22:26 GMT
etag: "401a-52bf8d13ef080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5822
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c5855af789369a9b0da3ae3d0ff5b7f0
393f65405b0231d85849bb2de71f53e4a935e14b
216bda1ec06919da765b408640b1841f048a3ac507a3c25786f0ec8b938837fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 03:12:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.cataleta.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.16
116.203.191.224200 OK 4.3 kB URL HTTP/2 www.cataleta.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9063)
Hash bc89387b6a6f886f99511cca233b5071
77c1103c6d84263a73bff007bd635750d5b26296
baf8e3410e57e5650ad72f25eb93d82ea36ac8bd51904948e3d2f2a05faa3e78
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 08:05:30 GMT
etag: "2ea7-5bffe53ad0680-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4347
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
116.203.191.224200 OK 4.0 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (15658)
Hash 6ea9b5bb25153f388b207e7ace2fd8f3
996696f49fa1da27c5bdaa9ad137dbb07ee48463
41d7aef81db85a75a0a668f3f8235ce54665afc804dfe36c7f2fddc6e43fd224
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:33 GMT
etag: "3d78-57b17283b6a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4006
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/responsive.css
116.203.191.224200 OK 5.8 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/responsive.css
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (528), with CRLF line terminators
Hash 2e4a6b024196a9bdca856dc83235be7c
4e3598632d40bd9c78c6cc818cf83f8c5172dfa9
4d8fc930f6d659a4233cb9708034967f2382eda299f65c299c13c3f8f621aa9e
GET /wp-content/themes/worldwides/responsive.css HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cataleta.com/wp-content/themes/wordwides_antique/responsive.css?ver=4.9.16
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "6dbd-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5826
content-type: text/css
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=3.5.1
116.203.191.224200 OK 1.8 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=3.5.1
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (5976), with no line terminators
Hash cb3de99e8ed3e1552f3ca02f71180e3e
7aa6c945db5d2295e375bab19d17f1ab0043ad96
b6b553efcd0b22c06adb37b10cb79e78553fa2e2de17ea0ab6ea2ba633f1b9e2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=3.5.1 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 22:25:53 GMT
etag: "175b-5d9e4b26fde40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1797
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1
116.203.191.224200 OK 12 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (31466)
Hash 19b6265fe0eefdf8838b55b8d8da334d
1ff819046d6bbc267dc791f5568f1a1c8ea6f324
f92e0ffe1ac1e15904928a20dd9c2d5b4521a008d9b247f2abfbeef64baf1d1e
GET /wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 22:25:53 GMT
etag: "7b4f-5d9e4b26fde40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 12022
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=3.5.1
116.203.191.224200 OK 3.4 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=3.5.1
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (12827), with no line terminators
Hash c546487e3138415ffc1726b28f6a4e85
accd8502fea1f4eed46f6d7abc9a2b24d83921c6
0417f00ad01f03824e94f879c15730541fa8cdc1f58034bcf603823d5abbc4c6
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=3.5.1 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 22:25:53 GMT
etag: "321b-5d9e4b26fde40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3417
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
116.203.191.224200 OK 4.7 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (11827)
Hash 114459024aa27885f2f516416ea94e2a
f0c43e3fd49b73722f3e7fb12cb02b4a0a713f74
7149c522ab8296a61bf632979caf08f12a110a7c91dfbecd111a90ae037090d5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:35 GMT
etag: "2e7c-57b172859eec0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4711
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/html5.js?ver=4.9.16
116.203.191.224200 OK 1.3 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/html5.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (607), with CRLF line terminators
Hash 217328da62e20b392f1bda6415109a4f
db09c577fe3addb659a14a480265fe340901360f
ed9b8f5c59a67b01c8339b422792baa6ffaca07a68f25920d622b7bda519c64e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/worldwides/js/html5.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "9bd-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1272
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
142.250.74.35200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cataleta.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 10:34:53 GMT
expires: Wed, 27 Mar 2024 10:34:53 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
age: 578240
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c5855af789369a9b0da3ae3d0ff5b7f0
393f65405b0231d85849bb2de71f53e4a935e14b
216bda1ec06919da765b408640b1841f048a3ac507a3c25786f0ec8b938837fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 03:12:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.cataleta.com/wp-content/uploads/2018/07/Cataleta-e1532707684774.png
116.203.191.224200 OK 18 kB URL HTTP/1.1 www.cataleta.com/wp-content/uploads/2018/07/Cataleta-e1532707684774.png
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 550 x 65, 8-bit/color RGBA, non-interlaced\012- data
Hash 5793521bfae03df1aae75a87401cf0c0
d88602e053ce1d66d7400aceeefb6accb749482a
8937fe1f43294226aa9186671b48a264ddb934b073766b60f9117753091b26b1
GET /wp-content/uploads/2018/07/Cataleta-e1532707684774.png HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cataleta.com/
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 03:12:13 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 20 Nov 2018 11:57:55 GMT
ETag: "45d6-57b175808f6c0"
Accept-Ranges: bytes
Content-Length: 17878
Keep-Alive: timeout=2, max=100
Content-Type: image/png
www.cataleta.com/wp-content/themes/worldwides/images/megnor/colorpicker/pattern/body-bg.png
116.203.191.224200 OK 1.1 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/images/megnor/colorpicker/pattern/body-bg.png
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 94 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 82f7e17dba07cba42d76e2ea4e3ae6ac
9cb22fe1d45c4390db58e34f1f1395f1525ac417
dd3425d42cb4e2c0f62761e8f65371cd8aaf892645a52daa562a2e485ec4b421
GET /wp-content/themes/worldwides/images/megnor/colorpicker/pattern/body-bg.png HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "422-57b16f2c44800"
accept-ranges: bytes
content-length: 1058
content-type: image/png
date: Tue, 04 Apr 2023 03:12:13 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/images/megnor/search.png
116.203.191.224200 OK 1.2 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/images/megnor/search.png
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 15 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash c52c1a51c813e487dd54a9513bfad57b
ae301dbae30efdebf1e018cc8b2070e1a0199811
b633c370a9e8f9a70badfe0ab40bfc5ff8b6d13703de01c4bae12aa3372dbf56
GET /wp-content/themes/worldwides/images/megnor/search.png HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cataleta.com/wp-content/themes/worldwides/style.css?ver=4.9.16
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "4b2-57b16f2c44800"
accept-ranges: bytes
content-length: 1202
content-type: image/png
date: Tue, 04 Apr 2023 03:12:13 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/images/megnor/close.png
116.203.191.224200 OK 991 B URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/images/megnor/close.png
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 3217582d2bf36b22fd3c10770671573a
b6c072ce67dad6d8ff544b6f8578a49a7faf16b5
786d055e0a78cfbe8d458c09d9eb1cfc8b7ec4a6f2dd476664c14461110de3ea
GET /wp-content/themes/worldwides/images/megnor/close.png HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cataleta.com/wp-content/themes/worldwides/style.css?ver=4.9.16
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "3df-57b16f2c44800"
accept-ranges: bytes
content-length: 991
content-type: image/png
date: Tue, 04 Apr 2023 03:12:13 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/wordwides_antique/images/megnor/menu-separator.png
116.203.191.224200 OK 1.1 kB URL HTTP/2 www.cataleta.com/wp-content/themes/wordwides_antique/images/megnor/menu-separator.png
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 2 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash 3207efd9a44f6afb0c92a2be88c33cd2
42628e3f936ef5464d954568363a862e0aa7a4db
2463618eb8235fc8b6f69f006205a076a6e17a82f2f08f00a585d676de8ba2bd
GET /wp-content/themes/wordwides_antique/images/megnor/menu-separator.png HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cataleta.com/wp-content/themes/wordwides_antique/style.css?ver=1.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "44b-57b16f2c44800"
accept-ranges: bytes
content-length: 1099
content-type: image/png
date: Tue, 04 Apr 2023 03:12:13 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/fonts/fonts/fontawesome-webfont.woff2?v=4.7.0
116.203.191.224200 OK 77 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/fonts/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/themes/worldwides/fonts/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cataleta.com
Connection: keep-alive
Referer: https://www.cataleta.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "12d68-57b16f2c44800"
accept-ranges: bytes
content-length: 77160
vary: Accept-Encoding,User-Agent
date: Tue, 04 Apr 2023 03:12:13 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/uploads/2018/07/header-bg.jpg
116.203.191.224200 OK 331 kB URL HTTP/1.1 www.cataleta.com/wp-content/uploads/2018/07/header-bg.jpg
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1903x400, components 3\012- data
Size 331 kB (331284 bytes)
Hash b3b7654ec12e48fb7272ccd05febb4f5
c91b9d0d58bba91f5dfd053b26715c39f700d171
d0fcca9995004509364014b529d04bdb1149483d859f601c25c31808b412ec6b
GET /wp-content/uploads/2018/07/header-bg.jpg HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cataleta.com/
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 03:12:13 GMT
Server: Apache/2
Last-Modified: Tue, 20 Nov 2018 11:57:55 GMT
ETag: "50e14-57b175808f6c0"
Accept-Ranges: bytes
Content-Length: 331284
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
www.cataleta.com/wp-content/themes/worldwides/fonts/fonts/fontawesome-webfont.woff?v=4.7.0
116.203.191.224200 OK 201 kB URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/fonts/fonts/fontawesome-webfont.woff?v=4.7.0
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Size 201 kB (201096 bytes)
Hash 491f92bc5c4ee145608c8ab1e4a1543c
03a0182db40555e3738845039a1a9a921902cc13
2629cd262d7f85f5a8c0f1c8b57223daa721f87f09f566ca5c381ae3a784a29d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/worldwides/fonts/fonts/fontawesome-webfont.woff?v=4.7.0 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cataleta.com
Connection: keep-alive
Referer: https://www.cataleta.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "17ee8-57b16f2c44800"
accept-ranges: bytes
content-length: 98024
vary: Accept-Encoding,User-Agent
content-type: application/x-font-woff
date: Tue, 04 Apr 2023 03:12:13 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/yith-woocommerce-wishlist/assets/fonts/fontawesome-webfont.woff?v=4.7.0
116.203.191.224200 OK 98 kB URL HTTP/2 www.cataleta.com/wp-content/plugins/yith-woocommerce-wishlist/assets/fonts/fontawesome-webfont.woff?v=4.7.0
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Hash fee66e712a8a08eef5805a46892932ad
28b782240b3e76db824e12c02754a9731a167527
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/fonts/fontawesome-webfont.woff?v=4.7.0 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cataleta.com
Connection: keep-alive
Referer: https://www.cataleta.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:33 GMT
etag: "17ee8-57b17283b6a40"
accept-ranges: bytes
content-length: 98024
vary: Accept-Encoding,User-Agent
content-type: application/x-font-woff
date: Tue, 04 Apr 2023 03:12:13 GMT
server: Apache/2
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3139
Expires: Tue, 04 Apr 2023 04:04:32 GMT
Date: Tue, 04 Apr 2023 03:12:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3139
Expires: Tue, 04 Apr 2023 04:04:32 GMT
Date: Tue, 04 Apr 2023 03:12:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3139
Expires: Tue, 04 Apr 2023 04:04:32 GMT
Date: Tue, 04 Apr 2023 03:12:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3139
Expires: Tue, 04 Apr 2023 04:04:32 GMT
Date: Tue, 04 Apr 2023 03:12:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3139
Expires: Tue, 04 Apr 2023 04:04:32 GMT
Date: Tue, 04 Apr 2023 03:12:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5a64c6f-4f76-4a92-92c4-1fa8cb48142e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5a64c6f-4f76-4a92-92c4-1fa8cb48142e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fde7605b95c3ac6b8de339dbd12e17b1
b44d521b31be7b3fe378a0e070c49379a6eab26e
5496cf7c705ccc67dd13f86a07d9a352424d58591aa67afe1e1361c640f8d510
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5a64c6f-4f76-4a92-92c4-1fa8cb48142e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6803
x-amzn-requestid: 6c78179f-0d11-4a23-8e86-e4f05d7c7f90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0fq3HrioAMF7ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b4645-758850e07ef9b1512b684c35;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:33:57 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: fYzW2B9Nf5JLhQdDSzDsT7h-auY41wg3PSAaSI6U68BNGvtHI99W7A==
via: 1.1 ee32c7a76e2727d565413cc6c352ef48.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:51:49 GMT
age: 19224
etag: "b44d521b31be7b3fe378a0e070c49379a6eab26e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5f70c40-8b38-48db-b482-a5cc8f1580ef.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5f70c40-8b38-48db-b482-a5cc8f1580ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d1360ec3cb182322e0a0c445f57e5b7
9f71e3cd002ca8116d917c3b7fb57291099269d1
e3d216e879d771bf2507928ba1b26465c87a4202a4cdc03483f002c2826a81b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5f70c40-8b38-48db-b482-a5cc8f1580ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6912
x-amzn-requestid: 53fcdc8a-e064-4e81-b5ac-5d0ae4bcfdb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0fpuEZ-IAMFxaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b463d-3b7b43f30dd66fae5dc9ea6a;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:33:49 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: I29hcOKFN0L3ivDpD5pWg-Kg22Z10td_Vll6SRScTslvd__JZnJyTg==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 ae06b19943a6bad1c1b12b79f7339498.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:52:12 GMT
age: 19201
etag: "9f71e3cd002ca8116d917c3b7fb57291099269d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b3221e-f465-4b09-8edb-d71d2b28f571.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b3221e-f465-4b09-8edb-d71d2b28f571.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 904fe1f41565ef3b94317ec52a7203e1
b7911bd82a447c46eb419919a52ea46fa243ee0f
19e32a25d63d4696b05d167d44b640582352985928518bc2ce11973a20e9b2da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b3221e-f465-4b09-8edb-d71d2b28f571.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11387
x-amzn-requestid: 3e5b802d-c2f3-4b72-8dea-5f6452cd57d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0frcED1oAMFZiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b4648-2429f95743f7924f14ec8565;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:34:00 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: tdr_kJ1GbV0H6rARDLO1yy5EoMkWnaZUflx3tibj7mptRhUJu1Hw2g==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:52:12 GMT
age: 19201
etag: "b7911bd82a447c46eb419919a52ea46fa243ee0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09d7bfe8-bfa6-4d25-aa3f-159254f09bfa.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09d7bfe8-bfa6-4d25-aa3f-159254f09bfa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad137bebd56918d96431d867ae123332
8572417b762ea2b1dccc3d4236336456be6be1cf
92a575b8055174a83ac1066e2ff931525760c9b96f3e588077ce0ce24a0a7b46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09d7bfe8-bfa6-4d25-aa3f-159254f09bfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8658
x-amzn-requestid: 36fb7671-bd9a-43fc-8920-c5948711d560
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CvNkNGjHIAMFsBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6429294d-5e753ae346a583ac5cbb42f4;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Sun, 02 Apr 2023 07:05:49 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: UPNt2yE-_295UTjOFpgSxhrl1XjSOSgQVJoEf__wc0y5btcJ9dIT1w==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 07:22:47 GMT
age: 71366
etag: "8572417b762ea2b1dccc3d4236336456be6be1cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f029f5-9f3a-43c3-8743-b7c1d3471aeb.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f029f5-9f3a-43c3-8743-b7c1d3471aeb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b2c03b6fadb7b83d19806d4f77ad065
63ecd9cef0b72d22d513978f9406fe62a6b951ee
a297106c055dbf7e5d04b91e9cae0611c6f023107a12b5c64acea4b6edf18fa5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f029f5-9f3a-43c3-8743-b7c1d3471aeb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9398
x-amzn-requestid: 78a60a22-8a89-4106-9edc-9d07d08aeda0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0fpsGtroAMFpEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b463d-4d6d38ce37d49ce915658a51;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:33:49 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: D8r5sg9Xz8HR5W-dMpC37V8G-LhRv3xHY1pJRnax5baNofVz6DySiQ==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 22:01:27 GMT
age: 18646
etag: "63ecd9cef0b72d22d513978f9406fe62a6b951ee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16318447-1c81-4525-becf-32a77c9030e1.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16318447-1c81-4525-becf-32a77c9030e1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c226ea23c670c61a42a6d94959e10dc
e4a946d93a63ad9fcf751fbb8e55ab18466197e2
b95c03169121047006cdab960d5564c683c6ef8755ba9ca143e0c87bcca9ed92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16318447-1c81-4525-becf-32a77c9030e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4265
x-amzn-requestid: c4bfc599-63fb-4953-b39b-45c059c99070
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CopBKHO1IAMF10A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6426886d-7adcee9a3a8156542d555ccf;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 07:14:53 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nIzZ59KreRBEwpeZdkq3VT4V04hlaB-4r7x7bGDLGgUVs5PBuYuflQ==
via: 1.1 22ea0ab0881473261b786ecbb5e00f54.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 08:33:26 GMT
age: 67127
etag: "e4a946d93a63ad9fcf751fbb8e55ab18466197e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cataleta.com/favicon.ico
116.203.191.224200 OK 0 B IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cataleta.com/k3vkj/498972-cosa-mi-aspetto-dalla-scuola-dell'infanzia
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 03:12:14 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=2, max=100
Content-Type: image/vnd.microsoft.icon
cataleta.com/?wc-ajax=get_refreshed_fragments
116.203.191.224200 OK 235 B URL HTTP/1.1 cataleta.com/?wc-ajax=get_refreshed_fragments
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (355), with no line terminators
Hash 84060ed51050dccfaff710cb0a021d14
3b374766face6728788baa1a2f4e7f2cf5f9d031
15c8c6335d01125f0783a3bc528e197953f860c208de77393c39b5fd3d1e617d
Analyzer Verdict Alert fortinet Malware
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Origin: http://cataleta.com
Connection: keep-alive
Referer: http://cataleta.com/k3vkj/498972-cosa-mi-aspetto-dalla-scuola-dell'infanzia
Content-Length: 0
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 03:12:13 GMT
Server: Apache/2
X-Pingback: http://www.cataleta.com/xmlrpc.php
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 235
Keep-Alive: timeout=2, max=100
Content-Type: application/json; charset=UTF-8
www.cataleta.com/?wordfence_lh=1&hid=7C4FA825249BB8BAA3C1FEE17F7C214E&r=0.7108566737741265
116.203.191.224301 Moved Permanently 0 B URL HTTP/1.1 www.cataleta.com/?wordfence_lh=1&hid=7C4FA825249BB8BAA3C1FEE17F7C214E&r=0.7108566737741265
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?wordfence_lh=1&hid=7C4FA825249BB8BAA3C1FEE17F7C214E&r=0.7108566737741265 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cataleta.com/
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Apr 2023 03:12:13 GMT
Server: Apache/2
X-Pingback: http://www.cataleta.com/xmlrpc.php
Location: https://www.cataleta.com/?wordfence_lh=1&hid=7C4FA825249BB8BAA3C1FEE17F7C214E&r=0.7108566737741265
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.cataleta.com/?wordfence_lh=1&hid=7C4FA825249BB8BAA3C1FEE17F7C214E&r=0.7108566737741265
116.203.191.224200 OK 0 B URL HTTP/2 www.cataleta.com/?wordfence_lh=1&hid=7C4FA825249BB8BAA3C1FEE17F7C214E&r=0.7108566737741265
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?wordfence_lh=1&hid=7C4FA825249BB8BAA3C1FEE17F7C214E&r=0.7108566737741265 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cataleta.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-pingback: https://www.cataleta.com/xmlrpc.php
link: <https://www.cataleta.com/wp-json/>; rel="https://api.w.org/", <https://www.cataleta.com/>; rel=shortlink
x-robots-tag: noindex
content-length: 0
vary: User-Agent
content-type: text/javascript;charset=UTF-8
date: Tue, 04 Apr 2023 03:12:14 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.jscroll.min.js?ver=4.9.16
116.203.191.224200 OK 0 B URL HTTP/2 www.cataleta.com/wp-content/themes/worldwides/js/megnor/jquery.jscroll.min.js?ver=4.9.16
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/themes/worldwides/js/megnor/jquery.jscroll.min.js?ver=4.9.16 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:29:36 GMT
etag: "130f-57b16f2c44800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2049
content-type: application/javascript
date: Tue, 04 Apr 2023 03:12:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C500%2C600%7CRaleway%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CGreat+Vibes&ver=1.0.0
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C500%2C600%7CRaleway%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CGreat+Vibes&ver=1.0.0
IP 142.250.74.106:0
GET /css?family=Oswald%3A300%2C400%2C500%2C600%7CRaleway%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CGreat+Vibes&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Apr 2023 03:12:11 GMT
date: Tue, 04 Apr 2023 03:12:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald
IP 142.250.74.106:0
GET /css?family=Oswald HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cataleta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Apr 2023 03:12:12 GMT
date: Tue, 04 Apr 2023 03:12:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.cataleta.com/wp-content/plugins/yith-woocommerce-wishlist/assets/fonts/fontawesome-webfont.ttf?v=4.7.0
116.203.191.224200 OK 0 B URL HTTP/2 www.cataleta.com/wp-content/plugins/yith-woocommerce-wishlist/assets/fonts/fontawesome-webfont.ttf?v=4.7.0
IP 116.203.191.224:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/fonts/fontawesome-webfont.ttf?v=4.7.0 HTTP/1.1
Host: www.cataleta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cataleta.com
Connection: keep-alive
Referer: https://www.cataleta.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Nov 2018 11:44:33 GMT
etag: "286ac-57b17283b6a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: application/x-font-ttf
date: Tue, 04 Apr 2023 03:12:13 GMT
server: Apache/2
X-Firefox-Spdy: h2