santorotto.it/
46.37.14.198301 Moved Permanently 162 B IP 46.37.14.198:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 01 Dec 2022 14:06:42 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://santorotto.it/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7350
Expires: Thu, 01 Dec 2022 16:09:12 GMT
Date: Thu, 01 Dec 2022 14:06:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17088
Expires: Thu, 01 Dec 2022 18:51:30 GMT
Date: Thu, 01 Dec 2022 14:06:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: AssD/dcvR/wQbyCL1ZBUiG41H8W59QrHB53p/YDw1k3EuvZysFNTGMMFyoQQsY4IhyRJagyf4yo=
x-amz-request-id: C8H7MEG9TK2PYANV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 13:46:17 GMT
age: 1225
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2688
Cache-Control: max-age=162558
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:06:42 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:16:00 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 13:18:08 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2914
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash adbf3b43e92a70fcbf50b2c6cc0eb201
fb789c16557133680ef48b19a60bcf38eb52bc2d
03fe1aebb36660aac6c0a2cd69343446e7c2d3a60be6c8f57c2a239b67a82528
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03FE1AEBB36660AAC6C0A2CD69343446E7C2D3A60BE6C8F57C2A239B67A82528"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21552
Expires: Thu, 01 Dec 2022 20:05:54 GMT
Date: Thu, 01 Dec 2022 14:06:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 13:11:15 GMT
cache-control: public,max-age=3600
age: 3327
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2685
Cache-Control: max-age=157491
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:06:43 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:51:34 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.149.156.115101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.156.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vHUGOJUb0+JNjf3aaPLUsQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ShU/IhPBzCKPxJK8UbtQjkumh1U=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:06:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:06:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
santorotto.it/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
46.37.14.198200 OK 600 B URL HTTP/2 santorotto.it/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
IP 46.37.14.198:0
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 2878f64a0217a154e531853f6a822c65
ac7a53e9f53b9de8a344c38222e217d50d559b83
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: image/png
content-length: 600
x-accel-version: 0.01
last-modified: Thu, 12 Mar 2020 13:14:45 GMT
etag: "258-5a0a822fa407e"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/sitepress-multilingual-cms/res/flags/it.png
46.37.14.198200 OK 267 B URL HTTP/2 santorotto.it/wp-content/plugins/sitepress-multilingual-cms/res/flags/it.png
IP 46.37.14.198:0
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 9c6287bdf64843201af93ff1afbfac6c
a31d1f6a6dc624c02a6e7767bd9d5ad894c7cddb
85d05871f6315412de38a72c7164fd4917efba135ba06ed9972c502c1fd811ff
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/it.png HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: image/png
content-length: 267
x-accel-version: 0.01
last-modified: Thu, 12 Mar 2020 13:14:45 GMT
etag: "10b-5a0a822fae877"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
santorotto.it/wp-content/uploads/2019/04/sinalunga-hotel-ristorante-santorotto-val-di-chiana.jpg
46.37.14.198301 Moved Permanently 162 B URL HTTP/1.1 santorotto.it/wp-content/uploads/2019/04/sinalunga-hotel-ristorante-santorotto-val-di-chiana.jpg
IP 46.37.14.198:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/uploads/2019/04/sinalunga-hotel-ristorante-santorotto-val-di-chiana.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 01 Dec 2022 14:06:43 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://santorotto.it/wp-content/uploads/2019/04/sinalunga-hotel-ristorante-santorotto-val-di-chiana.jpg
santorotto.it/wp-content/uploads/2019/04/camere-hotel-santorotto-valdichiana-sinalunga-business.jpg
46.37.14.198301 Moved Permanently 162 B URL HTTP/1.1 santorotto.it/wp-content/uploads/2019/04/camere-hotel-santorotto-valdichiana-sinalunga-business.jpg
IP 46.37.14.198:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/uploads/2019/04/camere-hotel-santorotto-valdichiana-sinalunga-business.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 01 Dec 2022 14:06:43 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://santorotto.it/wp-content/uploads/2019/04/camere-hotel-santorotto-valdichiana-sinalunga-business.jpg
santorotto.it/wp-content/uploads/2019/04/ristorante-hotel-santorotto-valdichiana-sinalunga-business.jpg
46.37.14.198301 Moved Permanently 162 B URL HTTP/1.1 santorotto.it/wp-content/uploads/2019/04/ristorante-hotel-santorotto-valdichiana-sinalunga-business.jpg
IP 46.37.14.198:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/uploads/2019/04/ristorante-hotel-santorotto-valdichiana-sinalunga-business.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 01 Dec 2022 14:06:43 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://santorotto.it/wp-content/uploads/2019/04/ristorante-hotel-santorotto-valdichiana-sinalunga-business.jpg
santorotto.it/wp-content/uploads/2019/05/SANTOROTTO-logo.png
46.37.14.198301 Moved Permanently 162 B URL HTTP/1.1 santorotto.it/wp-content/uploads/2019/05/SANTOROTTO-logo.png
IP 46.37.14.198:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/uploads/2019/05/SANTOROTTO-logo.png HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 01 Dec 2022 14:06:43 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://santorotto.it/wp-content/uploads/2019/05/SANTOROTTO-logo.png
santorotto.it/wp-content/uploads/2015/02/hotel_about.jpg
46.37.14.198301 Moved Permanently 162 B URL HTTP/1.1 santorotto.it/wp-content/uploads/2015/02/hotel_about.jpg
IP 46.37.14.198:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/uploads/2015/02/hotel_about.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 01 Dec 2022 14:06:43 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://santorotto.it/wp-content/uploads/2015/02/hotel_about.jpg
santorotto.it/wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business-camera.jpg
46.37.14.198200 OK 247 kB URL HTTP/2 santorotto.it/wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business-camera.jpg
IP 46.37.14.198:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1800x1301, components 3\012- data
Size 247 kB (247013 bytes)
Hash b092ec371c3252723ef97d7d9bfe1e05
437290840b33d3e0cf2945454f3a73973a9fb16c
d1a0fb36e1ee99362526fa758398723fdfc0d7a8c5383ccee3953d42ea03c454
GET /wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business-camera.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: image/jpeg
content-length: 247013
last-modified: Thu, 12 Mar 2020 13:14:37 GMT
etag: "5e6a35bd-3c4e5"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
santorotto.it/wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business.jpg
46.37.14.198200 OK 438 kB URL HTTP/2 santorotto.it/wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business.jpg
IP 46.37.14.198:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1800x1213, components 3\012- data
Size 438 kB (437857 bytes)
Hash 9e41c855cb5e2917e43bfabe3d9aa097
1bff2eba4c070fb15aaace47785f9822c0c32685
b934ff2f513c3da70b428d61696b62cfd1cac6fc0ff7efc77e338049ea88c20f
GET /wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: image/jpeg
content-length: 437857
last-modified: Thu, 12 Mar 2020 13:14:37 GMT
etag: "5e6a35bd-6ae61"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
santorotto.it/wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business-colazione.jpg
46.37.14.198200 OK 490 kB URL HTTP/2 santorotto.it/wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business-colazione.jpg
IP 46.37.14.198:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1800x1254, components 3\012- data
Size 490 kB (490345 bytes)
Hash 40ea30adefa4abcccf44e872e4e6649c
ab2b24e7c86f44b5097d1d22338b105277bcfa8b
9b67aa5e374d543b1d32529772f020c6d11eaa935b6a63d632f8d3f8d1ff0975
GET /wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business-colazione.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: image/jpeg
content-length: 490345
last-modified: Thu, 12 Mar 2020 13:14:37 GMT
etag: "5e6a35bd-77b69"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
santorotto.it/wp-content/uploads/2019/04/sinalunga-hotel-ristorante-santorotto-val-di-chiana.jpg
46.37.14.198200 OK 92 kB URL HTTP/2 santorotto.it/wp-content/uploads/2019/04/sinalunga-hotel-ristorante-santorotto-val-di-chiana.jpg
IP 46.37.14.198:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x350, components 3\012- data
Hash 84a9ae6b0c4e51d147ee0e17743fada3
181f5793c6952d42f9d294bdb11d6a50c3c22af5
ec373de7d7503cd59ee54683593c48458902e65fe71954e322a467d40b481965
GET /wp-content/uploads/2019/04/sinalunga-hotel-ristorante-santorotto-val-di-chiana.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: image/jpeg
content-length: 91689
last-modified: Thu, 12 Mar 2020 13:14:37 GMT
etag: "5e6a35bd-16629"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
santorotto.it/wp-includes/js/wp-emoji-release.min.js?ver=5.1.15
46.37.14.198200 OK 4.5 kB URL HTTP/2 santorotto.it/wp-includes/js/wp-emoji-release.min.js?ver=5.1.15
IP 46.37.14.198:0
File type ASCII text, with very long lines (9071)
Hash 4a640e6f28eae325947ea8121cfdcd27
3361c638ac49da119b710dd21cc6351f3f6b0b0a
bf54cc547e4112dbcfadb45577a75394ec27f13c622a1c33d5cb796285565af4
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.1.15 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-2eaf"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/js/parallax/translate3d.js?ver=21.1.4
46.37.14.198200 OK 82 kB URL HTTP/2 santorotto.it/wp-content/themes/betheme/js/parallax/translate3d.js?ver=21.1.4
IP 46.37.14.198:0
Hash 6b2ca8b9bb4df429ddeafd176b42a211
1f333e04bcc79e11a492c8da5e1037f4be4b8524
01be52b83e5902f687ddc5b4dabf6440a40ab713c43b814bdf2d353b1d1f8038
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/js/parallax/translate3d.js?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:34 GMT
etag: W/"5e6a35ba-1228"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-includes/js/comment-reply.min.js?ver=5.1.15
46.37.14.198200 OK 17 kB URL HTTP/2 santorotto.it/wp-includes/js/comment-reply.min.js?ver=5.1.15
IP 46.37.14.198:0
File type ASCII text, with very long lines (2160), with no line terminators
Hash 39fed08ad1048e787c14c3ef85605b18
32dd1582693dcb8c9bf202d320e3196ee14f96f2
c7d4a5303cb2db753ee416e73e1e42c42971611742ba0085f7fa3fd61063e095
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/comment-reply.min.js?ver=5.1.15 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-870"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:06:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
santorotto.it/wp-includes/css/dist/block-library/style.min.css?ver=5.1.15
46.37.14.198200 OK 4.4 kB URL HTTP/2 santorotto.it/wp-includes/css/dist/block-library/style.min.css?ver=5.1.15
IP 46.37.14.198:0
File type ASCII text, with very long lines (25245), with no line terminators
Hash af1e8491a4a3af99481e02b6dee6c4b8
d326c53c0ff97491287f25e705c48ab343a39a7e
42ad1fe08e310d8e910e05007c7999941f8e9123caf89b61df3c9ae87bea60d2
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.1.15 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: text/css
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-629d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://santorotto.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 66748
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/js/scripts.js?ver=21.1.4
46.37.14.198200 OK 26 kB URL HTTP/2 santorotto.it/wp-content/themes/betheme/js/scripts.js?ver=21.1.4
IP 46.37.14.198:0
Hash bdd763408451903ab99910cb57f8cdd6
c520e9b980473b1895d7cce76d7302fe63cee78a
358d3e39c5bd05548984ba1e441abe75956f2ba647f41f7aa6976f71791dae2a
GET /wp-content/themes/betheme/js/scripts.js?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:34 GMT
etag: W/"5e6a35ba-10971"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
142.250.74.35200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://santorotto.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 07:01:24 GMT
expires: Wed, 29 Nov 2023 07:01:24 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 198319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://santorotto.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 66748
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:06:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
santorotto.it/wp-includes/js/wp-embed.min.js?ver=5.1.15
46.37.14.198200 OK 94 kB URL HTTP/2 santorotto.it/wp-includes/js/wp-embed.min.js?ver=5.1.15
IP 46.37.14.198:0
File type ASCII text, with very long lines (1391), with no line terminators
Hash 659bc054348b6228699031476139c783
f62c36ec92b101cfb005de65628fb5935d945fc7
9b09e589bb651ab6f67e100025ad1ddb6f19b4ecabc3f5bbfb58f21eff049f43
GET /wp-includes/js/wp-embed.min.js?ver=5.1.15 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-56f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/uploads/2015/02/hotel_about.jpg
46.37.14.198200 OK 93 kB URL HTTP/2 santorotto.it/wp-content/uploads/2015/02/hotel_about.jpg
IP 46.37.14.198:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 780x365, components 3\012- data
Hash e648ca332421ee95009f7a4f54cc284d
48bd15cf866c18612c3aa5d75f1bb821f1968f9f
b717c5e8f6e68194371309a57628d6619d204f08d89c8bc7238b010befbe4e0d
GET /wp-content/uploads/2015/02/hotel_about.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:44 GMT
content-type: image/jpeg
content-length: 92785
last-modified: Thu, 12 Mar 2020 13:14:35 GMT
etag: "5e6a35bb-16a71"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
santorotto.it/wp-content/uploads/2019/04/camere-hotel-santorotto-valdichiana-sinalunga-business.jpg
46.37.14.198200 OK 37 kB URL HTTP/2 santorotto.it/wp-content/uploads/2019/04/camere-hotel-santorotto-valdichiana-sinalunga-business.jpg
IP 46.37.14.198:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x350, components 3\012- data
Hash 3800acd50b0dc79731a57b9ad3636772
4a93117f7e7b41a343b9e13eb2d646e4f64f3101
6acdb94bb64876c94ca9938af147bd17b423d9115bce70193e0e7969d34bae18
GET /wp-content/uploads/2019/04/camere-hotel-santorotto-valdichiana-sinalunga-business.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:44 GMT
content-type: image/jpeg
content-length: 36818
last-modified: Thu, 12 Mar 2020 13:14:36 GMT
etag: "5e6a35bc-8fd2"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
santorotto.it/wp-content/uploads/2019/05/SANTOROTTO-logo.png
46.37.14.198200 OK 5.9 kB URL HTTP/2 santorotto.it/wp-content/uploads/2019/05/SANTOROTTO-logo.png
IP 46.37.14.198:0
File type PNG image data, 448 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 8b5f0c5f8a4356437cbf3b681ca6d64c
f775b1f2220ea034695a895394f2bc9ced88969b
e1d18da32fb673201d0e5ec8e9536bd6116b1d40fc794b437b8f4e59990eec8e
GET /wp-content/uploads/2019/05/SANTOROTTO-logo.png HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:44 GMT
content-type: image/png
content-length: 5883
last-modified: Thu, 12 Mar 2020 13:14:37 GMT
etag: "5e6a35bd-16fb"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/images/favicon.ico
46.37.14.198200 OK 5.4 kB URL HTTP/2 santorotto.it/wp-content/themes/betheme/images/favicon.ico
IP 46.37.14.198:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 9d1b031ca1395a94a6886087e245cb7b
f3f85d209c8f92593b568197814f0f0fcee45ad7
b47275b5b6878455d8937e95b32301f17c3caf0a233be8e864e9dc07493806f1
GET /wp-content/themes/betheme/images/favicon.ico HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:44 GMT
content-type: image/vnd.microsoft.icon
content-length: 5430
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: "5e6a35b9-1536"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d744382.1918873474!2d11.193374576926434!3d43.21488080542298!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x132be1ad3e70e70d%3A0x6770b4ccd7c74897!2sHotel+Santorotto!5e0!3m2!1sit!2sit!4v1558702609816!5m2!1sit!2sit
142.250.74.164200 OK 1.4 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d744382.1918873474!2d11.193374576926434!3d43.21488080542298!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x132be1ad3e70e70d%3A0x6770b4ccd7c74897!2sHotel+Santorotto!5e0!3m2!1sit!2sit!4v1558702609816!5m2!1sit!2sit
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2425)
Hash 8d5ae8b67d5e44987a9895fa12153494
3f6ebcbaff884916fb174319cf89f4d9a06fe284
b8b933a9998d558aab6a8da2914d0823a99cedf71e6a2f6c16c0f522c39ea3b4
GET /maps/embed?pb=!1m18!1m12!1m3!1d744382.1918873474!2d11.193374576926434!3d43.21488080542298!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x132be1ad3e70e70d%3A0x6770b4ccd7c74897!2sHotel+Santorotto!5e0!3m2!1sit!2sit!4v1558702609816!5m2!1sit!2sit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Thu, 01 Dec 2022 14:06:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-MjkAPqlllWYu7uAg753fCQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1359
x-xss-protection: 0
server-timing: gfet4t7; dur=230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:06:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
santorotto.it/wp-content/plugins/revslider/public/assets/assets/loader.gif
46.37.14.198200 OK 2.5 kB URL HTTP/2 santorotto.it/wp-content/plugins/revslider/public/assets/assets/loader.gif
IP 46.37.14.198:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 4b3afb84b2b71ef56df09997a350bd04
accdac8a7abeab0e21c49539aad0a973addb28ef
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
Cookie: cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:44 GMT
content-type: image/gif
content-length: 2545
last-modified: Thu, 12 Mar 2020 13:14:30 GMT
etag: "5e6a35b6-9f1"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
maps.gstatic.com/maps-api-v3/embed/js/51/2/intl/it_ALL/init_embed.js
142.250.74.3200 OK 70 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/2/intl/it_ALL/init_embed.js
IP 142.250.74.3:0
File type ASCII text, with very long lines (2669)
Hash 6652fb90acd6a8ad99b4871a7450299a
41514e3bd1bbe2db4e0a2fc79d5169478b243d73
7590ec2b048812104487db8b0d4a6d7b1cc09cb9cf3569dd0618466be7a6bbac
GET /maps-api-v3/embed/js/51/2/intl/it_ALL/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 21:52:44 GMT
expires: Thu, 30 Nov 2023 21:52:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 22:32:00 GMT
content-type: text/javascript
age: 58440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
santorotto.it/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
46.37.14.198200 OK 30 kB URL HTTP/2 santorotto.it/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
IP 46.37.14.198:0
File type ASCII text, with very long lines (11799)
Hash 38b0c6a3d32bf7f0e5a6ee6aa5f44f22
c7ad6342fa8f300921ef0e67b16f4b22ea9d0798
2c23a431144612cc99788d94c1ab74546e43c39a7ef80c55b61a098ad59864ff
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-2eec"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=21.1.4
46.37.14.198200 OK 72 kB URL HTTP/2 santorotto.it/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=21.1.4
IP 46.37.14.198:0
Hash 734ed026f08230be2f7ad7ea40db3583
f7ddb98a99e9f5ad73fee1ae2ff571f8faad7c77
6540c288d272bc365d754f920c536cec6f6182bfb2136575669a6c37709649ab
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-266a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=21.1.4
46.37.14.198200 OK 66 kB URL HTTP/2 santorotto.it/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=21.1.4
IP 46.37.14.198:0
File type ASCII text, with very long lines (365)
Hash ffc6239484b85ffab9f62d67a74976bc
dead534cb2a6a7d9261461e5d3574c98add757f1
dfd0be24d16861a5318d3e32a030e851ebb2848a11812d0404e84dd11610db0f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-48eb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2387
Expires: Thu, 01 Dec 2022 14:46:31 GMT
Date: Thu, 01 Dec 2022 14:06:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2387
Expires: Thu, 01 Dec 2022 14:46:31 GMT
Date: Thu, 01 Dec 2022 14:06:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2387
Expires: Thu, 01 Dec 2022 14:46:31 GMT
Date: Thu, 01 Dec 2022 14:06:44 GMT
Connection: keep-alive
santorotto.it/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
46.37.14.198200 OK 9.7 kB URL HTTP/2 santorotto.it/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
IP 46.37.14.198:0
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash 43939d8a4d64c880f23b277ff63ed3ce
e9cf31617989987b3cde3bbeb06973c5b352666d
e3a2fc5d5a67fd4fd247b5911714438a33d11d63e1e49837f3dfaad9d1b3b2c3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-9b8c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2387
Expires: Thu, 01 Dec 2022 14:46:31 GMT
Date: Thu, 01 Dec 2022 14:06:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1e6b6ba4f82221b41c3d9129008c76d
2f9532d698b4c28df23e18bbb66399ec776d5b9f
218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: c08f55b2-7ac6-4dec-b53c-fd3f4533f9c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpBiGoHIAMFR2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bba3-69c2c2d05e55fd745caf1dce;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:09:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_Mb-0pBwp-pUyU2bdJ8MhrGHkk6VQgJmcGV9MfHwj_yGUMIYZkyrg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 10:48:24 GMT
age: 11900
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2dd5a4bcfd47db8f38544bf39ce3031
fa2217bae05b7beca2e12597eaad835298276b82
3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4762
x-amzn-requestid: b7c0e28a-de0d-443d-8bf4-900a964bf110
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uSFcMoAMF2CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc1-7abade3a670201cf1906b79f;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gZSkafSw8cXo9AChLOTVJW7r_hHLW8kaHlA-ED2_zFJwuUk1uS3VRw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:29:36 GMT
age: 2228
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:44:47 GMT
age: 58917
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7SqHjYIAMF8xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 12:31:43 GMT
age: 5701
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 58871
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.8.1
46.37.14.198200 OK 17 kB URL HTTP/2 santorotto.it/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.8.1
IP 46.37.14.198:0
Hash 1d16474ff4a4cee831e1190c507c0f5e
282f4c5339a494b9fa9fff6983f47500c0763501
6cd5768db1a019f9bdc6ae3e27779c198c1c2a2237c290f342dbf3dba7e25c70
GET /wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.8.1 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:26 GMT
etag: W/"5e6a35b2-583f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/assets/animations/animations.min.css?ver=21.1.4
46.37.14.198200 OK 28 kB URL HTTP/2 santorotto.it/wp-content/themes/betheme/assets/animations/animations.min.css?ver=21.1.4
IP 46.37.14.198:0
File type ASCII text, with very long lines (58508), with no line terminators
Hash 92c5a8447e7a1659d4784e79cfe50e20
2220e81f96bbd58b09c28eef83e63ab9abaec214
077f880893ef06df146b63ffca41d3645304095980597841287e558edcbd151e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/assets/animations/animations.min.css?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-e48c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/css/base.css?ver=21.1.4
46.37.14.198200 OK 49 kB URL HTTP/2 santorotto.it/wp-content/themes/betheme/css/base.css?ver=21.1.4
IP 46.37.14.198:0
File type ASCII text, with very long lines (464)
Hash 87f0daf86dc6cd4945d14cf988a14867
eff0613bdf4a9dc47399b2f9bc0754062322ad84
c4736a15ad3c15f106cc286734c5e0e9443fdba0099aa81962cb304a7bfc1b4e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/css/base.css?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-da6b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 66769
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 328ce221bcf3442f88d09373193ff594
63bfa2ea925aa2c188c664a7bf7af7b0e5417e60
21d5b5ec267430dba91b17f89a557aca5cd2a21535da18eb02ec69ed0e1b7371
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13411
x-amzn-requestid: 17fcc4e1-76c1-4eca-9235-c1a513bca24a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80FCQoAMFs1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-26da4f265d74215f31425eb9;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MttRByNp1C1ZeFFicFVa0w3XRyXJnUycPy2Izk8hzGEgXGdDqD3L3A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:48:17 GMT
age: 58714
etag: "63bfa2ea925aa2c188c664a7bf7af7b0e5417e60"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
santorotto.it/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
IP 46.37.14.198:0
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-f59"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=1.8.1
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=1.8.1
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=1.8.1 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:27 GMT
etag: W/"5e6a35b3-553f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/css/layout.css?ver=21.1.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/themes/betheme/css/layout.css?ver=21.1.4
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/css/layout.css?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-1ca47"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/css/responsive.css?ver=21.1.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/themes/betheme/css/responsive.css?ver=21.1.4
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/css/responsive.css?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-dceb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-60fc"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/css/shortcodes.css?ver=21.1.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/themes/betheme/css/shortcodes.css?ver=21.1.4
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/css/shortcodes.css?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-2171e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:43 GMT
etag: W/"5e6a35c3-2748"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/js/plugins.js?ver=21.1.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/themes/betheme/js/plugins.js?ver=21.1.4
IP 46.37.14.198:0
GET /wp-content/themes/betheme/js/plugins.js?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:34 GMT
etag: W/"5e6a35ba-2f7c3"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.1.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.1.4
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-71e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://santorotto.it/
Cookie: cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:44 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-718e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3
IP 46.37.14.198:0
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-fdb5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/
46.37.14.198200 OK 0 B IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:42 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=1.8.1
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=1.8.1
IP 46.37.14.198:0
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=1.8.1 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:27 GMT
etag: W/"5e6a35b3-b26"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-includes/js/jquery/jquery.js?ver=1.12.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:43 GMT
etag: W/"5e6a35c3-17a69"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-2172"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=1.8.1
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=1.8.1
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=1.8.1 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: text/css
last-modified: Thu, 12 Mar 2020 13:14:27 GMT
etag: W/"5e6a35b3-5c22"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A1%2C100%2C300%2C400%2C400italic%2C700%7CPatua+One%3A1%2C100%2C300%2C400%2C400italic%2C700&ver=5.1.15
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A1%2C100%2C300%2C400%2C400italic%2C700%7CPatua+One%3A1%2C100%2C300%2C400%2C400italic%2C700&ver=5.1.15
IP 142.250.74.106:0
GET /css?family=Roboto%3A1%2C100%2C300%2C400%2C400italic%2C700%7CPatua+One%3A1%2C100%2C300%2C400%2C400italic%2C700&ver=5.1.15 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 14:06:43 GMT
date: Thu, 01 Dec 2022 14:06:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-1afe4"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business-ingresso-reception.jpg
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business-ingresso-reception.jpg
IP 46.37.14.198:0
GET /wp-content/uploads/2019/04/hotel-santorotto-ristorante-sinalunga-valdichiana-business-ingresso-reception.jpg HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: image/jpeg
content-length: 455537
last-modified: Thu, 12 Mar 2020 13:14:37 GMT
etag: "5e6a35bd-6f371"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
santorotto.it/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-1aab"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.8.1
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.8.1
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.8.1 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:26 GMT
etag: W/"5e6a35b2-5d17"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:26 GMT
etag: W/"5e6a35b2-1cb35"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.1.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.1.4
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:33 GMT
etag: W/"5e6a35b9-cd96"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/style.css?ver=21.1.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/themes/betheme/style.css?ver=21.1.4
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/betheme/style.css?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Thu, 12 Mar 2020 13:14:34 GMT
etag: W/"15e-5a0a82255f579"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.8.1
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.8.1
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.8.1 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:26 GMT
etag: W/"5e6a35b2-1e970"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-content/themes/betheme/js/menu.js?ver=21.1.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-content/themes/betheme/js/menu.js?ver=21.1.4
IP 46.37.14.198:0
GET /wp-content/themes/betheme/js/menu.js?ver=21.1.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2020 13:14:34 GMT
etag: W/"5e6a35ba-98d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
santorotto.it/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
46.37.14.198200 OK 0 B URL HTTP/2 santorotto.it/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
IP 46.37.14.198:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4 HTTP/1.1
Host: santorotto.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://santorotto.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:06:43 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 08:33:34 GMT
etag: W/"6077fa5e-c46"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2