r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6524
Expires: Wed, 21 Sep 2022 23:38:14 GMT
Date: Wed, 21 Sep 2022 21:49:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 21:23:54 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: a_Tl27qTpagYG-N5pBL0yUp3mHzqhZRAsmEP4AYcbLl6k8eSel4aSw==
Age: 1536
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash afb65a07bf7214addf83d17a53acba32
a8e973204431320aa7b362a4e73944520c4b51b9
46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4810
Expires: Wed, 21 Sep 2022 23:09:40 GMT
Date: Wed, 21 Sep 2022 21:49:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +ovKVBS/5o4xxvaXmLcpk9V+Hyb4GFmcSylGTj8PGFyBjUklc64NXgjsQZ1JRdNxTM9YH7ZvNtgqpmCl0BcK2A==
x-amz-request-id: MPYABEE102RR9AFH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 21 Sep 2022 21:43:27 GMT
age: 363
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 21:49:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 21:03:22 GMT
Expires: Wed, 21 Sep 2022 21:55:43 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IQrLhps6b3BCydPO-EkkrBWdzTFhav58g9P5c8U9AHlwfD7wTw77wQ==
Age: 2769
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4274
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:49:31 GMT
Last-Modified: Wed, 21 Sep 2022 20:38:17 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.215.91.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.91.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pIX4YAtuBUclBg3J/GMueg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QuS2+C6p7dboji5JOShsRtpS8G0=
rosaroll70.it/
95.141.34.210301 Moved Permanently 0 B IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 21 Sep 2022 21:49:30 GMT
Server: Apache
Cache-Control: no-cache
X-Redirect-By: WordPress
Location: https://rosaroll70.it/
X-Powered-By: PHP/7.3.27, PleskLin
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bdeb4079bd8d27da76aa448b6f8eecca
fc5c53106fcd435f07b8c214fabdc020db818ea8
7110c3e764ef59c8b5684dcc6dbf09464ccd3d25c37b4e47a76a3376b8dd6e08
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7110C3E764EF59C8B5684DCC6DBF09464CCD3D25C37B4E47A76A3376B8DD6E08"
Last-Modified: Mon, 19 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 22 Sep 2022 03:49:32 GMT
Date: Wed, 21 Sep 2022 21:49:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4995
Expires: Wed, 21 Sep 2022 23:12:48 GMT
Date: Wed, 21 Sep 2022 21:49:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4995
Expires: Wed, 21 Sep 2022 23:12:48 GMT
Date: Wed, 21 Sep 2022 21:49:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 19:20:13 GMT
age: 8960
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1976af26c5d4a671c8298bffafc90ce3
9b17ad091f936a8dd50126ce9ad5f9a7fd7d55f8
2349b9e1233d43cf8d0ff273f8bf6147dda00314fd631a81cb278ce0b8e32684
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12545
x-amzn-requestid: 6720348a-0245-486b-a978-2df18eb4bd43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7YKHayIAMFo1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6325729a-2601f775219651777cba839c;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:09:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NdQpOGtyA7AxpmkvFf3K3IrkgSku9QQzQ4BvpoRfTv16Kj1Gr6n7oA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:34:13 GMT
age: 51320
etag: "9b17ad091f936a8dd50126ce9ad5f9a7fd7d55f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gLh2EBTPdXvFtZuYKH1NVZebvnz4Rhs-f_rZPtfJpIWNemEk0upeOQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:07:08 GMT
age: 85345
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7b780d39877eea116277625aaa01f1b
d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db
ca9d59056e0a3f512d36db11f4a4bd3109c2ce1e13b29b5f40dce84df079e71f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12654
x-amzn-requestid: efc99152-2b51-462d-b48b-67ba8263b1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOGVYoAMFcvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-00eeb6913e06ac151f293263;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nSWUmBqJPIBYNoLtyrfAN7CK4367b6TEku9eki8BGJVdTWW3dSyckw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 06:45:55 GMT
age: 54218
etag: "d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JEb0g486u6AjYFbf8rSbreKjh0m1GsAGbvykHl0oahmVN2ciqe5FOw==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:14:57 GMT
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
age: 84876
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dab1f2cd68979d2004ba4449d759a341
54ed14436a75ba2aeb8459bad2ce70229aff4203
e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mHDCIAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NzOpixfxr2pFiDhF5WUGmjD8r2CTn1grSkCEyWvthxRq0djbDKjknA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:15:05 GMT
age: 84868
etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rosaroll70.it/
95.141.34.210301 Moved Permanently 0 B IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Wed, 21 Sep 2022 21:49:32 GMT
Server: Apache
Cache-Control: no-cache
X-Redirect-By: WordPress
Location: https://www.rosaroll70.it/
X-Powered-By: PHP/7.3.27, PleskLin
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.rosaroll70.it/
95.141.34.210200 OK 19 kB IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 140cfee0645721278b42d09aa48f1aaa
29324100716b300984dde271da945dd5e4ebb8d3
bdcbf3cf7da931ed8f885e5557a81e0f25d835ab9bf4adbf93b14c00626f1afb
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Cache-Control: no-cache
Content-Encoding: gzip
WPO-Cache-Status: cached
Last-Modified: Fri, 02 Sep 2022 11:50:27 GMT
X-Powered-By: PHP/7.3.27, PleskLin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.rosaroll70.it/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.2
95.141.34.210200 OK 299 B URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
Hash 1e34ceaa9a4c96c3499483f5fe818671
55a92f1196d0155e2bf0632f0905b5b8000f5ad7
9738e8e5222b5802082be7a77e56ad9fdee06718da410f356504184fd08b56bf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 10:32:30 GMT
ETag: "2b5-5e17a09d4eb4e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 299
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.7.6
95.141.34.210200 OK 3.9 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.7.6
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
Hash 1772cbbd640ea9efce7b554623e8e193
ae022fea0d7a3ff5a9bd667c0d50f2ceb1db707d
3d9bced0e827ce09201dab158cbfa4a8e192e249963b74c6fd7d220db6a21d58
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.7.6 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Fri, 01 Feb 2019 08:23:55 GMT
ETag: "52a1-580d0dd2b8564-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 3884
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
95.141.34.210200 OK 1.2 kB URL HTTP/1.1 www.rosaroll70.it/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (4186), with no line terminators
Hash 30d57d7aa11190e44974cce8621f22c7
59f516369877009cce06ca45b1c296944bb674a4
094ae87a3d4cee4a1ddc5cada149c2deacabd4cf2e377b97fe4ca641142258ee
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:01:54 GMT
ETag: "105a-5b35c89d514ca-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1156
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-content/plugins/chaty/css/chaty-front.min.css?ver=1613033116
95.141.34.210200 OK 4.7 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/chaty/css/chaty-front.min.css?ver=1613033116
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (20627), with no line terminators
Hash cca00de9c2b2ac6dec93f2d3b495b67f
d5fd71be0a871978f9ad1d89b09ea8e9f38a7651
f5a18a93508fad83de50e8cf70fd4eaac166c764f156b7d7124ca7a11f244ed9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/chaty/css/chaty-front.min.css?ver=1613033116 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 11:31:00 GMT
ETag: "5093-5e7b01078d0c7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 4700
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
95.141.34.210200 OK 12 kB URL HTTP/1.1 www.rosaroll70.it/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (43771)
Hash e5548800176e913a9084f47a3e1e04f6
eff4604acc5c26ae82a19188de2f98bf5b79d80c
a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 11:36:33 GMT
ETag: "15b64-5e7b02459e5f4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 11681
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
95.141.34.210200 OK 972 B URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 11:38:04 GMT
ETag: "aab-5e7b029c490a2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 972
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.23
95.141.34.210200 OK 13 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.23
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash b519a21e842ed2a5ef25dd4e672f2b07
6ef5ae70007332f52e98a2b6075e019f663cf45e
ce51ceb46e7bc646f8212ed1f8a0089f5e3abc5236d0e323749e575b41ad27f5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.23 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:18:25 GMT
ETag: "ea95-5b35cc4ee0c94-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 12635
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
95.141.34.210200 OK 2.6 kB URL HTTP/1.1 www.rosaroll70.it/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (11256), with no line terminators
Hash 583529ff412cb2b255fa606024d1133e
8db4b0a0be402cc5e38488528791b73b0c7369d0
6fdf0933a8faf229b277740f401600834c00d0b204f7ed38293cd4abcdb3ea20
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Wed, 15 Sep 2021 09:29:49 GMT
ETag: "2bf8-5cc0556f1b175-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2592
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-content/themes/stockholm/style.css?ver=6.0.2
95.141.34.210200 OK 357 B URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/style.css?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
Hash 0408c3beabed3e13df770ca252eb0e56
cb53997d0ecfc4c8b6dd58ea62eb1fdb0e5761ac
30df913632f84b635b02daef5adddfb47008f645dd85f3b3db6dbf70ad8e5c6e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/style.css?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:28 GMT
ETag: "220-5b35c9693c6d3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 357
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-content/themes/stockholm/framework/modules/icons/font-awesome/css/font-awesome.min.css?ver=6.0.2
95.141.34.210200 OK 7.1 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/framework/modules/icons/font-awesome/css/font-awesome.min.css?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
GET /wp-content/themes/stockholm/framework/modules/icons/font-awesome/css/font-awesome.min.css?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "7918-5b35c9690c933-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 7053
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-content/themes/stockholm/framework/modules/icons/linear-icons/style.min.css?ver=6.0.2
95.141.34.210200 OK 1.6 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/framework/modules/icons/linear-icons/style.min.css?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (7935), with no line terminators
Hash 9d06fa63c6b3230d31dd789ebcd570c1
a0765916ee27f0592e0ddc90d0bd82ad45d54874
978313c2875a37e509be720673c174c7fceb6216d5a773e8323a3e8b884c0818
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/framework/modules/icons/linear-icons/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "1eff-5b35c96907b13-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1591
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-content/themes/stockholm/framework/modules/icons/elegant-icons/style.min.css?ver=6.0.2
95.141.34.210200 OK 4.2 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/framework/modules/icons/elegant-icons/style.min.css?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (21769), with no line terminators
Hash f3a17950a8e7faa7352af4b55d655c4b
492ddab7dfd9e14e7334d92ecedafc5c1940a2cc
d645008ee7f2e849c441b8de7e09a40ec0585095fe201dc87b29408ae1593cac
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/framework/modules/icons/elegant-icons/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "5509-5b35c96903c93-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 4166
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-content/themes/stockholm/framework/modules/icons/linea-icons/style.min.css?ver=6.0.2
95.141.34.210200 OK 8.5 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/framework/modules/icons/linea-icons/style.min.css?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (369)
Hash ca607cc91c5ae75052789fa1acaf55ab
672a06dd342416c388eccb7a28f71e237b2a3b56
6617f5a5b5907576bd905ce6538f17c4fcad83eaed849f5cec95a76f5bd98483
GET /wp-content/themes/stockholm/framework/modules/icons/linea-icons/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:28 GMT
ETag: "13100-5b35c9691a3f3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 8452
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-content/themes/stockholm/framework/modules/icons/ion-icons/style.min.css?ver=6.0.2
95.141.34.210200 OK 8.4 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/framework/modules/icons/ion-icons/style.min.css?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type Unicode text, UTF-8 text, with very long lines (52257)
Hash ae4e8380bd393f766710ad6e97af3b49
0f6febe614b838f34410ac641e87429ea9a24da7
73cba75c2bcba392bfd692c38d2bd0bb9170f7999c454d26057b85d182515112
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/framework/modules/icons/ion-icons/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "cdff-5b35c968ffe13-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 8361
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-content/themes/stockholm/css/style_dynamic.css?ver=1604586168
95.141.34.210200 OK 5.4 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/css/style_dynamic.css?ver=1604586168
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (1297)
Hash 0d87019ea0d0ddddcb79f72108de9048
d1fe3184a9df6eace125423c6f5da75bbbfa6143
4f516a763fcb2902f68eaea27c98f1893347df609e0c00f3e0ac88e1b9775f04
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/css/style_dynamic.css?ver=1604586168 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:22:48 GMT
ETag: "81d2-5b35cd49abe9f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 5413
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-content/themes/stockholm/css/style_dynamic_responsive.css?ver=1604586168
95.141.34.210200 OK 194 B URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/css/style_dynamic_responsive.css?ver=1604586168
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
Hash 7acf723933bf0a5438960410855b2d53
903e37fec0a97c14dac87dc9a1e72b9cebf8dd3e
17b0a6f21036b622d1742ff14479304f2c265ce79f02e5e69afd12a5afda4559
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/css/style_dynamic_responsive.css?ver=1604586168 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:22:48 GMT
ETag: "226-5b35cd49abe9f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 194
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-content/themes/stockholm/css/vertical_responsive.min.css?ver=6.0.2
95.141.34.210200 OK 3.4 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/css/vertical_responsive.min.css?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (26225), with no line terminators
Hash 4c47cdca528b78c14a213cb2d0d8712e
4622961edc3329b5d6787493208b6aceb2b9a401
9300a840c36d18141d08031baa2b67bcc94d88c760a73423bc1c92f456aa4489
GET /wp-content/themes/stockholm/css/vertical_responsive.min.css?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:28 GMT
ETag: "6671-5b35c9694d073-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 3371
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-content/themes/stockholm/css/responsive.min.css?ver=6.0.2
95.141.34.210200 OK 10 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/css/responsive.min.css?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4cae66d168d4dbe93babb0e30d204a9a
19cb9f37047b1ce985916e95df20874f2083e38d
451ecea43dd4760afb1bf8e697148f6d1a2a50282101a68cb9939d9c591a52f2
GET /wp-content/themes/stockholm/css/responsive.min.css?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:28 GMT
ETag: "137bb-5b35c969637d3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 10104
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-content/themes/stockholm-child/style.css?ver=6.0.2
95.141.34.210200 OK 184 B URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm-child/style.css?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with CR line terminators
Hash 9a7712aee7446e9b97680c534091a976
fda34a021121fc90a9573184eb17db396a65a742
86c7f849bdc04125f2b249792755ddf35582b7fe04a509c0de337fa5e14a250c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm-child/style.css?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Fri, 01 Feb 2019 08:37:42 GMT
ETag: "109-580d10e78db70-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 184
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
95.141.34.210200 OK 4.2 kB URL HTTP/1.1 www.rosaroll70.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Wed, 15 Sep 2021 09:29:49 GMT
ETag: "2bd8-5cc0556f10594-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 4169
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/plugins/wp-gdpr-compliance/Assets/css/front.css?ver=1662118274
95.141.34.210200 OK 4.3 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/wp-gdpr-compliance/Assets/css/front.css?ver=1662118274
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type Unicode text, UTF-8 text, with very long lines (26316), with no line terminators
Hash 16f6b0d854b5336e8a618be364c62422
e607403fc6d59f09dc35da1fb3c19c29f248c7e0
9a3e445ebe914ea574ae45ef6bd659449147910549bd7ab40986846730fe8a63
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-gdpr-compliance/Assets/css/front.css?ver=1662118274 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 11:31:14 GMT
ETag: "66d0-5e7b011597cc3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 4312
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-content/themes/stockholm/css/stylesheet.min.css?ver=6.0.2
95.141.34.210200 OK 63 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/css/stylesheet.min.css?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (65536), with no line terminators
Hash f3b1fbbd05154f9dc6f0db380dbe177b
b4a3906347a56bf621d2536ba60f710cef5902f3
3b62acea51bf4a22221100b98277d5efec0189cdd4dee2c29b4e0aeab7cf2d71
GET /wp-content/themes/stockholm/css/stylesheet.min.css?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:28 GMT
ETag: "7496e-5b35c969637d3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 62602
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.1
95.141.34.210200 OK 46 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.1
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (65358)
Hash 2fe906250b403a8535d316cdf1e8a808
7b84d27dd294fe145beec5801fc2d8d5a00d611b
655f96cc6f8ea662c046fd64382639c7a9b5c9a936645beb200653b4880e51e3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.1 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:18:36 GMT
ETag: "76828-5b35cc592d815-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 45790
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.7.6
95.141.34.210200 OK 3.4 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.7.6
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type Unicode text, UTF-8 text, with very long lines (23514)
Hash 40168b46aaee868241d021cd042235dc
f11524f28087e903c5a21facf4a335de1de4ae15
abb80664a5e03871c9b6e813b83a14b97469070bc6706f91f04e6dcb0c316dff
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.7.6 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Fri, 01 Feb 2019 08:23:55 GMT
ETag: "5d17-580d0dd2aba45-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 3396
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
95.141.34.210200 OK 31 kB URL HTTP/1.1 www.rosaroll70.it/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:33 GMT
Server: Apache
Last-Modified: Wed, 15 Sep 2021 09:29:49 GMT
ETag: "15db1-5cc0556f0f5f4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 30908
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=1613033116
95.141.34.210200 OK 14 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=1613033116
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (55160), with no line terminators
Hash ad8ea494d947cb06338461d9b441b52e
0f118c9966d01c2414e0e97bebe1c9be8f79c78c
86c5d874e76ed27619727c9494b200868e856802ab8628f47cc615daf3831244
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/chaty/js/cht-front-script.min.js?ver=1613033116 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 11:31:00 GMT
ETag: "d778-5e7b010783487-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 14255
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:49:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.rosaroll70.it/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.23
95.141.34.210200 OK 45 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.23
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (41022), with CRLF line terminators
Hash 093bc5236e1d2dac0687190591816376
a00cc34c822166c88d68744f65fb4274ab5509da
821f75e48e46128443a39eb58aba687be440465b600424fa3bf5fb2cffe166ca
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.23 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:18:25 GMT
ETag: "1d25a-5b35cc4eded54-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 45119
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0
95.141.34.210200 OK 40 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (32006)
Hash 6f66844d190c1ce88980c73d23de1905
b21fec004cdfc8dc64e4a462876cc8914742de46
9d135b7d3b48668fb2b6d304dd6b20c5f5bec72f8f4448851222166d7bb1db8a
GET /wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Fri, 01 Feb 2019 08:23:55 GMT
ETag: "1cb35-580d0dd2aba45-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 39570
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.7.6
95.141.34.210200 OK 44 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.7.6
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (65335)
Hash ba9011d4c2b342e26e02663177ae81f1
1058560c83f7297d573979d90846ad1413e70874
093fc98819b7da9027cf7b9a64968133ec210a7a18530440b42398fa5bd1128d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.7.6 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Fri, 01 Feb 2019 08:23:55 GMT
ETag: "1c783-580d0dd2aba45-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 44077
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/hammer.min.js?ver=1
95.141.34.210200 OK 7.3 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/hammer.min.js?ver=1
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (20581)
Hash ebdad270152d2d464786a3133986c0fe
6de846adb1f17cc28081a7924259afb32fb795cd
5e902baedd41f7cce98e52af77bec53bd32431f2ac56008b07b3f2451e9ae791
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/hammer.min.js?ver=1 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "511d-5b35c9685dc53-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 7345
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/virtual-scroll.min.js?ver=1
95.141.34.210200 OK 952 B URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/virtual-scroll.min.js?ver=1
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (712)
Hash ab984f139534e997009319da14bd5a94
d7ee2b22b7d23aa416ee0b11ec748857a19f5538
2ed076277040d256c6dd977dbce2fac9645a09f2e580c7c8036632ba6a16536b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/virtual-scroll.min.js?ver=1 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "ca9-5b35c96859dd3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 952
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
95.141.34.210200 OK 5.0 kB URL HTTP/1.1 www.rosaroll70.it/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 11:36:31 GMT
ETag: "48b9-5e7b0243d45c8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 5009
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
95.141.34.210200 OK 3.9 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type HTML document, ASCII text, with very long lines (12211), with no line terminators
Hash 7ef755c2700783f9eae63fc539149a18
e57c0c5ceb5e2fbf1aaad44aad6319f8b26b69a1
95c808afbeaf569865125c132b69df4a68bca03fd6b792d38ef9a0e341dbf06b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 11:38:04 GMT
ETag: "2fb3-5e7b029c38701-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 3934
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
95.141.34.210200 OK 2.8 kB URL HTTP/1.1 www.rosaroll70.it/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (8632)
Hash 7bcfa023b68185f1132007d26b67e1b3
fd1d088ca40a4b406112f9d6eea7cc0bbb410b4f
7f8109a56d16b8f85ae19378061fc73601df57f32f36e0d5f4ec5211a8f67f2b
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 11:36:31 GMT
ETag: "226e-5e7b0243d0748-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2756
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.23
95.141.34.210200 OK 84 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.23
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (64268)
Hash 832e7ee9644c8e7cdb5d9add8be524f3
127ddec0392e3876cd6b08a6f2a72bf0a6c07300
322186ed7a97a958e5b3d64eaff2a2c3b955b760e9da0b7e44d305b4cf2f9f9e
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.23 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:18:25 GMT
ETag: "4fd58-5b35cc4eded54-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
www.rosaroll70.it/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
95.141.34.210200 OK 11 kB URL HTTP/1.1 www.rosaroll70.it/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (36560)
Hash 01c8b2443d039a1bfcd1636ba1a4ed1e
aa8f6ae060067210f9172204c244e48d925fd7c0
3ead9dd682f597ca6ad784b9c990ee20c6524b267ef54d4bd232ad5eb733a7d5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 11:36:31 GMT
ETag: "8f87-5e7b0243cd868-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 10897
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
95.141.34.210200 OK 6.5 kB URL HTTP/1.1 www.rosaroll70.it/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (15439)
Hash 0748a982f068af9766c253cb21601ff2
9994f710f5450ee963f9714f715c6c9dbd64d417
2caf6897d004cd4727e5ab8b9992bb08d96b6ac38917142d1c2a49f74e1e4114
GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 11:36:31 GMT
ETag: "43b3-5e7b0243cb928-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 6502
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-includes/js/jquery/ui/effect-scale.min.js?ver=1.13.1
95.141.34.210200 OK 426 B URL HTTP/1.1 www.rosaroll70.it/wp-includes/js/jquery/ui/effect-scale.min.js?ver=1.13.1
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (521)
Hash e4a106057a0b976ecd21b85f798e5f29
d7c39813fb3f502788f957bbdee643663d76785d
87e712163425a80a812ed9541d5ae0e90e3cde009d5141e128b6b6b7d1454e56
GET /wp-includes/js/jquery/ui/effect-scale.min.js?ver=1.13.1 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 11:36:31 GMT
ETag: "2c3-5e7b0243cb928-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 426
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.1
95.141.34.210200 OK 531 B URL HTTP/1.1 www.rosaroll70.it/wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.1
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (715)
Hash 1ea7bcbb40b617cbbf38b615434133e0
7433990d960000293aaf5a7fa53cd3dde93ee802
8a983f24fd8856665fd5bdfc272d3a7129e605ab1ee862fe8a138b69ca015033
GET /wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.1 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 11:36:31 GMT
ETag: "385-5e7b0243c99e7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 531
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
95.141.34.210200 OK 1.1 kB URL HTTP/1.1 www.rosaroll70.it/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (3233)
Hash cde0ded344e3544e6f19cf117371b265
acb5934c1a00ce841abbe050c815e7b06b702f57
bddcbef59b628af5afedda5a07006341a7af05b6df42e334f0579d8662fd0e7e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 11:36:31 GMT
ETag: "d53-5e7b0243ce808-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1084
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
95.141.34.210200 OK 3.1 kB URL HTTP/1.1 www.rosaroll70.it/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (10572)
Hash 441a9f4f0e65b720c99ccd7835d5a6f7
9d1e18dffdd3d8cfe4aaef782e02b4b35899cd25
2b161c785b5b6a40802db7808810b8805f163f471d44f275f053b09636c3f851
GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 11:36:31 GMT
ETag: "29ff-5e7b0243c6b07-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 3125
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
95.141.34.210200 OK 3.9 kB URL HTTP/1.1 www.rosaroll70.it/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (11760)
Hash b3b756ae23b641be60b9eba0ddc7c3d8
99899b4cd589abe27cc9aeea1ecc0266b8775876
1da4297afc5955b4da0d89cc26246ffd4e2f04e5360467b4a12da5dc7edf9f27
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 11:36:31 GMT
ETag: "2ea1-5e7b0243ca987-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 3914
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
95.141.34.210200 OK 6.0 kB URL HTTP/1.1 www.rosaroll70.it/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (16109), with no line terminators
Hash 50f1b56214f7e26856cb386786ef488c
16e4411fc85326e3b97b2cae8ded89c68e978d46
b8ac9041ececad43c28db3f7875fcf3e76d5e01d1d062f33036e561782bc6ce9
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 11:36:31 GMT
ETag: "3eed-5e7b0243d16e8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 5962
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
95.141.34.210200 OK 39 kB URL HTTP/1.1 www.rosaroll70.it/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (65266)
Hash 4cdaad83ca56a59ee7352b981c2f6db5
4cba1a66bde2345f35c94cacc40749e7aaa30d79
e1aab11a4a9f355af8664139d9151aaf59a6a7d58791aeceda7e611eb049b215
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Wed, 15 Sep 2021 09:29:49 GMT
ETag: "267aa-5cc0556f1a1d5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 38657
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/doubletaptogo.js?ver=6.0.2
95.141.34.210200 OK 423 B URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/doubletaptogo.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (628)
Hash 46006e0d6ffd0e0e4961c9b976836a1d
6848109bc1d5d427a82017b83d388eb83253ca95
9ab4b0e5984d2c11ae2f5812db11827535dee280d4879bc63d36a08df06277b2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/doubletaptogo.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "2b6-5b35c96859dd3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 423
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2
95.141.34.210200 OK 475 B URL HTTP/1.1 www.rosaroll70.it/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type HTML document, ASCII text, with very long lines (906), with no line terminators
Hash c7aa8936938be0b65781455878aa2085
0066e0c5ed75b3ccd5bb01db5f373d995c217a29
a764eb4204428f671190ad2bc84bcbd86cd9a6bfd05a7ded46bceb651503c508
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 03:13:05 GMT
ETag: "38a-5bffa3deaea0b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 475
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/modernizr.min.js?ver=6.0.2
95.141.34.210200 OK 6.2 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/modernizr.min.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type HTML document, ASCII text, with very long lines (14756)
Hash 23d17506fcd0142b17b49b2d48d7a996
43a43823d7ecc4632017a62e74d85cff363fbcd0
ed7a101106d15b0e6a2ad3208a0cf6086cb603c49a92e8dbb3efc5c81f48251b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/modernizr.min.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "3c35-5b35c9685ccb3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 6244
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.appear.js?ver=6.0.2
95.141.34.210200 OK 828 B URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.appear.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (1537)
Hash 2626dbebbc58738dd50e5ea2e1038a49
454a1a99bbc5773aac1b1804b6e076f2e3b74810
e1e9fe22830f868916035aa92597171078463ccd803d12479c621766f6d9755f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/jquery.appear.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "717-5b35c9685ad73-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 828
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-includes/js/hoverIntent.min.js?ver=1.10.2
95.141.34.210200 OK 706 B URL HTTP/1.1 www.rosaroll70.it/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (1464)
Hash e26e2ba5d82da6211e981bf0e962fe00
ca7358efdb6852cfb78ec32383eaef15ac6cb61b
400f6ae8a00e7eabb07284d8cd8715579e9a3721fa463e508b5d40b83cde1447
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 11:36:31 GMT
ETag: "5db-5e7b0243d74a8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 706
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/absoluteCounter.min.js?ver=6.0.2
95.141.34.210200 OK 622 B URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/absoluteCounter.min.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (1238)
Hash a4be623330e6ee1e6f9b1794e1651a73
6f045cc51227c04f31c8aba0f4faa0674d74d88a
58a30965678203ca1a266252507cb2df86434eba7de651f804da736ed5bfc8aa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/absoluteCounter.min.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "4e4-5b35c9685ad73-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 622
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/easypiechart.js?ver=6.0.2
95.141.34.210200 OK 1.6 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/easypiechart.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (3968)
Hash e0f8708c4a071561d98e4ba63606abf5
499a30581f58c41b4ec827726d0dc33ae44f9984
61aef479e9156b89918e838c20ca63468bfa204276d6739645fd1476297e0132
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/easypiechart.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "11b6-5b35c9685dc53-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1623
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.mixitup.min.js?ver=6.0.2
95.141.34.210200 OK 4.6 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.mixitup.min.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (15502)
Hash 28b0f4657c83ab927d36217f594ace21
e72927b42d999a4ee569eb08b0586af443c3e8ab
6b8a2934920fba9d4c5609733d7958334a870641f35473ca9678651af6122081
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/jquery.mixitup.min.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "3e48-5b35c9685ebf3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 4611
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.nicescroll.min.js?ver=6.0.2
95.141.34.210200 OK 16 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.nicescroll.min.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (595)
Hash 911f72edf7ae719abb06f7346830e495
ac233eb3c663eb9d8e2a91c1578663a172f6c8c9
299d3a41ed585e656c7dd7cb2cac7e35f2c675cf39bfdf7a08c6b2a50efe960c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/jquery.nicescroll.min.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "de2e-5b35c9685ccb3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 15831
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.prettyPhoto.js?ver=6.0.2
95.141.34.210200 OK 6.0 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.prettyPhoto.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type HTML document, ASCII text, with very long lines (21974)
Hash b1251684aeb19d19c5fed2bd252f869e
66dd7dc4b6fe37abe83437d96099b7df329ac75c
42d11a10731b0c5cd3f30ab5abc16eab32251299b22675de6473277f9e98a9dd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/jquery.prettyPhoto.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "56f1-5b35c9685bd13-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 6025
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.fitvids.js?ver=6.0.2
95.141.34.210200 OK 1.2 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.fitvids.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type HTML document, ASCII text, with very long lines (3598)
Hash 126cfb1e5757bfadbb7e46e8983ff8ab
44eb9a0a290f3a4a5d1ec68ebce401393039c94b
44397b4baae55d6b566d09d3c7d2eb07b79b8a6f1884441cf3d4c965b00ce791
GET /wp-content/themes/stockholm/js/plugins/jquery.fitvids.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "f52-5b35c9685ccb3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1201
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/plugins/js_composer/assets/lib/bower/flexslider/jquery.flexslider-min.js?ver=6.4.1
95.141.34.210200 OK 6.4 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/js_composer/assets/lib/bower/flexslider/jquery.flexslider-min.js?ver=6.4.1
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (21539)
Hash 1c969c52ccf9227b2ddd77ea494e4872
e37ce39196b3a5f178f46b9bce12d1d7abca806d
573650442e92a2c306194e7ac322709d1e0c1f60ad73705b6f009fc553eb58ef
GET /wp-content/plugins/js_composer/assets/lib/bower/flexslider/jquery.flexslider-min.js?ver=6.4.1 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:18:36 GMT
ETag: "5561-5b35cc589b055-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 6396
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/infinitescroll.js?ver=6.0.2
95.141.34.210200 OK 7.0 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/infinitescroll.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (25581)
Hash 02d77dc4a9037edd774f11b4ab88e63b
5fd633185736636344fd5010ae90e0e3338fc405
8c7cbf9895a89f2956805dedc86e7577c77ec82d9b4b4d0c18d87651547b9873
GET /wp-content/themes/stockholm/js/plugins/infinitescroll.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "64db-5b35c9685ebf3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 7015
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/waypoints.min.js?ver=6.0.2
95.141.34.210200 OK 2.6 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/waypoints.min.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (7828)
Hash b08a10ff518ebd0a8e5132a10b54c1fe
56105f462177224834625760000840e9ebf27c07
2514236f606436c0a9c12616d717d576260cc97319eab9f60c321623b4265636
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/waypoints.min.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "1f4e-5b35c96859dd3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2571
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jplayer.min.js?ver=6.0.2
95.141.34.210200 OK 10 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jplayer.min.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (593)
Hash 0ce15a0576bbf3ae1cd63d5a3041ec90
fb21f35d898b9c01d6be241d631f16823f31f6d6
cd6c8d7b4d2e8244db02ad718140eaed34b21a20013027056a65d00ba240c41a
GET /wp-content/themes/stockholm/js/plugins/jplayer.min.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "a768-5b35c96859dd3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 10337
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/bootstrap.carousel.js?ver=6.0.2
95.141.34.210200 OK 2.5 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/bootstrap.carousel.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
Hash ca1e33562fe317e5b07e29cd06797d84
da679ec01e84ce9d168fddfe73c5e584d61fcd03
e156aa774638c1c7d27328515be8e09038fbed3b7d9c24a224780b6fdbe55772
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/bootstrap.carousel.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "1f6f-5b35c9685ad73-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2518
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/skrollr.js?ver=6.0.2
95.141.34.210200 OK 6.4 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/skrollr.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (21650)
Hash 798e9ae8e0aed07cf5ae2ddbc7f0b37f
a24356c8a3150786e58b450182f91201cb6a1cac
2872f7f6b81a9fbb8e893fdfca8affbcfe9bdce93187941d44436c3196ec823c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/skrollr.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "5518-5b35c9685dc53-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 6376
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/Chart.min.js?ver=6.0.2
95.141.34.210200 OK 5.5 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/Chart.min.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (32184)
Hash deb411f27a476a3cff98139dbe1aa8a4
344536a4af4648b94a718c5fdb1b1813ad62ed55
f0de8440adee89b40ea3b109813642ee345c33aa453b37c90b6a895ef7120323
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/Chart.min.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "7e63-5b35c9685bd13-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 5533
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.easing.1.3.js?ver=6.0.2
95.141.34.210200 OK 1.8 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.easing.1.3.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type Unicode text, UTF-8 text, with very long lines (3561)
Hash 6c7ce7cbe50bd5e617ea187962654c78
e6a4f57fd602932d4c0df27ee166eaeea52fa373
942f785a237e3c94cd4c4a549304f16517b3063717d713e7b68c130c588bf0bd
GET /wp-content/themes/stockholm/js/plugins/jquery.easing.1.3.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "14f7-5b35c9685ccb3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1778
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.plugin.min.js?ver=6.0.2
95.141.34.210200 OK 1.3 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.plugin.min.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (2986)
Hash 97294f39ba60b000305918fea0c64858
9a020c94de1c77cfe2782d46156d43321928cb0c
424b3c372aa7b521987311c7aafbb4e6919ef13635f592b094dcdef8a53d057e
GET /wp-content/themes/stockholm/js/plugins/jquery.plugin.min.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "c6a-5b35c9685bd13-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1341
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.countdown.min.js?ver=6.0.2
95.141.34.210200 OK 4.6 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.countdown.min.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (13714)
Hash 04177d10b75c5ebbf98417960f590b1d
8ab080313d51c063d900171e084ddb00cff78636
462279fe7b8ba20125da026c5c9f8addc48fc45c3cc77ccfa16789ce6dca91bf
GET /wp-content/themes/stockholm/js/plugins/jquery.countdown.min.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "368e-5b35c9685ad73-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 4583
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.justifiedGallery.min.js?ver=6.0.2
95.141.34.210200 OK 4.8 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.justifiedGallery.min.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (17668)
Hash da7d569a040aae1b84bd95f987e8d997
a4bdc3aafecd5b03633ac17e12ffc20015e2f4ac
d99c281acab5205c90c5308df7259431dac60e3b9736b452c8207c8334338e64
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/jquery.justifiedGallery.min.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "45a3-5b35c9685bd13-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 4804
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/owl.carousel.min.js?ver=6.0.2
95.141.34.210200 OK 11 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/owl.carousel.min.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (40403)
Hash 7575ea92b73ac84aa55be99d42bb4eaa
13a52e5cae4f95f4a2ce629965e4ba6c5d0f2868
a72f9044a1766965f26c10a82ee4ffba33ebfa3c4fb71ac5d23a468031249fb5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/owl.carousel.min.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "9e40-5b35c9685ebf3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 10599
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/lemmon-slider.js?ver=6.0.2
95.141.34.210200 OK 2.4 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/lemmon-slider.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
Hash 41df26c46f11af8a5b9936c490e49f24
eb54ff0f59862a30b99ae30f143bc5f1ee476a77
dbb93d40682c62af88b88a01a4029b13c573c69630e5400b5685ee5c18b16b85
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/lemmon-slider.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "3344-5b35c9685bd13-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2350
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.carouFredSel-6.2.1.js?ver=6.0.2
95.141.34.210200 OK 19 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.carouFredSel-6.2.1.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
Hash 5e31396bc4e557be82fb402cdf8fb05d
61d2261b9dce2ad9a4a0d085721ee49bb72b5853
87d253f69897247052878bf6b7b1845591aa04725c07b0aaf1a30d7ab95c390d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/jquery.carouFredSel-6.2.1.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "163cc-5b35c9685ad73-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 18559
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.fullPage.min.js?ver=6.0.2
95.141.34.210200 OK 7.2 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.fullPage.min.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (550)
Hash c85d49f0216e7d67f17d94dc473e59d9
03460f006a9a1c5a6f4c62013d510e2a6f5a52fd
c8d05765dfa8af10abca15eb64ab5e2e26f8c1a3930595e9102769ea70763158
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/jquery.fullPage.min.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "5c7f-5b35c9685dc53-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 7178
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.mousewheel.min.js?ver=6.0.2
95.141.34.210200 OK 716 B URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.mousewheel.min.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (1020)
Hash 1bb069d9e3a8d110eaf5319b82b26e9b
25921fb49b922ecc44a40550587df5ace5e9a9a9
6975d1b270a0cbbcd4f0a652d6b32bce9eb2344944e1ccde88e5588bf51e71d4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/jquery.mousewheel.min.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "570-5b35c9685bd13-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 716
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.4.1
95.141.34.210200 OK 10 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.4.1
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (32004)
Hash 0ffe60bf5290a017690aba61438cc811
bc5e291135a49e69b4c74fbf65b36c91f8ee3a72
d96faa744efa6a4aa4510130a29505cddfc3409680a8b33888292fd23c403727
GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.4.1 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:18:36 GMT
ETag: "8b8a-5b35cc58942f5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 9977
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.parallax-scroll.js?ver=6.0.2
95.141.34.210200 OK 2.0 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/jquery.parallax-scroll.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
Hash 4bea0328db878dfe4cfd1b9b2ab11c93
c055555cba034baded0d5aaf696770b81b916c65
0dd45fa1793fe28f5793486dde4a5e430586999dafddfb602a7cf0a0d3ce1934
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/jquery.parallax-scroll.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "23b7-5b35c9685dc53-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1962
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/js/default_dynamic.js?ver=1604586168
95.141.34.210200 OK 1.6 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/default_dynamic.js?ver=1604586168
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
Hash ff8a835dfbdba04fa972f695eb8731eb
feff4ca42a512e5b7ed8aa3e3b72227ea8e7dda5
3fbf76e5d4345f48cf676462bb937a947644170ec91378b0994169ce8851a164
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/default_dynamic.js?ver=1604586168 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:22:48 GMT
ETag: "102e-5b35cd49ace3f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1568
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:49:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.rosaroll70.it/wp-content/themes/stockholm/js/default.min.js?ver=6.0.2
95.141.34.210200 OK 27 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/default.min.js?ver=6.0.2
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type ASCII text, with very long lines (31992)
Hash 2a8ea0e4356454ee2e88651b688f4a61
dae4b67ab701d536399a49b897cbf33f60887a15
0427afc03a27ad667553c5de696e72ce55e9b7a92a9a572549dfb73b8dc2028b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/default.min.js?ver=6.0.2 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "22a5c-5b35c96850193-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 27083
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.rosaroll70.it/wp-content/themes/stockholm/style.css
95.141.34.210200 OK 357 B URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/style.css
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
Hash 0408c3beabed3e13df770ca252eb0e56
cb53997d0ecfc4c8b6dd58ea62eb1fdb0e5761ac
30df913632f84b635b02daef5adddfb47008f645dd85f3b3db6dbf70ad8e5c6e
GET /wp-content/themes/stockholm/style.css HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/wp-content/themes/stockholm-child/style.css?ver=6.0.2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:28 GMT
ETag: "220-5b35c9693c6d3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 357
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: text/css
www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/qode-like.js?ver=1.0
95.141.34.210200 OK 414 B URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/js/plugins/qode-like.js?ver=1.0
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
Hash 3e19a6b6b2c9a41f2d15e17a0281fff7
e5decc5120f5aea1ad2f4ebcebafcec07fbcf3d2
f92bb6a58727d3bcd4f541fe8083f17b30f826a6dbf71427fca4e32395c9df3b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/js/plugins/qode-like.js?ver=1.0 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "31b-5b35c9685dc53-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 414
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:49:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.rosaroll70.it/wp-content/uploads/2019/03/sh.png
95.141.34.210200 OK 35 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2019/03/sh.png
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type PNG image data, 150 x 220, 8-bit colormap, non-interlaced\012- data
Hash c4ae473bf273d74628dcd4ace0aa9982
5aa36e568327921fdedfa21880cad09438099d11
3485f99dd09a6fe31802a1a7bdca8fd0a7438a22d55abd94fa3b7983ba4d0f3c
GET /wp-content/uploads/2019/03/sh.png HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Wed, 27 Nov 2019 07:32:07 GMT
ETag: "88fc-5984efe7b6e45"
Accept-Ranges: bytes
Content-Length: 35068
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/png
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
142.250.74.46200 OK 27 kB URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP 142.250.74.46:0
Hash bc13ab03de364b5404477ac046180f96
1f1f89b06edc325c6609bb403595550fb820d2fa
ca21fc5457da056a09413dfb4dedf470f1738cdd4f7ba58c5febe5e87db281f9
GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 21 Sep 2022 21:49:34 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+097; expires=Fri, 20-Sep-2024 21:49:34 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:49:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:49:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:49:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.rosaroll70.it/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
95.141.34.210200 OK 46 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 11:38:04 GMT
ETag: "25d0-5e7b029c413a2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2914
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:49:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/domine/v19/L0x8DFMnlVwD4h3hu_qn.woff2
142.250.74.163200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/domine/v19/L0x8DFMnlVwD4h3hu_qn.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 27624, version 1.0\012- data
Hash 1f72af2c5d07489f5ac244943db9d7eb
49aa6096e9b9b9d4949a79794a72cb31b744d0de
02fbcf6cd136ae3bfc98aecbbc0f0b1f348c05d96390d63a89cdc323a6dda70c
GET /s/domine/v19/L0x8DFMnlVwD4h3hu_qn.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosaroll70.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27624
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 22:03:28 GMT
expires: Sat, 16 Sep 2023 22:03:28 GMT
cache-control: public, max-age=31536000
age: 431166
last-modified: Mon, 11 Jul 2022 19:06:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.rosaroll70.it/wp-content/uploads/2017/07/2.jpg
95.141.34.210200 OK 586 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2017/07/2.jpg
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=13, height=3465, bps=170, PhotometricIntepretation=RGB, model=\001, orientation=upper-left, width=5202], progressive, precision 8, 1660x1078, components 3\012- data
Size 586 kB (585810 bytes)
Hash 2bd51dfed6e3e402bd37c68dfc475417
fe8dec31f8bdbc71c3e0509697067fa2906e135f
c1252e0b8e96e898ae1007dd0b5094074a0b554a1ba22ac4176319113fcda6a9
GET /wp-content/uploads/2017/07/2.jpg HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Wed, 27 Nov 2019 07:34:00 GMT
ETag: "8f052-5984f052cee8a"
Accept-Ranges: bytes
Content-Length: 585810
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg
www.rosaroll70.it/wp-content/uploads/2017/07/1.jpg
95.141.34.210200 OK 743 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2017/07/1.jpg
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=1440, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2793], progressive, precision 8, 1660x1078, components 3\012- data
Size 743 kB (742917 bytes)
Hash 7548eda974246a709a4b8774a9b114ec
6a0d944966702909c908cd824434122c4bc44155
414344e65b28e37f2666a525e73cc17200ec2353cc2489cca97530767e0ff40d
GET /wp-content/uploads/2017/07/1.jpg HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Wed, 27 Nov 2019 07:34:07 GMT
ETag: "b5605-5984f0596d3ea"
Accept-Ranges: bytes
Content-Length: 742917
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:49:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:49:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.74200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.74:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 21:28:41 GMT
expires: Wed, 21 Sep 2022 22:28:41 GMT
cache-control: public, max-age=3600
age: 1253
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 21:49:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.rosaroll70.it/wp-content/themes/stockholm/framework/modules/icons/elegant-icons/fonts/ElegantIcons.woff
95.141.34.210200 OK 64 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/framework/modules/icons/elegant-icons/fonts/ElegantIcons.woff
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type Web Open Font Format, CFF, length 63664, version 1.0\012- data
Hash fdd9e757bf61675343dcf55100422b84
f9be87fa2d1d4a95e8305afb51778db4bc759fbc
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/framework/modules/icons/elegant-icons/fonts/ElegantIcons.woff HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.rosaroll70.it/wp-content/themes/stockholm/framework/modules/icons/elegant-icons/style.min.css?ver=6.0.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "f8b0-5b35c96902cf3"
Accept-Ranges: bytes
Content-Length: 63664
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/font-woff
www.rosaroll70.it/wp-content/themes/stockholm/framework/modules/icons/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
95.141.34.210200 OK 77 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/themes/stockholm/framework/modules/icons/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/stockholm/framework/modules/icons/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.rosaroll70.it/wp-content/themes/stockholm/framework/modules/icons/font-awesome/css/font-awesome.min.css?ver=6.0.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:05:27 GMT
ETag: "12d68-5b35c9690a9f3"
Accept-Ranges: bytes
Content-Length: 77160
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
www.rosaroll70.it/wp-content/uploads/2017/07/3.jpg
95.141.34.210200 OK 724 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2017/07/3.jpg
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=1080, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], progressive, precision 8, 1660x1078, components 3\012- data
Size 724 kB (724510 bytes)
Hash 8757d160a39ff962e76e851afebabb84
a9b7cdd02e624b508cb94da58039d14ce8804c3a
f76fab0b1a91d8529efac0ae177bb87683f03b2a8618f8f02619f0c5a75a5f2e
GET /wp-content/uploads/2017/07/3.jpg HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Wed, 27 Nov 2019 07:33:52 GMT
ETag: "b0e1e-5984f04bc42ca"
Accept-Ranges: bytes
Content-Length: 724510
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg
www.rosaroll70.it/wp-content/plugins/gtranslate/flags/24/zh-CN.png
95.141.34.210200 OK 793 B URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/gtranslate/flags/24/zh-CN.png
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 8ac0702e57d9c4d0f9265699372c00a5
6b15b2e03cb864441b87ba1645a0e11ab16ca4c5
a68398db898eac3c4e447f86a8a2c887ba067b840db31d36723987a0b0e98d99
GET /wp-content/plugins/gtranslate/flags/24/zh-CN.png HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 10:32:29 GMT
ETag: "319-5e17a09c7aca9"
Accept-Ranges: bytes
Content-Length: 793
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/png
www.rosaroll70.it/wp-content/plugins/gtranslate/flags/24/nl.png
95.141.34.210200 OK 469 B URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/gtranslate/flags/24/nl.png
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 213b7e930b8a41dcf4c9f95ac76dbe6b
eccf14152b6ba26fe8a7d02f79586992be40db20
5d75fea10bb270c341503bda4357e90bb069e3e46c7a670a3583f924f3524bd3
GET /wp-content/plugins/gtranslate/flags/24/nl.png HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:35 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 10:32:29 GMT
ETag: "1d5-5e17a09c76e29"
Accept-Ranges: bytes
Content-Length: 469
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/png
www.rosaroll70.it/wp-content/plugins/gtranslate/flags/24/en.png
95.141.34.210200 OK 1.8 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/gtranslate/flags/24/en.png
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash ec7233b5c80e5db85f7733b2ec25203f
d4c36fff06dc7d920b10eb13b58ea9cd9321b430
347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40
GET /wp-content/plugins/gtranslate/flags/24/en.png HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:35 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 10:32:29 GMT
ETag: "6e7-5e17a09c76e29"
Accept-Ranges: bytes
Content-Length: 1767
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/png
www.rosaroll70.it/wp-content/plugins/gtranslate/flags/24/fr.png
95.141.34.210200 OK 637 B URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/gtranslate/flags/24/fr.png
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 930f08c6829077e96cf25d58f26bd6d3
0dfa244548435053bbebd2ed5914e2785f0f3dc3
594f333e3a8fe65a0466e4f9c140dab97e6b6a073579edf130a87b86614d7ec8
GET /wp-content/plugins/gtranslate/flags/24/fr.png HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:35 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 10:32:29 GMT
ETag: "27d-5e17a09c75e89"
Accept-Ranges: bytes
Content-Length: 637
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/png
www.rosaroll70.it/wp-content/plugins/gtranslate/flags/24/it.png
95.141.34.210200 OK 642 B URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/gtranslate/flags/24/it.png
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 922efc02f080135a63137dde4ffea287
a4583be3e579a69a03a0d1f09995fdb6d1244f7d
510116996dc4979a225c07962d84bb76e2b6340234c2c5e4280596ad08a632cb
GET /wp-content/plugins/gtranslate/flags/24/it.png HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:35 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 10:32:29 GMT
ETag: "282-5e17a09c72fa9"
Accept-Ranges: bytes
Content-Length: 642
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/png
www.rosaroll70.it/wp-content/plugins/gtranslate/flags/24/pt.png
95.141.34.210200 OK 1.1 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/gtranslate/flags/24/pt.png
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash bb3cb490b63a8f51283c686b916cf4ff
f325c9d27acb1d3e03a3481eb2c240368ae8460f
f06d3def1549dd1b0a108ddc645d2e8906fb631e5812df19cdcbd887f3700bd8
GET /wp-content/plugins/gtranslate/flags/24/pt.png HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:35 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 10:32:29 GMT
ETag: "434-5e17a09c83949"
Accept-Ranges: bytes
Content-Length: 1076
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/png
www.rosaroll70.it/wp-content/plugins/gtranslate/flags/24/ru.png
95.141.34.210200 OK 487 B URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/gtranslate/flags/24/ru.png
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ddf50d1327e2ecc28a980e93b9f538a
581fa9ecc609a1a07fca205b6c9751e8c28f1ebb
1bdc7040f02e999a17f291b59767d4101adefa2d89775272ac7c66f37c710fff
GET /wp-content/plugins/gtranslate/flags/24/ru.png HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:35 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 10:32:29 GMT
ETag: "1e7-5e17a09c7aca9"
Accept-Ranges: bytes
Content-Length: 487
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/png
www.rosaroll70.it/wp-content/plugins/gtranslate/flags/24/es.png
95.141.34.210200 OK 873 B URL HTTP/1.1 www.rosaroll70.it/wp-content/plugins/gtranslate/flags/24/es.png
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 8bf31a924501d6db655fe75696b5f046
94ba0f8d4db0c35c1246a55fcbd6e0ef3cd7f0e2
5ae9561f31199bf8a892f797a69db1bc5d477e2f8318f2b7e95487f025f66f28
GET /wp-content/plugins/gtranslate/flags/24/es.png HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:35 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 10:32:29 GMT
ETag: "369-5e17a09c81a09"
Accept-Ranges: bytes
Content-Length: 873
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/png
www.rosaroll70.it/wp-content/uploads/2019/02/P9040003.jpg
95.141.34.210200 OK 6.5 MB URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2019/02/P9040003.jpg
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=11, description=OLYMPUS DIGITAL CAMERA, manufacturer=OLYMPUS IMAGING CORP., model=E-M1, xresolution=198, yresolution=206, resolutionunit=2, software=Adobe Photoshop Camera Raw 9.12.1 (Macintosh), datetime=2018:09:04 11:22:07], baseline, precision 8, 4608x3456, components 3\012- data
Size 6.5 MB (6492031 bytes)
Hash 30ff2fddf99aa33c59ebc1ad47be4f2c
396a7ee7cb0264f2a6e0bf03f7da04b1d9f7e836
c46efd7a1a1c9621cd5d98f69a76b7783cd266776ec8e5c1ed8b8d19b34e644e
GET /wp-content/uploads/2019/02/P9040003.jpg HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Wed, 13 Feb 2019 18:05:28 GMT
ETag: "630f7f-581ca630b759e"
Accept-Ranges: bytes
Content-Length: 6492031
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg
www.rosaroll70.it/wp-content/uploads/2019/02/6.jpg
95.141.34.210200 OK 692 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2019/02/6.jpg
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=1183, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1772], progressive, precision 8, 1660x1078, components 3\012- data
Size 692 kB (692452 bytes)
Hash dbb67e20be85a119f2dcff8c0320c951
79aad7767f81ac6b9f276224678ad246cc83e4d0
ad1d2bb9ceb7f493bf464952a4ee3f6990c851eeb41c280e33484ce44338d923
GET /wp-content/uploads/2019/02/6.jpg HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Wed, 27 Nov 2019 07:33:30 GMT
ETag: "a90e4-5984f036dd969"
Accept-Ranges: bytes
Content-Length: 692452
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/jpeg
www.rosaroll70.it/wp-content/uploads/2016/03/Stars.png
95.141.34.210200 OK 1.5 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2016/03/Stars.png
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type PNG image data, 123 x 24, 4-bit colormap, non-interlaced\012- data
Hash 96a5c264f662554be2a45fad5bd12802
9b3972ebdaf106818ca97485a1c85629bf5247da
9d032d8348a565bb6b9661d03c6baf409e1d586d5e4f7ec0d5d4f85c9f9f7499
GET /wp-content/uploads/2016/03/Stars.png HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Cookie: chatyWidget_0=[{"k":"v-widget","v":"2022-09-21T21:49:35.064Z"}]; activechatyWidgets=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:35 GMT
Server: Apache
Last-Modified: Wed, 27 Nov 2019 07:35:16 GMT
ETag: "5c5-5984f09b6bc6d"
Accept-Ranges: bytes
Content-Length: 1477
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/png
www.rosaroll70.it/wp-content/uploads/2019/11/Logo-Rosaroll.jpeg
95.141.34.210200 OK 42 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2019/11/Logo-Rosaroll.jpeg
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1080x424, components 3\012- data
Hash 26eeaf60ba3a59ef052a59c98bcbb400
cf65200041aaf3fc7b3c8254c1e78eb813ab0489
8062e9d9d4e7a3eecc91d0208cba0a51bbddad01a1e65a32d5bfa06c83535b79
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2019/11/Logo-Rosaroll.jpeg HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:35 GMT
Server: Apache
Last-Modified: Wed, 27 Nov 2019 07:31:38 GMT
ETag: "a5db-5984efcb4b804"
Accept-Ranges: bytes
Content-Length: 42459
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/jpeg
www.rosaroll70.it/wp-json/contact-form-7/v1/contact-forms/86/feedback/schema
95.141.34.210200 OK 521 B URL HTTP/1.1 www.rosaroll70.it/wp-json/contact-form-7/v1/contact-forms/86/feedback/schema
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type JSON data\012- , ASCII text, with very long lines (521), with no line terminators
Hash 12c9cfff6e17cd6a6ef624c6dca07381
16c1dd70fda814ed1456174b9d9096f4fca6bcc9
2b2d86d2bfc205aaafebb732eeab1be8d6c49eb9e3f9ac12a6dde4d61e433fa7
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/86/feedback/schema HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.rosaroll70.it/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:35 GMT
Server: Apache
Cache-Control: no-cache
X-Robots-Tag: noindex
Link: <https://www.rosaroll70.it/wp-json/>; rel="https://api.w.org/"
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Allow: GET
Vary: Origin
X-Powered-By: PHP/7.3.27, PleskLin
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
www.rosaroll70.it/wp-content/uploads/2019/02/P9040101.jpg
95.141.34.210200 OK 8.2 MB URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2019/02/P9040101.jpg
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=11, description=OLYMPUS DIGITAL CAMERA, manufacturer=OLYMPUS IMAGING CORP., model=E-M1, xresolution=198, yresolution=206, resolutionunit=2, software=Adobe Photoshop Camera Raw 9.12.1 (Macintosh), datetime=2018:09:04 11:23:30], baseline, precision 8, 4608x3456, components 3\012- data
Size 8.2 MB (8159255 bytes)
Hash 008e30a7001b44ae86da54403b96ab89
a8b5a52c393ddd2a077752c3de13c686eea3514f
00caeb3f1eb3dce27742d74d673eebe4b35b46ca1ded97c5045587d3a6ad2842
GET /wp-content/uploads/2019/02/P9040101.jpg HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:35 GMT
Server: Apache
Last-Modified: Wed, 13 Feb 2019 18:26:01 GMT
ETag: "7c8017-581caac848eff"
Accept-Ranges: bytes
Content-Length: 8159255
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/jpeg
www.rosaroll70.it/wp-content/uploads/2019/02/P9040078.jpg
95.141.34.210200 OK 7.3 MB URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2019/02/P9040078.jpg
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=11, description=OLYMPUS DIGITAL CAMERA, manufacturer=OLYMPUS IMAGING CORP., model=E-M1, xresolution=198, yresolution=206, resolutionunit=2, software=Adobe Photoshop Camera Raw 9.12.1 (Macintosh), datetime=2018:09:04 11:23:11], baseline, precision 8, 4608x3456, components 3\012- data
Size 7.3 MB (7293304 bytes)
Hash 89f624629e2ecc94c37446490d22f1fc
10f0a0fc14523f52b8e41b7e66dbd911966d7066
923fbd39682b92362e8f5691f753bed18cb95ad33063f0f96b9dca9c9eaf7dea
GET /wp-content/uploads/2019/02/P9040078.jpg HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:35 GMT
Server: Apache
Last-Modified: Wed, 13 Feb 2019 18:21:53 GMT
ETag: "6f4978-581ca9db8fed0"
Accept-Ranges: bytes
Content-Length: 7293304
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/jpeg
www.rosaroll70.it/wp-content/uploads/2019/02/P9040027.jpg
95.141.34.210200 OK 7.1 MB URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2019/02/P9040027.jpg
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=11, description=OLYMPUS DIGITAL CAMERA, manufacturer=OLYMPUS IMAGING CORP., model=E-M1, xresolution=198, yresolution=206, resolutionunit=2, software=Adobe Photoshop Camera Raw 9.12.1 (Macintosh), datetime=2018:09:04 11:22:31], baseline, precision 8, 4608x3456, components 3\012- data
Size 7.1 MB (7144521 bytes)
Hash e5ecfd4a39cf1370e9ba4052cd7f5053
19f6fcdd04c5a6646132334d341d3c3f113e0e6c
6b1ec9c36d20e29840709fd0c8e10287522ff0d50731c0c2ff446819679b932d
GET /wp-content/uploads/2019/02/P9040027.jpg HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:37 GMT
Server: Apache
Last-Modified: Wed, 13 Feb 2019 18:11:51 GMT
ETag: "6d0449-581ca79dc5a2b"
Accept-Ranges: bytes
Content-Length: 7144521
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/jpeg
www.rosaroll70.it/wp-content/uploads/2019/02/P9040060.jpg
95.141.34.210200 OK 7.1 MB URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2019/02/P9040060.jpg
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=11, description=OLYMPUS DIGITAL CAMERA, manufacturer=OLYMPUS IMAGING CORP., model=E-M1, xresolution=198, yresolution=206, resolutionunit=2, software=Adobe Photoshop Camera Raw 9.12.1 (Macintosh), datetime=2018:09:04 11:22:57], baseline, precision 8, 4608x3456, components 3\012- data
Size 7.1 MB (7123471 bytes)
Hash c10544081042980fc715941328a20e26
bf83d98e4f16f75a6ce0096ec1d827ed96b76403
20e8cac854c0eb578f1487e69d2f5421f1340243d9c2290ccbe4a4e0aa4a2dec
GET /wp-content/uploads/2019/02/P9040060.jpg HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:35 GMT
Server: Apache
Last-Modified: Wed, 13 Feb 2019 18:18:21 GMT
ETag: "6cb20f-581ca911cd065"
Accept-Ranges: bytes
Content-Length: 7123471
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/jpeg
www.rosaroll70.it/wp-content/uploads/2019/02/P9040009.jpg
95.141.34.210200 OK 6.3 MB URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2019/02/P9040009.jpg
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=11, description=OLYMPUS DIGITAL CAMERA, manufacturer=OLYMPUS IMAGING CORP., model=E-M1, xresolution=198, yresolution=206, resolutionunit=2, software=Adobe Photoshop Camera Raw 9.12.1 (Macintosh), datetime=2018:09:04 11:22:14], baseline, precision 8, 4608x3456, components 3\012- data
Size 6.3 MB (6260817 bytes)
Hash 22d9c9d47caf4a279b594fa4acb776e7
5a9cf3f389ceed35b7fdef5b39513ca393127fa0
a2c73a315f6d3cdab7b6976e963c3826e21de5468af03f79a85ba6c41e848647
GET /wp-content/uploads/2019/02/P9040009.jpg HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:35 GMT
Server: Apache
Last-Modified: Wed, 13 Feb 2019 18:07:21 GMT
ETag: "5f8851-581ca69c89a94"
Accept-Ranges: bytes
Content-Length: 6260817
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/jpeg
www.rosaroll70.it/wp-content/uploads/2019/02/book.jpg
95.141.34.210200 OK 840 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2019/02/book.jpg
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=17, height=3456, bps=218, PhotometricIntepretation=RGB, description=OLYMPUS DIGITAL CAMERA, manufacturer=OLYMPUS IMAGING CORP., model=E-M1, orientation=upper-left, width=4608], progressive, precision 8, 1920x1198, components 3\012- data
Size 840 kB (839680 bytes)
Hash 11eae5c47901eb2f2362f0c58abb736d
651c98eab8191ff5f52d8ef118a9ae09487ab0cf
7e6751bea633ccc486f98d6b856fa668e16b1c3d93ae4ae1c12cfe844546b56d
GET /wp-content/uploads/2019/02/book.jpg HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:39 GMT
Server: Apache
Last-Modified: Wed, 27 Nov 2019 07:33:05 GMT
ETag: "cd000-5984f01e8c008"
Accept-Ranges: bytes
Content-Length: 839680
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/jpeg
www.rosaroll70.it/wp-content/uploads/2019/02/5.jpg
95.141.34.210200 OK 875 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2019/02/5.jpg
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=1440, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1919], progressive, precision 8, 1660x1078, components 3\012- data
Size 875 kB (875336 bytes)
Hash c18df9cf44268cf57bc3f6201ef42e0a
b951cea4a85fa9c044b0de0afa2b3b16f34a59a5
2ec71175d293b16e1ec90ed9d3e99cf83f9cf2d5dc982398c20c7927e4edf6c3
GET /wp-content/uploads/2019/02/5.jpg HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:39 GMT
Server: Apache
Last-Modified: Wed, 27 Nov 2019 07:33:38 GMT
ETag: "d5b48-5984f03dc9129"
Accept-Ranges: bytes
Content-Length: 875336
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/jpeg
www.rosaroll70.it/wp-content/uploads/2019/02/4.jpg
95.141.34.210200 OK 782 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2019/02/4.jpg
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=1365, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2048], progressive, precision 8, 1617x1050, components 3\012- data
Size 782 kB (781954 bytes)
Hash ebca9c660b69d940d02b24dcd1a8a563
480412024f8849650f9c7f888bd27bc750160cad
63172b648198685c1815ff0d98d9a9832473903875fecf7054b38a48883468f6
GET /wp-content/uploads/2019/02/4.jpg HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:39 GMT
Server: Apache
Last-Modified: Wed, 27 Nov 2019 07:33:45 GMT
ETag: "bee82-5984f0450c729"
Accept-Ranges: bytes
Content-Length: 781954
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/jpeg
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8bae3a7a80ff40df1d701dfc925ddeff
91df60162a8322469cada0dd8eb93619f28aec1a
fab10c7ad4658bc191621d9f2042236a7b6e34448ce5215dde5b8d6a64b52952
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6897
x-amzn-requestid: 509dc368-dd1c-4be7-94ff-64dbd53c199f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YoqoRG2WIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63268b01-1cb916c251fd5f2f3cf10435;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 03:05:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vs0CTuiAdjRtfJD9qX9S5R07Hw6BWfiOAT50GwTdiSETdoqr2FNsyw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 04:14:25 GMT
age: 63314
etag: "91df60162a8322469cada0dd8eb93619f28aec1a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.rosaroll70.it/wp-content/uploads/2020/11/favicon.jpg
95.141.34.210200 OK 9.4 kB URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2020/11/favicon.jpg
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=424, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1080], progressive, precision 8, 32x32, components 3\012- data
Hash ccfa20ffedd8025d7fce65ca197d90ba
6f6088fa39b0d3bd7c52138dcac396c0693b3df5
2153128476989da1dc203dfd51501ea8b8a423519ffb4301167c5e8564b6a7f8
GET /wp-content/uploads/2020/11/favicon.jpg HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Cookie: chatyWidget_0=[{"k":"v-widget","v":"2022-09-21T21:49:35.064Z"}]; activechatyWidgets=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:39 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2020 14:55:29 GMT
ETag: "2487-5b35d497ced14"
Accept-Ranges: bytes
Content-Length: 9351
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/jpeg
www.rosaroll70.it/wp-content/uploads/2019/02/P9040067.jpg
95.141.34.210200 OK 0 B URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2019/02/P9040067.jpg
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
GET /wp-content/uploads/2019/02/P9040067.jpg HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Wed, 13 Feb 2019 18:19:36 GMT
ETag: "7e90fa-581ca95940da3"
Accept-Ranges: bytes
Content-Length: 8294650
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/jpeg
www.rosaroll70.it/wp-content/uploads/2019/02/P9040108.jpg
95.141.34.210200 OK 0 B URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2019/02/P9040108.jpg
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
GET /wp-content/uploads/2019/02/P9040108.jpg HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:38 GMT
Server: Apache
Last-Modified: Wed, 13 Feb 2019 18:28:00 GMT
ETag: "8101e8-581cab3a09c3e"
Accept-Ranges: bytes
Content-Length: 8454632
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: image/jpeg
www.rosaroll70.it/wp-content/uploads/2019/02/P9040063.jpg
95.141.34.210200 OK 0 B URL HTTP/1.1 www.rosaroll70.it/wp-content/uploads/2019/02/P9040063.jpg
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
GET /wp-content/uploads/2019/02/P9040063.jpg HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:37 GMT
Server: Apache
Last-Modified: Wed, 13 Feb 2019 18:18:48 GMT
ETag: "746b17-581ca92ba6271"
Accept-Ranges: bytes
Content-Length: 7629591
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/jpeg
www.rosaroll70.it/wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.13.1
95.141.34.210200 OK 0 B URL HTTP/1.1 www.rosaroll70.it/wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.13.1
IP 95.141.34.210:0
ASN #49367 Seflow S.N.C. Di Marco Brame' & C.
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.13.1 HTTP/1.1
Host: www.rosaroll70.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 21:49:34 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 11:36:31 GMT
ETag: "1fd-5e7b0243c8a47-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 342
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css?family=Raleway%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CCrete+Round%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CDomine%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&subset=latin%2Clatin-ext&ver=1.0.0
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CCrete+Round%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CDomine%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&subset=latin%2Clatin-ext&ver=1.0.0
IP 142.250.74.10:0
GET /css?family=Raleway%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CCrete+Round%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CDomine%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&subset=latin%2Clatin-ext&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rosaroll70.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 21:49:34 GMT
date: Wed, 21 Sep 2022 21:49:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2