Report - www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf

Report Overview

Submitted URL
www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
IP
80.88.87.77
ASN
#31034 Aruba S.p.A.
Submitted
2022-09-01 09:46:57
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
46

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-07T05:09:18Z	331 B	700 B	142.250.74.3
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	648 B	499 B	31.13.72.36
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-07T05:09:22Z	3.2 kB	69 kB	34.120.237.76
www.corsisj2000.it	unknown			16 kB	135 kB	80.88.87.77
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-07T05:09:06Z	758 B	2.7 kB	143.204.55.27
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-07T05:09:06Z	401 B	5.8 kB	143.204.55.110
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-07T05:09:07Z	594 B	127 B	52.89.255.30
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-07T05:09:11Z	1.2 kB	51 kB	31.13.72.12
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-07T08:27:55Z	1.3 kB	21 kB	142.250.74.174
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-07T05:09:07Z	1.3 kB	3.5 kB	23.36.76.226
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-07T05:09:06Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-07T09:34:07Z	658 B	1.5 kB	93.184.220.29
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-07T05:10:14Z	408 B	6.6 kB	69.16.175.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-01	medium	www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-content/themes/sj2000/fonts/bebasneue-webfont.woff2	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-content/themes/sj2000/fonts/nimbussannovtheacon-webfont.woff2	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-content/themes/sj2000/fonts/nimbussannovtmedcon-webfont.woff2	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-content/plugins/customer-area/skins/frontend/default-v4/assets/css/styles.min.css?ver=6.1.1	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-content/themes/sj2000/js/jquery.uniform.min.js	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.4.11	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-includes/css/dist/block-library/style.min.css?ver=5.4.11	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-content/plugins/custom-registration-form-builder-with-submission-manager/css/crf-style-default.css?ver=5.4.11	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-content/themes/sj2000/js/imgLiquid-min.js	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-content/themes/sj2000/js/core.js	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-includes/css/dashicons.min.css?ver=5.4.11	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.3.2	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-includes/js/wp-emoji-release.min.js?ver=5.4.11	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-content/themes/sj2000/js/jquery.bxslider.min.js	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-content/themes/sj2000/js/modernizr.custom.84053.js	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-content/themes/sj2000/js/jquery.min.js	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-content/plugins/customer-area/libs/bootstrap/js/collapse.js?ver=6.1.1	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-content/plugins/customer-area/libs/bootstrap/js/dropdown.js?ver=6.1.1	Phishing
2022-09-01	medium	www.corsisj2000.it/wp-includes/js/wp-embed.min.js?ver=5.4.11	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (28)

	URL	Size	First Seen	Last Seen
	www.corsisj2000.it/wp-content/themes/sj2000/js/jquery.bxslider.min.js	19 kB	2023-03-07	2024-04-22
Pretty URL www.corsisj2000.it/wp-content/themes/sj2000/js/jquery.bxslider.min.js IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:38 Last Seen2024-04-22 11:43:57 Times Seen86 Hash 5c83038b12fd87f6d6b489e43954e6b6 a16b99c6348bc563c1bb8cb78e318505f019bb8c 3689c3ef836a9b42eac35e963ccba2af7f4506dcd49c4895965d29bdf089f60a Loading...

	www.corsisj2000.it/wp-content/themes/sj2000/js/jquery.min.js	96 kB	2023-03-07	2024-04-19
Pretty URL www.corsisj2000.it/wp-content/themes/sj2000/js/jquery.min.js IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:24 Last Seen2024-04-19 07:51:17 Times Seen1362 Hash 9aecea3830b65ecad103ee84bd5fe294 47ecdf62eb3cf45ba4867846cb61afa70369d23a a271a3f9e3cae897ced669d6652699e947928ef095e56384c4f9dd04bbb942ec Loading...

	www.corsisj2000.it/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4	3.9 kB	2023-03-07	2024-04-15
Pretty URL www.corsisj2000.it/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:28 Last Seen2024-04-15 15:38:28 Times Seen3887 Hash e6784d91bf2c668bc4093063c5b15113 687e1d2e957a821280dbd205ae66182f16dfdc30 194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17 Loading...

	www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf	654 B	2023-03-07	2024-01-25
Pretty URL www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:38 Last Seen2024-01-25 20:55:41 Times Seen12 Hash e206cd61362a36982207140ac03b12f2 abd41d789c13873d024d63546059ba1f8efbec1b e8b181fc241adc750111f2d28a75203462603eea9e3610d13f35da49ec9fbd78 Loading...

	connect.facebook.net/signals/plugins/identity.js?v=2.9.78	65 kB	2023-03-07	2023-03-17
Pretty URL connect.facebook.net/signals/plugins/identity.js?v=2.9.78 IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2023-03-17 12:55:45 Times Seen1 Hash f5c40477b0b66b551c4b722e73f921c1 8483804ee9c9dcf3ecf6a017f293239c0f4c69ad d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23 Loading...

	www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf	215 B	2023-03-07	2024-04-22
Pretty URL www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:11 Last Seen2024-04-22 18:20:55 Times Seen2905 Hash 35cbb7b9895191e5bfe46064786c9d54 26a3d66370d64124f84a78d0eff4fff02c6b6991 c2982a05f154f49ade6e669b1521734bb5b5e63503edc841e56e957b31063ec5 Loading...

	www.corsisj2000.it/wp-includes/js/wp-embed.min.js?ver=5.4.11	1.4 kB	2023-03-07	2024-04-22
Pretty URL www.corsisj2000.it/wp-includes/js/wp-embed.min.js?ver=5.4.11 IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-22 22:46:20 Times Seen6871 Hash 905225d5711b559d3092387d5ffbedbd 6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991 Loading...

	www.corsisj2000.it/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4	36 kB	2023-03-07	2024-03-27
Pretty URL www.corsisj2000.it/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4 IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:50 Last Seen2024-03-27 18:44:49 Times Seen801 Hash a236bd4097fcbfb009f64238dc4443a1 ddbeeaa10749e4a74fe624ced0531b9243235dd2 2c3f3b95a692312d9b75815ecb949a40c2a701ff148fe865fde55556c810a22c Loading...

	www.corsisj2000.it/wp-content/plugins/customer-area/libs/bootstrap/js/collapse.js?ver=6.1.1	4.8 kB	2023-03-07	2023-08-06
Pretty URL www.corsisj2000.it/wp-content/plugins/customer-area/libs/bootstrap/js/collapse.js?ver=6.1.1 IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:38 Last Seen2023-08-06 15:30:05 Times Seen3 Hash fe38bb85d5b1696380506bfda6c68370 e78aa37f1683fec34f843e8a89a7529ba43f0d55 0576c4ae6a31718f13ef94a1feb7553c96f39df52afd81f4ea75c33081b0474e Loading...

	www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf	382 B	2023-03-07	2024-04-11
Pretty URL www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:11 Last Seen2024-04-11 14:36:29 Times Seen1005 Hash fc9be1f90b34ea9b460669e6d39663ed a5df6bb03ac3c2a09f07e0bc7ab0b5f9553b5c8e 31bd4b0882dd13a90dab3b1fb9795f645979fa959e17f5873865fe1a5f9f912c Loading...

	connect.facebook.net/signals/config/744282613456576?v=2.9.78&r=stable	299 kB	2023-03-07	2023-03-07
Pretty URL connect.facebook.net/signals/config/744282613456576?v=2.9.78&r=stable IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:38 Last Seen2023-03-07 12:02:38 Times Seen1 Hash 10cf27b30bcdbeef564577e60a29acc7 e2e7cb32644ece0e5bba69f064faa64400135c39 9dbed7b1ab34fc1d77311d37b07fb2d465b019581ab128e1590c1bb841b74ab6 Loading...

	www.corsisj2000.it/wp-content/plugins/customer-area/libs/bootstrap/js/dropdown.js?ver=6.1.1	4.2 kB	2023-03-07	2023-08-06
Pretty URL www.corsisj2000.it/wp-content/plugins/customer-area/libs/bootstrap/js/dropdown.js?ver=6.1.1 IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:38 Last Seen2023-08-06 15:30:05 Times Seen3 Hash 6963be10a2133f227f3486faa39069f5 64a75c6ad41874ca3eff114a995feee1f1cdd115 7e6f445218c1b043205fa5e6325d195475a01aa0fc27bdea9c94be2c2eb2d504 Loading...

	www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf	33 B	2023-03-07	2024-04-10
Pretty URL www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:11 Last Seen2024-04-10 08:27:28 Times Seen468 Hash 5850b11cf2e56e5715422af511623acb 06f00cd661cdab1c17d5205f3663ad18cb4286fa 658df6612fe50894b16579a987b8d181956854ba1e23e47f0e3dd0cd92b1e668 Loading...

	www.corsisj2000.it/wp-includes/js/wp-emoji-release.min.js?ver=5.4.11	14 kB	2023-03-07	2024-04-18
Pretty URL www.corsisj2000.it/wp-includes/js/wp-emoji-release.min.js?ver=5.4.11 IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-18 02:51:38 Times Seen2868 Hash c8d5a4cd14632bc2bdf15b5e45ca9d4d cdf210b710c2792eda450a1a11e5dc1f8dae8594 956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694 Loading...

	www.corsisj2000.it/wp-content/themes/sj2000/js/core.js	2.6 kB	2023-03-07	2023-08-06
Pretty URL www.corsisj2000.it/wp-content/themes/sj2000/js/core.js IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:38 Last Seen2023-08-06 15:30:05 Times Seen2 Hash 76306e2854475bcb7509eca365141a77 e9338dacd0bf86d86548eb15c21726eb46f084bc ad5bc7fe3b2a713aa3e53b7f897179db7261e5dfb240d9549455a2f646f269a4 Loading...

	www.corsisj2000.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1	10 kB	2023-03-07	2024-04-23
Pretty URL www.corsisj2000.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-23 05:14:55 Times Seen37149 Hash 7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Loading...

	www.corsisj2000.it/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.3.2	9.3 kB	2023-03-07	2024-04-07
Pretty URL www.corsisj2000.it/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.3.2 IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-07 18:52:19 Times Seen400 Hash 6a229fc927df63e2b5f436bb01d2c37f d09285c647f007d920a36aced75a0179d40ff4cb dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8 Loading...

	www.corsisj2000.it/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp	97 kB	2023-03-07	2024-04-20
Pretty URL www.corsisj2000.it/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:38 Last Seen2024-04-20 09:49:39 Times Seen17722 Hash 49edccea2e7ba985cadc9ba0531cbed1 f8747f8ee704d9af31d0950015e01d3f9635b070 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Loading...

	www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf	480 B	2023-03-07	2023-03-07
Pretty URL www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:38 Last Seen2023-03-07 12:02:38 Times Seen1 Hash c408b3fefd37f8b4232f9aa0d80774a1 41d10f7943f39c162c407cd40254a06edeb735a4 0d0d908b1528a8ea1c87f08801aabe7d950648c0b4393c33d587c28c8d623319 Loading...

	www.corsisj2000.it/wp-content/themes/sj2000/js/imgLiquid-min.js	5.1 kB	2023-03-07	2024-04-19
Pretty URL www.corsisj2000.it/wp-content/themes/sj2000/js/imgLiquid-min.js IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:30 Last Seen2024-04-19 12:10:07 Times Seen82 Hash bad96a259d72d0b3e1987f6c254b6009 5d53fed1295f66c30406a11bf529b00b1e7cc6a3 cf870c4dda3ba0d8cac654a81837bacdb183c4106ef6ed12663019b3cc739960 Loading...

	www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf	82 B	2023-03-07	2023-03-07
Pretty URL www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:38 Last Seen2023-03-07 12:02:38 Times Seen1 Hash f475fbb9e6c1298d33bb8144527e085b 76887a8c5dae3bfb1cbc3dbc9cc67b7bc07e90e3 354e70043775572ca4b8856bb61b2e5439dc271edc245e2049b32ff15ea532f3 Loading...

	www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf	428 B	2023-03-07	2023-08-06
Pretty URL www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:38 Last Seen2023-08-06 15:30:05 Times Seen2 Hash a08e53b262536e6be5ff1f0e46f57c9d 2d9f2482f912a215d5a984c878413a0965cf9484 8010503e7f1464c4f38e04c42976bc8bffc4fef1c5928c7a0e252c3998f89e6a Loading...

	connect.facebook.net/en_US/fbevents.js	103 kB	2023-03-07	2023-03-10
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:32 Last Seen2023-03-10 21:11:15 Times Seen1 Hash 5305b4c3687465914bde30aa6b980757 d60bd17643d1af61efc22a75d62efa91d7f1fa68 f62054be93b9f30643e209e390ae4299eb0501d1d89d9c8a3c6ee496ea9bd99c Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-04-18
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-18 21:14:10 Times Seen840 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	www.corsisj2000.it/wp-content/themes/sj2000/js/modernizr.custom.84053.js	14 kB	2023-03-07	2023-08-06
Pretty URL www.corsisj2000.it/wp-content/themes/sj2000/js/modernizr.custom.84053.js IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:38 Last Seen2023-08-06 15:30:05 Times Seen3 Hash 11477dab291474ceeaf05e08e4f9031b f3784c60df9ba34ce27287e41d801c1586a4ab6b 4e3b2ca118777c877bfc055b4b9276fe25972c62d5cb8eec5f1b13e86597768a Loading...

	www.corsisj2000.it/wp-content/themes/sj2000/js/jquery.uniform.min.js	8.3 kB	2023-03-07	2024-04-17
Pretty URL www.corsisj2000.it/wp-content/themes/sj2000/js/jquery.uniform.min.js IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:32 Last Seen2024-04-17 13:10:38 Times Seen680 Hash 2842654782a75cbbc8cd66c60b72631d ef3a49fe1bcf31cca95cdee5563928a850a1b154 8a41d60f7762f2db0792fd909c3c09725f93d8fe1e94efcb2ca04293921e277a Loading...

	www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf	2.3 kB	2023-03-07	2023-03-07
Pretty URL www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:38 Last Seen2023-03-07 12:02:38 Times Seen1 Hash b01edfa625eae3fccead4b787cbb729c 5670a009c577c64b0341151ba32265003fc11852 4f087f8b855bcceda65b6c548141cc705ff81df51987dbd1308c13707a5a960d Loading...

	www.corsisj2000.it/wp-content/plugins/customer-area/libs/bootstrap/js/transition.js?ver=6.1.1	1.5 kB	2023-03-07	2023-08-06
Pretty URL www.corsisj2000.it/wp-content/plugins/customer-area/libs/bootstrap/js/transition.js?ver=6.1.1 IP 80.88.87.77 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:38 Last Seen2023-08-06 15:30:05 Times Seen3 Hash 73b86346a2de6c461c0f580aed607a35 1af446d44db86e3fedc4c0fd59488f65a8c42d03 d65f2c5b1a9010cdc69bdcdef617d2fcbf47ed545f8093cfb553ebcc290f5f73 Loading...

HTTP Transactions (56)

URL IP Response Size

www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf

80.88.87.77

301 Moved Permanently

162 B

URL HTTP/1.1
www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2022/06/giayit.pdf HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 01 Sep 2022 09:46:46 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8799
Expires: Thu, 01 Sep 2022 12:13:25 GMT
Date: Thu, 01 Sep 2022 09:46:46 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 09:31:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Vo31jcGVS_rJnbHbDmJQEwwz92bHUoBtcFColrxbtg_CiMeCbYFDPg==
Age: 920

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VFnwHtcC5fgas4d_noC7H9Ew8LRjLR-Q4M_b1j4PnFcvuhPGKzE3ww==
age: 30690
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2d97ea37f34010f72f0a73f0c6c56a48
258307d096ffe4dc496230d0d5e904d34ab5e904
ae658336ab7ea352a7cee923e807878d3e606fd1ccecfd3bc267f359c931ec6f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE658336AB7EA352A7CEE923E807878D3E606FD1CCECFD3BC267F359C931EC6F"
Last-Modified: Wed, 31 Aug 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21595
Expires: Thu, 01 Sep 2022 15:46:42 GMT
Date: Thu, 01 Sep 2022 09:46:47 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 01 Sep 2022 08:57:05 GMT
Cache-Control: max-age=3600
Expires: Thu, 01 Sep 2022 09:55:24 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ulwGoFNtcF1bBkbeTpqCglyS4j8G602xRn2e-NQ_s8MhKvr7YVXwIw==
Age: 2982

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
83be4ca2ebb87af44323dd073807bc9e
3ef0ca2b0c351c7d1eb1b7f4daeba6453a632fc6
1ba9c4dbdbd577bf443bc6499ab1edb2e0ea3b382f529fdc2d98021276a3158b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6506
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 09:46:47 GMT
Last-Modified: Thu, 01 Sep 2022 07:58:21 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

code.jquery.com/ui/1.11.0/themes/smoothness/jquery-ui.css?ver=5.4.11

69.16.175.10

200 OK

6.1 kB

URL HTTP/2
code.jquery.com/ui/1.11.0/themes/smoothness/jquery-ui.css?ver=5.4.11
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (1339)
Size
6.1 kB (6132 bytes)
Hash
e5c5ed0e0ea2b8cefdd4a5e9ae3e6642
e629ba212bd59ed026e605cb2dacec1629ad8d60
5252969a190dbbb7636f7b3808d8f46f6af26e6701dc7533479f372091911b00

HTTP Headers

GET /ui/1.11.0/themes/smoothness/jquery-ui.css?ver=5.4.11 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Sep 2022 09:46:47 GMT
content-encoding: gzip
content-length: 6132
content-type: text/css
last-modified: Wed, 16 Feb 2022 10:50:40 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd700-8005"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1662025607.dop017.sk1.t,1662025607.cds068.sk1.hn,1662025607.cds251.sk1.c
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-content/themes/sj2000/img/logo.jpg

80.88.87.77

200 OK

13 kB

URL HTTP/2
www.corsisj2000.it/wp-content/themes/sj2000/img/logo.jpg
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 275x93, components 3\012- data
Size
13 kB (12780 bytes)
Hash
8267945777dda53678adf6b146f73676
1a4503ce0c39ebf322d8da0b2ae60d95dcd01480
00525433a435fdad0cad507e2aa67d5b9270ab0e7ec65240ca6daa65929c6cd0

HTTP Headers

GET /wp-content/themes/sj2000/img/logo.jpg HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: image/jpeg
content-length: 12780
last-modified: Wed, 22 Apr 2020 15:30:18 GMT
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: "5ea0630a-31ec"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.89.255.30

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.255.30:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: b9THqeckbP2IIlxMpI48gw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vrGP6z2FEx84hAocd2UXVHaTK3g=

www.corsisj2000.it/wp-content/themes/sj2000/img/nav_arrowDown.png

80.88.87.77

200 OK

947 B

URL HTTP/2
www.corsisj2000.it/wp-content/themes/sj2000/img/nav_arrowDown.png
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type
PNG image data, 7 x 4, 8-bit/color RGBA, non-interlaced\012- data
Size
947 B (947 bytes)
Hash
c23d937daed93596f62de9a8b0907dc7
5e33631945eabfaf2e5e73af2670be338dc4e09b
f9c7b30f5e14405432bc9d8a977663cab8fad79ef698773f7b087725f74e70fe

HTTP Headers

GET /wp-content/themes/sj2000/img/nav_arrowDown.png HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/themes/sj2000/style.css
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: image/png
content-length: 947
vary: User-Agent
x-accel-version: 0.01
last-modified: Wed, 22 Apr 2020 15:30:16 GMT
etag: "3b3-5a3e2cf18d200"
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-content/themes/sj2000/fonts/bebasneue-webfont.woff2

80.88.87.77

200 OK

16 kB

URL HTTP/2
www.corsisj2000.it/wp-content/themes/sj2000/fonts/bebasneue-webfont.woff2
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type
Web Open Font Format (Version 2), TrueType, length 15692, version 1.6619\012- data
Size
16 kB (15692 bytes)
Hash
2d696f85741fd8227bb8cce7dd346c59
bf59d86ec86f508cccafbf64a567ecfb5ab621ca
9daf2cf2dda9e973a46d35aa6d7f53f841876d9ddfa12385417e17dbd2aa07d6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/sj2000/fonts/bebasneue-webfont.woff2 HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/themes/sj2000/style.css
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: font/woff2
content-length: 15692
last-modified: Wed, 22 Apr 2020 15:30:06 GMT
etag: "5ea062fe-3d4c"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-content/themes/sj2000/fonts/nimbussannovtheacon-webfont.woff2

80.88.87.77

200 OK

22 kB

URL HTTP/2
www.corsisj2000.it/wp-content/themes/sj2000/fonts/nimbussannovtheacon-webfont.woff2
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type
Web Open Font Format (Version 2), TrueType, length 22216, version 1.327\012- data
Size
22 kB (22216 bytes)
Hash
97ba1d72e3e49157e26bf911dabce6b0
ac48bd49d7fc3d136b7b82fae50a0e067fc8d81d
e04832c4254108f219b87f7153328b2a10d55634f182e912dae9311030ef541b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/sj2000/fonts/nimbussannovtheacon-webfont.woff2 HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/themes/sj2000/style.css
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: font/woff2
content-length: 22216
last-modified: Wed, 22 Apr 2020 15:30:04 GMT
etag: "5ea062fc-56c8"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-content/themes/sj2000/fonts/nimbussannovtmedcon-webfont.woff2

80.88.87.77

200 OK

22 kB

URL HTTP/2
www.corsisj2000.it/wp-content/themes/sj2000/fonts/nimbussannovtmedcon-webfont.woff2
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type
Web Open Font Format (Version 2), TrueType, length 22388, version 1.327\012- data
Size
22 kB (22388 bytes)
Hash
03c6941eadcd4e2dbf6322f304089e1d
bd763a62a6793c1617dc0eaf5a16043a74d00833
182a430eff3f6826178de6e8f976b5c49bb04922898b9d04d1edf7319d9c32b3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/sj2000/fonts/nimbussannovtmedcon-webfont.woff2 HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/themes/sj2000/style.css
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: font/woff2
content-length: 22388
last-modified: Wed, 22 Apr 2020 15:30:04 GMT
etag: "5ea062fc-5774"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-content/plugins/customer-area/skins/frontend/default-v4/assets/css/styles.min.css?ver=6.1.1

80.88.87.77

200 OK

41 kB

URL HTTP/2
www.corsisj2000.it/wp-content/plugins/customer-area/skins/frontend/default-v4/assets/css/styles.min.css?ver=6.1.1
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
41 kB (41362 bytes)
Hash
49079405b63916c8092a8ee8e9f48500
09d6c4444696fd0bb470823b40dd63720397e6a9
c4a6c6151fd951943ae22eb8be5cc5a609de0a39c4b80aa38653b3fb6636cf35

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/customer-area/skins/frontend/default-v4/assets/css/styles.min.css?ver=6.1.1 HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: text/css
last-modified: Wed, 24 Jun 2020 14:54:33 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"5ef36929-2665c"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-content/themes/sj2000/js/jquery.uniform.min.js

80.88.87.77

200 OK

3.3 kB

URL HTTP/2
www.corsisj2000.it/wp-content/themes/sj2000/js/jquery.uniform.min.js
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (8308), with no line terminators
Size
3.3 kB (3323 bytes)
Hash
3c3fa4347d499aec4359bcd7a5a8c3dc
5e4e089c91af3c0d61a8e18565c0649a28fd2aa5
df451a1e2e5e113c2d1330843796af2ed4c1be582c673636def47ee32e7ecbd5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/sj2000/js/jquery.uniform.min.js HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: application/javascript
last-modified: Wed, 22 Apr 2020 15:30:02 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"5ea062fa-2074"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (26683 bytes)
Hash
3886a53246a3dfaac5f51aade9081703
3b5d9435d9630584c20a57aac39e497d8eace989
aa1df43802d0b9cd71d4f1beb49efdfe2e6f4665862c2510d90ddeb0ca7453c8

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 8vQ5vozDW2R4tKnJTsHkYZxBILH62BNWMygTmC0Nf2MCR3OkTlei3qmtbv/oKeItN54JLBXiZKpooBjNNSDrqg==
priority: u=3,i
content-length: 26683
x-fb-trip-id: 1904183273
date: Thu, 01 Sep 2022 09:46:48 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.4.11

80.88.87.77

200 OK

1.5 kB

URL HTTP/2
www.corsisj2000.it/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.4.11
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (5461), with no line terminators
Size
1.5 kB (1481 bytes)
Hash
73bfb8e43d8a1e4f59bcfca9d945c44e
0b06ea4cafe390ab1c69eb9f6349c709e4a7b160
4b053459f9d2f61d839f8009469a2e7fe6b4e8016b0dc0028f7720f21495d51a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/cookie-notice/css/front.min.css?ver=5.4.11 HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: text/css
last-modified: Wed, 24 Jun 2020 15:01:33 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"5ef36acd-1555"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Thu, 01 Sep 2022 08:41:12 GMT
expires: Thu, 01 Sep 2022 10:41:12 GMT
cache-control: public, max-age=7200
age: 3936
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
345c982ec6af16250abc3cfceefc2aca
66711b2640ee505b079e907bbce2233cad0b687c
b3bac8ebd249787713bae59dd97a45da5d9728d2615a91fa9778c3fc20a8f1e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5556
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 09:46:48 GMT
Last-Modified: Thu, 01 Sep 2022 08:14:12 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/signals/plugins/identity.js?v=2.9.78

31.13.72.12

200 OK

21 kB

URL HTTP/2
connect.facebook.net/signals/plugins/identity.js?v=2.9.78
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (60036)
Size
21 kB (20715 bytes)
Hash
703b94b52d28f1e141de2f87bf8c1c1c
e2c615d215960b30a3d750fd277076fc48106106
c363dae6148c5c4822fd1083a8850e0682f710714c21fe3da6de7bebd5b806fd

HTTP Headers

GET /signals/plugins/identity.js?v=2.9.78 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: SUJsIvIgxxOSmANkkXsXZk90MuHR8E47F1DNoicpXTQSdVggii3TgXgaQDZyToTMgX8BQfLpg8Aj9cPi4iB4Ug==
content-length: 20715
x-fb-trip-id: 1904183273
date: Thu, 01 Sep 2022 09:46:48 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fc8ab005623fccad97ec544c1b7ff472
afb4a818db5137fc07b986aa4e5a62ff0032096b
20e90eaeefc4c5e091fd10088cbd47d7774010d1ec9bfa9e00b023919ff47c76

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 09:46:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1958169770&t=pageview&_s=1&dl=https%3A%2F%2Fwww.corsisj2000.it%2Fwp-content%2Fuploads%2F2022%2F06%2Fgiayit.pdf&ul=en-us&de=UTF-8&dt=Pagina%20non%20trovata%20-%20Corsi%20SJ2000%20-%20Corsi%20SJ2000%20-%20Corsi%20pratici%20di%20preparazione%20all%27esame%20di%20avvocato%20in%20emilia%20romagna&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAEABAAAAAC~&jid=471458755&gjid=22123319&cid=1948944105.1662025608&tid=UA-40129440-1&_gid=2120664336.1662025608&_r=1&_slc=1&z=1725730851

142.250.74.174

200 OK

2 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1958169770&t=pageview&_s=1&dl=https%3A%2F%2Fwww.corsisj2000.it%2Fwp-content%2Fuploads%2F2022%2F06%2Fgiayit.pdf&ul=en-us&de=UTF-8&dt=Pagina%20non%20trovata%20-%20Corsi%20SJ2000%20-%20Corsi%20SJ2000%20-%20Corsi%20pratici%20di%20preparazione%20all%27esame%20di%20avvocato%20in%20emilia%20romagna&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAEABAAAAAC~&jid=471458755&gjid=22123319&cid=1948944105.1662025608&tid=UA-40129440-1&_gid=2120664336.1662025608&_r=1&_slc=1&z=1725730851
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

HTTP Headers

POST /j/collect?v=1&_v=j96&aip=1&a=1958169770&t=pageview&_s=1&dl=https%3A%2F%2Fwww.corsisj2000.it%2Fwp-content%2Fuploads%2F2022%2F06%2Fgiayit.pdf&ul=en-us&de=UTF-8&dt=Pagina%20non%20trovata%20-%20Corsi%20SJ2000%20-%20Corsi%20SJ2000%20-%20Corsi%20pratici%20di%20preparazione%20all%27esame%20di%20avvocato%20in%20emilia%20romagna&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAEABAAAAAC~&jid=471458755&gjid=22123319&cid=1948944105.1662025608&tid=UA-40129440-1&_gid=2120664336.1662025608&_r=1&_slc=1&z=1725730851 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.corsisj2000.it
Connection: keep-alive
Referer: https://www.corsisj2000.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://www.corsisj2000.it
date: Thu, 01 Sep 2022 09:46:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.corsisj2000.it/favicon.ico

80.88.87.77

302 Found

0 B

URL HTTP/2
www.corsisj2000.it/favicon.ico
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
server: nginx
date: Thu, 01 Sep 2022 09:46:48 GMT
content-type: text/html; charset=UTF-8
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://www.corsisj2000.it/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
vary: User-Agent
location: https://www.corsisj2000.it/wp-includes/images/w-logo-blue-white-bg.png
x-cache-status: BYPASS
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=744282613456576&ev=PageView&dl=https%3A%2F%2Fwww.corsisj2000.it%2Fwp-content%2Fuploads%2F2022%2F06%2Fgiayit.pdf&rl=&if=false&ts=1662025608161&sw=1280&sh=1024&v=2.9.78&r=stable&a=wordpress-5.4.11-3.0.6&ec=0&o=30&fbp=fb.1.1662025608160.17943675&it=1662025608004&coo=false&rqm=GET

31.13.72.36

200 OK

44 B

URL HTTP/2
www.facebook.com/tr/?id=744282613456576&ev=PageView&dl=https%3A%2F%2Fwww.corsisj2000.it%2Fwp-content%2Fuploads%2F2022%2F06%2Fgiayit.pdf&rl=&if=false&ts=1662025608161&sw=1280&sh=1024&v=2.9.78&r=stable&a=wordpress-5.4.11-3.0.6&ec=0&o=30&fbp=fb.1.1662025608160.17943675&it=1662025608004&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
44 B (44 bytes)
Hash
b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

HTTP Headers

GET /tr/?id=744282613456576&ev=PageView&dl=https%3A%2F%2Fwww.corsisj2000.it%2Fwp-content%2Fuploads%2F2022%2F06%2Fgiayit.pdf&rl=&if=false&ts=1662025608161&sw=1280&sh=1024&v=2.9.78&r=stable&a=wordpress-5.4.11-3.0.6&ec=0&o=30&fbp=fb.1.1662025608160.17943675&it=1662025608004&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
date: Thu, 01 Sep 2022 09:46:48 GMT
expires: Thu, 01 Sep 2022 09:46:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: 
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-includes/images/w-logo-blue-white-bg.png

80.88.87.77

200 OK

4.1 kB

URL HTTP/2
www.corsisj2000.it/wp-includes/images/w-logo-blue-white-bg.png
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4119 bytes)
Hash
000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

HTTP Headers

GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Connection: keep-alive
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e; _ga=GA1.2.1948944105.1662025608; _gid=GA1.2.2120664336.1662025608; _gat=1; _fbp=fb.1.1662025608160.17943675
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:48 GMT
content-type: image/png
content-length: 4119
last-modified: Wed, 24 Jun 2020 09:32:35 GMT
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:48 GMT
etag: "5ef31db3-1017"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4113
Expires: Thu, 01 Sep 2022 10:55:22 GMT
Date: Thu, 01 Sep 2022 09:46:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4113
Expires: Thu, 01 Sep 2022 10:55:22 GMT
Date: Thu, 01 Sep 2022 09:46:49 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F761bec2c-917c-4d76-b30f-d952432e80ae.jpeg

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F761bec2c-917c-4d76-b30f-d952432e80ae.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8243 bytes)
Hash
f6f2d3a00d6d7da233136a2f97288438
db7ad928f5cb3478e16a4827aa1324d5f0441aee
e52e34961bd591a719e421a2c42681ae4e7f53162e708c0e1cd23a032b8c1461

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F761bec2c-917c-4d76-b30f-d952432e80ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8243
x-amzn-requestid: cf7ca552-b255-4629-8115-9dd951f9c4c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3i4EKBoAMFxPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2df-38f269ff114135be10791fd7;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cgMiw354TldS7AQAID-oF-ueF9g9HBslGnMLTjOXiU4Sf6LTBVkILg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:41 GMT
age: 43748
etag: "db7ad928f5cb3478e16a4827aa1324d5f0441aee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11031 bytes)
Hash
494ba0180ab4b2b80ca11aeb67ae69ab
2082e9f809e97bbcaf6ff11846398aca472f9f0f
c6a707e79315677912fa7cf6ab592abf4377aa76e51ae5149d4bae7e663d6801

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 11031
x-amzn-requestid: bd49a4c9-205b-4553-90a3-308ebc6be818
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv4hOHzVoAMFl8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd46e-783de8c2461d7cb9167f734e;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fo9YF1JJrYUMp7y9uM7av78_409D9n4ZWSaeydPAH7HuQzd8vOPiRg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:36:46 GMT
age: 43803
etag: "2082e9f809e97bbcaf6ff11846398aca472f9f0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

17 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
17 kB (16818 bytes)
Hash
12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: 6950a3c5-2cdc-4a21-854c-10d925e32ecd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XiYLvHRSIAMFotQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a6d7e-6e98b9a77e592bd01afb1d97;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 19:16:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3eBLhLH4APXLyj9kLHXNCFT9ccS_bnBp5INvMI93IFvOuBMERe_GgQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 13:40:03 GMT
age: 72406
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda44a2d-49bb-4976-9f1b-f5040f20fde7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7037 bytes)
Hash
5462f9cd42022db20960e7e427a3435b
46c5459c2180470d9ef093e0462864a50aecec04
7a5d4e5f5640ea5e11e5ef09404c6c5c1b35274749a7008b8012c5596193e2d4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda44a2d-49bb-4976-9f1b-f5040f20fde7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7037
x-amzn-requestid: 87fe6c4c-b2f0-4253-a49a-9b7dbb25489e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdMltH-AIAMF8VQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63085af1-32d919c1565746a82988166d;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 05:32:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lzxHj95apcrjk7qJ79reTnyZunJJOo7TCWrhc9HnlfR-HGgcpH9Z9Q==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 04:04:57 GMT
age: 20512
etag: "46c5459c2180470d9ef093e0462864a50aecec04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9674 bytes)
Hash
b0f6c541f6335bb709d2270147bd5aed
b691ef5e7a302e2678302818130a9637c3efbe3a
e63922331a4463519e6df77ae7a1ad3316a36e54dd03c00ff6b119ee3fa684c5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 79dc68ea-ea2e-4eab-bab9-1c89b0a955a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjMSvHJ-oAMF6Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ac0de-2370cf5363d5f308121f0ca4;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 01:11:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1oGbbOSjJza6WWt0IDMqwsZkCk07uevGo0wML4y5LiexzhqlcHt3lA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 14:45:21 GMT
age: 68488
etag: "b691ef5e7a302e2678302818130a9637c3efbe3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10137 bytes)
Hash
ac4d5b101c9dc6a6f7e4bf252bfa9ca7
b844f3dcb14a2995644312406a80842e3f02a114
e81f08ce6d9c7670f6e291f3d6a674b624386bd550d5c364264c3ff8fb7c797a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10137
x-amzn-requestid: 7d5f19c4-7c9b-4aad-928c-bb44da795f1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaISzFY1IAMF-zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630720de-0ea5331041f0167a196f9820;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:12:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: h1ELVJBwpf4d3Fbspah-2KCSXx08D8_ZAgcZZjQSJdkMIUmtNmGJOw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 04:59:05 GMT
age: 17264
etag: "b844f3dcb14a2995644312406a80842e3f02a114"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

connect.facebook.net/signals/config/744282613456576?v=2.9.78&r=stable

31.13.72.12

200 OK

0 B

URL HTTP/2
connect.facebook.net/signals/config/744282613456576?v=2.9.78&r=stable
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /signals/config/744282613456576?v=2.9.78&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: KOjOp3EHTxGMvFHFjTMeMKi9Tg27/zUzq9aLsFMIZ7n22TvcLAcCDrsrsoOKZfaD8Y4QNyvUkEERmDQ/hSNCDg==
x-fb-trip-id: 1904183273
date: Thu, 01 Sep 2022 09:46:48 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-includes/css/dist/block-library/style.min.css?ver=5.4.11

80.88.87.77

200 OK

0 B

URL HTTP/2
www.corsisj2000.it/wp-includes/css/dist/block-library/style.min.css?ver=5.4.11
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.4.11 HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: text/css
last-modified: Wed, 24 Jun 2020 09:33:08 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"5ef31dd4-d159"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

80.88.87.77

200 OK

0 B

URL HTTP/2
www.corsisj2000.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: application/javascript
last-modified: Wed, 24 Jun 2020 09:33:00 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"5ef31dcc-2748"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-content/plugins/custom-registration-form-builder-with-submission-manager/css/crf-style-default.css?ver=5.4.11

80.88.87.77

200 OK

0 B

URL HTTP/2
www.corsisj2000.it/wp-content/plugins/custom-registration-form-builder-with-submission-manager/css/crf-style-default.css?ver=5.4.11
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/custom-registration-form-builder-with-submission-manager/css/crf-style-default.css?ver=5.4.11 HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: text/css
last-modified: Wed, 24 Jun 2020 15:27:27 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"5ef370df-17f4"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-content/themes/sj2000/js/imgLiquid-min.js

80.88.87.77

200 OK

0 B

URL HTTP/2
www.corsisj2000.it/wp-content/themes/sj2000/js/imgLiquid-min.js
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/sj2000/js/imgLiquid-min.js HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: application/javascript
last-modified: Wed, 22 Apr 2020 15:30:02 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"5ea062fa-13f2"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-content/themes/sj2000/js/core.js

80.88.87.77

200 OK

0 B

URL HTTP/2
www.corsisj2000.it/wp-content/themes/sj2000/js/core.js
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/sj2000/js/core.js HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: application/javascript
last-modified: Wed, 22 Apr 2020 15:30:02 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"5ea062fa-a34"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-includes/css/dashicons.min.css?ver=5.4.11

80.88.87.77

200 OK

0 B

URL HTTP/2
www.corsisj2000.it/wp-includes/css/dashicons.min.css?ver=5.4.11
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dashicons.min.css?ver=5.4.11 HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: text/css
last-modified: Fri, 16 Apr 2021 00:34:31 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"6078db97-b9cc"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf

80.88.87.77

404 Not Found

0 B

URL HTTP/2
www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2022/06/giayit.pdf HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: text/html; charset=UTF-8
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.corsisj2000.it/wp-json/>; rel="https://api.w.org/"
set-cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e; path=/
vary: Accept-Encoding, User-Agent
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.3.2

80.88.87.77

200 OK

0 B

URL HTTP/2
www.corsisj2000.it/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.3.2
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/cookie-notice/js/front.min.js?ver=1.3.2 HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: application/javascript
last-modified: Wed, 24 Jun 2020 15:01:33 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"5ef36acd-2474"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-content/plugins/customer-area/libs/bootstrap/js/transition.js?ver=6.1.1

80.88.87.77

200 OK

0 B

URL HTTP/2
www.corsisj2000.it/wp-content/plugins/customer-area/libs/bootstrap/js/transition.js?ver=6.1.1
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/customer-area/libs/bootstrap/js/transition.js?ver=6.1.1 HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: application/javascript
last-modified: Wed, 24 Jun 2020 14:53:28 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"5ef368e8-608"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-includes/js/wp-emoji-release.min.js?ver=5.4.11

80.88.87.77

200 OK

0 B

URL HTTP/2
www.corsisj2000.it/wp-includes/js/wp-emoji-release.min.js?ver=5.4.11
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.4.11 HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: application/javascript
last-modified: Fri, 16 Apr 2021 00:34:33 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"6078db99-363c"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4

80.88.87.77

200 OK

0 B

URL HTTP/2
www.corsisj2000.it/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: application/javascript
last-modified: Fri, 16 Apr 2021 00:34:32 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"6078db98-f59"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4

80.88.87.77

200 OK

0 B

URL HTTP/2
www.corsisj2000.it/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4 HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: application/javascript
last-modified: Fri, 16 Apr 2021 00:34:32 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"6078db98-8d4c"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-content/themes/sj2000/js/jquery.bxslider.min.js

80.88.87.77

200 OK

0 B

URL HTTP/2
www.corsisj2000.it/wp-content/themes/sj2000/js/jquery.bxslider.min.js
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/sj2000/js/jquery.bxslider.min.js HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: application/javascript
last-modified: Wed, 22 Apr 2020 15:30:02 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"5ea062fa-4abc"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-content/themes/sj2000/js/modernizr.custom.84053.js

80.88.87.77

200 OK

0 B

URL HTTP/2
www.corsisj2000.it/wp-content/themes/sj2000/js/modernizr.custom.84053.js
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/sj2000/js/modernizr.custom.84053.js HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: application/javascript
last-modified: Wed, 22 Apr 2020 15:30:02 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"5ea062fa-388a"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-content/themes/sj2000/js/jquery.min.js

80.88.87.77

200 OK

0 B

URL HTTP/2
www.corsisj2000.it/wp-content/themes/sj2000/js/jquery.min.js
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/sj2000/js/jquery.min.js HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: application/javascript
last-modified: Wed, 22 Apr 2020 15:30:02 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"5ea062fa-176bf"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-content/plugins/customer-area/libs/bootstrap/js/collapse.js?ver=6.1.1

80.88.87.77

200 OK

0 B

URL HTTP/2
www.corsisj2000.it/wp-content/plugins/customer-area/libs/bootstrap/js/collapse.js?ver=6.1.1
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/customer-area/libs/bootstrap/js/collapse.js?ver=6.1.1 HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: application/javascript
last-modified: Wed, 24 Jun 2020 14:53:28 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"5ef368e8-12e8"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

80.88.87.77

200 OK

0 B

URL HTTP/2
www.corsisj2000.it/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: application/javascript
last-modified: Wed, 24 Jun 2020 09:33:00 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"5ef31dcc-17a69"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-content/plugins/customer-area/libs/bootstrap/js/dropdown.js?ver=6.1.1

80.88.87.77

200 OK

0 B

URL HTTP/2
www.corsisj2000.it/wp-content/plugins/customer-area/libs/bootstrap/js/dropdown.js?ver=6.1.1
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/customer-area/libs/bootstrap/js/dropdown.js?ver=6.1.1 HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: application/javascript
last-modified: Wed, 24 Jun 2020 14:53:28 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"5ef368e8-1096"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-includes/js/wp-embed.min.js?ver=5.4.11

80.88.87.77

200 OK

0 B

URL HTTP/2
www.corsisj2000.it/wp-includes/js/wp-embed.min.js?ver=5.4.11
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-embed.min.js?ver=5.4.11 HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: application/javascript
last-modified: Fri, 16 Apr 2021 00:34:33 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"6078db99-592"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.corsisj2000.it/wp-content/themes/sj2000/style.css

80.88.87.77

200 OK

0 B

URL HTTP/2
www.corsisj2000.it/wp-content/themes/sj2000/style.css
IP
80.88.87.77:0
ASN
#31034 Aruba S.p.A.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/sj2000/style.css HTTP/1.1
Host: www.corsisj2000.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.corsisj2000.it/wp-content/uploads/2022/06/giayit.pdf
Cookie: PHPSESSID=15sk10n92v5a10vj6vol45f41e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:46:47 GMT
content-type: text/css
last-modified: Wed, 22 Apr 2020 15:30:02 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Sat, 01 Oct 2022 09:46:47 GMT
etag: W/"5ea062fa-a35e"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations