r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ede732d48f2c32ad5e3b899bb4348df9
15fa12733818b3ae39f3022a715ed0f431b28242
446c9bf6bc38a43f5758f6f44f89ad76eff44eb8779cf7e62bbfeb002b298dee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "446C9BF6BC38A43F5758F6F44F89AD76EFF44EB8779CF7E62BBFEB002B298DEE"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8741
Expires: Sat, 24 Dec 2022 05:32:07 GMT
Date: Sat, 24 Dec 2022 03:06:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d6a971d765338f107fe9d2c67fa4bbdf
a72bdf191446a37fa0420cc9d7c087aaff757cd6
dc5291c136b0b81621a02679a31f6b7c852e2803429d54c2a9afcc8edf031328
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC5291C136B0B81621A02679A31F6B7C852E2803429D54C2A9AFCC8EDF031328"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19924
Expires: Sat, 24 Dec 2022 08:38:30 GMT
Date: Sat, 24 Dec 2022 03:06:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 24 Dec 2022 02:46:13 GMT
content-type: application/json
age: 1213
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7f0ad5c2841a345f98197c2f1e86f4d
84cbfd91934a8715baba4a2da46451f35597c99c
be30540f2e06a3565c9b38bdbb9691f707d692b196bdcef5d671708aa9609795
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE30540F2E06A3565C9B38BDBB9691F707D692B196BDCEF5D671708AA9609795"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19451
Expires: Sat, 24 Dec 2022 08:30:37 GMT
Date: Sat, 24 Dec 2022 03:06:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xVzUbOlu8xX5s9DL3XLUQQIRP+NKO2nFBvK3kxswGqDMWUB3GjKLT5GHhh9UHTf9NONIx6rZ4ME=
x-amz-request-id: 4Z52VRSZS0KG3P6A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 24 Dec 2022 02:56:26 GMT
age: 600
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 03:06:26 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
sadevafric.com/msin/tuda
66.29.145.237301 Moved Permanently 240 B IP 66.29.145.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 435f3b097f9b35ca9dbd919d2ebc488c
3b4404e42a3233db3244be673948c41f61b272d1
cfcd8e276c2f13e105fdb4e4a50ec87e457fc0a08e9e81707b72f10000431f1a
Analyzer Verdict Alert fortinet Malware
GET /msin/tuda HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 24 Dec 2022 03:06:27 GMT
Server: Apache
Location: https://sadevafric.com/msin/tuda
Content-Length: 240
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 24 Dec 2022 02:08:03 GMT
age: 3504
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c615c937e6371bda0824b44af0c21c74
b097d69452bcc60085f563d094388185c26f0e7d
9f1194921b5d57dd52a217a47e69ad4cec7c08378c73c8dfccc3817119fcbb41
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3196
Cache-Control: max-age=111216
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 03:06:27 GMT
Etag: "63a56fa7-1d7"
Expires: Sun, 25 Dec 2022 10:00:03 GMT
Last-Modified: Fri, 23 Dec 2022 09:06:47 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.218.168.248101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.168.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yD/jCri7cHqiEViA6LHR2g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MLkMOs5OgTYO+MxZWjxvJKCJTGM=
sadevafric.com/msin/tuda
66.29.145.237307 Temporary Redirect 0 B IP 66.29.145.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /msin/tuda HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 307 Temporary Redirect
Date: Sat, 24 Dec 2022 03:06:27 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; expires=Sat, 24-Dec-2022 05:06:27 GMT; Max-Age=7200; path=/
ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3; expires=Mon, 26-Dec-2022 03:06:27 GMT; Max-Age=172800; path=/; HttpOnly
Location: https://sadevafric.com/
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
sadevafric.com/
66.29.145.237200 OK 6.2 kB IP 66.29.145.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342), with CRLF, LF line terminators
Hash cb9db9e2df56ac35f3aa484daebd2ae3
d1c0708912bb7db0bad714c05956f41a1ab0cc39
63aac0b30f85e1a9de749028386aef86ae83378e91e26e041936ade6b800a3c6
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; expires=Sat, 24-Dec-2022 05:06:28 GMT; Max-Age=7200; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6177
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash dc2725df0fb812e32298bb7faaf0c231
4ce4ac649b05b8eedab5bda51f4baf5f98417689
1a60eb1f9b71718c2061dfeb9de8241bef6fecab5d48adbc8ce3a89d1dddb8f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 03:06:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
142.250.74.106200 OK 1.5 kB URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP 142.250.74.106:0
Hash 7d3e60ae590f81e96b14a072acd90c29
2f028397082dd517eecf96be8bfece455b7721f7
afdf2ed08e0a733486a94d7f8c29e9e7c6655bdc83dd2f2f2d20720b75edc929
GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Dec 2022 03:06:28 GMT
date: Sat, 24 Dec 2022 03:06:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sadevafric.com/assets/css/plugins/bootstrap.min.css
66.29.145.237200 OK 21 kB URL HTTP/1.1 sadevafric.com/assets/css/plugins/bootstrap.min.css
IP 66.29.145.237:0
File type ASCII text, with very long lines (65324)
Hash 733571679e9957e2653ecce1c235ae28
71eff8d605c8346f6e413589a8aa69b217e4d923
cbc30aca6e7eb5990a7282fbd4d1b76ed492b31a4c46bb587f4ebd1b48c2fdd4
GET /assets/css/plugins/bootstrap.min.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Thu, 11 Feb 2021 22:56:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 21007
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
sadevafric.com/assets/css/plugins/font-awesome.min.css
66.29.145.237200 OK 12 kB URL HTTP/1.1 sadevafric.com/assets/css/plugins/font-awesome.min.css
IP 66.29.145.237:0
File type ASCII text, with very long lines (54456)
Hash a17b2209512865d8e882880dd8c403e0
35b7d11062831c849a213c6752136e276c56bb56
c29734bf3b21a5ce948cf29d765d596ecf0495c2a61f67d0e3e23a4f815693e2
GET /assets/css/plugins/font-awesome.min.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 11817
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
sadevafric.com/assets/css/plugins/swiper.min.css
66.29.145.237200 OK 3.1 kB URL HTTP/1.1 sadevafric.com/assets/css/plugins/swiper.min.css
IP 66.29.145.237:0
File type ASCII text, with very long lines (1470)
Hash 5d028d301366f480ddc61b88f7d66dd8
344e33b68472c09ad3c7a38ae11b11e24298a0b3
c29f68dbc0da7d5449d4865a430552efb937b04bd647eabe980332ad75a07e52
GET /assets/css/plugins/swiper.min.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3063
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
sadevafric.com/assets/css/plugins/fancybox.min.css
66.29.145.237200 OK 3.3 kB URL HTTP/1.1 sadevafric.com/assets/css/plugins/fancybox.min.css
IP 66.29.145.237:0
Hash 48f7cd6ea25e7a870144d0b7999cf3fb
8eecf63f78b0e5679c8f2d5c82a3d2e8d4eccdde
61aa1b688bbd00d28a2b76006c005f2181a8cd00055c74d4a5255dbacab4aeb3
GET /assets/css/plugins/fancybox.min.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Mon, 07 Dec 2020 18:22:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3264
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
sadevafric.com/assets/css/plugins/mapbox-style.css
66.29.145.237200 OK 4.6 kB URL HTTP/1.1 sadevafric.com/assets/css/plugins/mapbox-style.css
IP 66.29.145.237:0
File type ASCII text, with very long lines (34832)
Hash e92d94d527112eccad9eff37daf5d414
3e9548d816fe420a093320151595601e6865d236
9bb0b50fba17ae136f2124c4d62a64541ea3a1db70126cf28f51d63f5e7bc893
GET /assets/css/plugins/mapbox-style.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Thu, 21 Jan 2021 18:11:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4579
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
sadevafric.com/assets/css/style-light.css
66.29.145.237200 OK 6.8 kB URL HTTP/1.1 sadevafric.com/assets/css/style-light.css
IP 66.29.145.237:0
Hash ce636cfe8004cd4ed470b185643cf79b
0aa633e506e709405f89d64e7d848f7ea00e5338
fc91747aa1140b0b9a3781a9a83077b912957bd13d5b685aa0facc4763d01019
GET /assets/css/style-light.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Thu, 09 Sep 2021 19:08:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6750
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 03:06:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 03:06:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 03:06:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 03:06:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sadevafric.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 07:08:09 GMT
expires: Sat, 23 Dec 2023 07:08:09 GMT
cache-control: public, max-age=31536000
age: 71900
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sadevafric.com/assets/js/plugins/scroll-magic-gsap-plugin.js
66.29.145.237200 OK 4.3 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/scroll-magic-gsap-plugin.js
IP 66.29.145.237:0
Hash daaa793446a620a7c1c001be03f6168c
297c81b4711979a2334f60f246eaf9e9317f40b4
cfe9a96cd8d659a71f887a3291a8b1f94c96d171e5bb152b6e0c0007efee18f7
Analyzer Verdict Alert fortinet Malware
GET /assets/js/plugins/scroll-magic-gsap-plugin.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Fri, 11 Dec 2020 06:15:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4272
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13984
Expires: Sat, 24 Dec 2022 06:59:33 GMT
Date: Sat, 24 Dec 2022 03:06:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13984
Expires: Sat, 24 Dec 2022 06:59:33 GMT
Date: Sat, 24 Dec 2022 03:06:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13984
Expires: Sat, 24 Dec 2022 06:59:33 GMT
Date: Sat, 24 Dec 2022 03:06:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13984
Expires: Sat, 24 Dec 2022 06:59:33 GMT
Date: Sat, 24 Dec 2022 03:06:29 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 03:06:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sadevafric.com/assets/js/plugins/jquery.min.js
66.29.145.237200 OK 31 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/jquery.min.js
IP 66.29.145.237:0
File type ASCII text, with very long lines (65451)
Hash 888c5fa4504182a0224b264a1fda0e73
65f058a7dead59a8063362241865526eb0148f16
7d757e510b1f0c4d44fd98cc0121da8ca4f44793f8583debdef300fb1dbd3715
Analyzer Verdict Alert fortinet Malware
GET /assets/js/plugins/jquery.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Tue, 24 Nov 2020 22:10:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 30910
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/js/plugins/isotope.min.js
66.29.145.237200 OK 9.8 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/isotope.min.js
IP 66.29.145.237:0
File type ASCII text, with very long lines (32019)
Hash f23be9b893032a9a3beeb61008b659d6
0ae8ca6e11fa6299c409f7155c39a6fbefa3dd0b
c343a4923a7dfc3451f05434f6061f4f46f14774867a9dfbd7d0965ff54236c4
Analyzer Verdict Alert fortinet Malware
GET /assets/js/plugins/isotope.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9847
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b796350-ff1b-4da6-91c7-f598bab0dde2.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b796350-ff1b-4da6-91c7-f598bab0dde2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42578645a06eaf381fd25ddc41b91820
8656fddf2a13fff129a073fc85c8197c78ffaaed
f1afcf62cbe9ce3a786f2f38a851781450fe52ce8f367d30fc31c31977624379
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b796350-ff1b-4da6-91c7-f598bab0dde2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9343
x-amzn-requestid: 2720f2c1-7d46-4a81-b570-f63490384967
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnqZGyDIAMF4Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61fdb-79c3107c2c0465885bd76558;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EYD2n7YFOmgZ8y-ozxFxAB1hSIfelVWgbs5lV-CzKf6CoLowACVkQQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:49:02 GMT
age: 19047
etag: "8656fddf2a13fff129a073fc85c8197c78ffaaed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98adc653-f9a6-4ecb-ac9e-bc2f050bce18.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98adc653-f9a6-4ecb-ac9e-bc2f050bce18.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f8c72ec1e9749463326e11f003982211
a76cc3e7d6ca04b4e1d1c947c25ad10a11e9750c
afeea88b39c0fa6957e58d13562222415705d408f89583adcf428a02140abbdd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98adc653-f9a6-4ecb-ac9e-bc2f050bce18.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8691
x-amzn-requestid: e8b31f4c-cf9e-4027-ba28-86dcc5ac5190
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnRDHvSIAMF9Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f39-06c81a124ae007023d03c375;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K4yo4xbEQJQh6HZOfia0oQeSLF0UCRjP6_2utECzhCITAQIEGvGWjw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:50:48 GMT
age: 18941
etag: "a76cc3e7d6ca04b4e1d1c947c25ad10a11e9750c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4d8b8ab-ff79-4e93-97dc-b4b7d18e0b5b.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4d8b8ab-ff79-4e93-97dc-b4b7d18e0b5b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c276f786c96caac3f6a2b1cb20e4993
233988de2b66d8d97e0f21cbd1a182a9b4bd162f
bd5418d62aabf5e38f5c06409d0e1144f101d045072513150d5f16ffc2df169c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4d8b8ab-ff79-4e93-97dc-b4b7d18e0b5b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6645
x-amzn-requestid: 0f18f9e7-c8b3-4250-8156-96d3ea8a9749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: diVuQE5fIAMFeXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a40327-520100d2431fabd14317afe3;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 07:11:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UYAT01ECmYKrp25iLBix5K0qdahEvfppThLwVjcQOffxq0UI9PEKsg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 05:05:35 GMT
age: 79254
etag: "233988de2b66d8d97e0f21cbd1a182a9b4bd162f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31f60792-f774-4c4f-b0ee-969c5b98599b.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31f60792-f774-4c4f-b0ee-969c5b98599b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 833cb477949b114e983e8ca343d4abe5
80b76a3c3c75b4cd10856a3b7ee33154d73bfb3c
935d8eeb5b3a70b358b6d574260212ace3d16e053dbe3b37e149407c04f86160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31f60792-f774-4c4f-b0ee-969c5b98599b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6872
x-amzn-requestid: b9c756db-0b48-4b3d-b6cb-9efadae0cc5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnP1HNrIAMFsuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f31-0cc785ff4410f34e2c68bc6f;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IQaUlBbkGlJoH0ItRI_fN9ARQGGrhU-sH8DgHNYlGGxk_FfxgWVMOQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:42:36 GMT
etag: "80b76a3c3c75b4cd10856a3b7ee33154d73bfb3c"
content-type: image/jpeg
age: 19433
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d8a813d-10ee-4216-bb6b-8bcd1d8141e4.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d8a813d-10ee-4216-bb6b-8bcd1d8141e4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d90b80ebad103c48c3043c8d5e4c3ca
ab36c9309ce13b2a3d075461c2445f76bfc582aa
2287a6db0a6a58c570930c1f94c3b36d7acf383b26cdfa42261eb254598fa7c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d8a813d-10ee-4216-bb6b-8bcd1d8141e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7669
x-amzn-requestid: 4b35e79d-21c8-48d7-b11b-44bd820e29d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnROG4UoAMFZdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f3a-765739ad7e9063781ccb12b2;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lhQA2yVBNtJ04goTms0KXhX6Q4v86TEe4EUioQs3eJzzMsCxbVmykw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:39:58 GMT
age: 19591
etag: "ab36c9309ce13b2a3d075461c2445f76bfc582aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sadevafric.com/assets/js/plugins/tween-max.min.js
66.29.145.237200 OK 39 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/tween-max.min.js
IP 66.29.145.237:0
File type ASCII text, with very long lines (32028)
Hash a6a64f068c32e61e418134cc830d9a7d
e64f360d949f75331a89146c7707ddb4d42fcb0a
f82f0e56bcd25e05c88f43b184d846a166458b4fcf8533a3adc7481a0f410b08
Analyzer Verdict Alert fortinet Malware
GET /assets/js/plugins/tween-max.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Fri, 11 Dec 2020 06:20:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 39300
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/js/plugins/scroll-magic.js
66.29.145.237200 OK 25 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/scroll-magic.js
IP 66.29.145.237:0
File type Unicode text, UTF-8 text, with very long lines (330)
Hash 0654c5b5bb66d21e526ca3288043b184
444823af815fe2375a6bfd6a169e5ee3fe41b4b0
b2694723acb5522a0a47644c2dd08333d34a2a177a44ef10f3ceb4424048a4d6
Analyzer Verdict Alert fortinet Malware
GET /assets/js/plugins/scroll-magic.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Fri, 11 Dec 2020 06:14:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 25095
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/js/plugins/swiper.min.js
66.29.145.237200 OK 33 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/swiper.min.js
IP 66.29.145.237:0
File type ASCII text, with very long lines (65271)
Hash a9dbdc85dfcc3a7f9e40019b5530ef83
3819e7edd68a2712bed8956d742cafff37c4ed77
8f9ff6eb4d271afd73674c1ba5f1c1ae82e68984098d94bc6fdee31fa5aaed5c
Analyzer Verdict Alert fortinet Malware
GET /assets/js/plugins/swiper.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Thu, 11 Feb 2021 22:55:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 32552
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/js/plugins/smooth-scrollbar.min.js
66.29.145.237200 OK 17 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/smooth-scrollbar.min.js
IP 66.29.145.237:0
File type Unicode text, UTF-8 text, with very long lines (26614)
Hash 42de1cf61a78c2ea098a1bd4e35a24e4
b11d44873ef13eaa65d2936bdcd6b8b4e2289413
c5d44c5b06ac42d761d44c271d5f2e4db4a4cb13290bfa31d39208ed8c883de4
Analyzer Verdict Alert fortinet Malware
GET /assets/js/plugins/smooth-scrollbar.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:52:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 17388
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/js/plugins/overscroll.min.js
66.29.145.237200 OK 4.4 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/overscroll.min.js
IP 66.29.145.237:0
File type ASCII text, with very long lines (9511)
Hash 53dbd66e5044c88004c425f2295c4810
149469dc3b55d08aefe2d8a01ae97a27b5d4fa8d
b91283f8d27573de404bf3d8d95e9f1e952be27d89d3d3fbcd8850bded8ae84a
Analyzer Verdict Alert fortinet Malware
GET /assets/js/plugins/overscroll.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4438
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/js/plugins/fancybox.min.js
66.29.145.237200 OK 22 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/fancybox.min.js
IP 66.29.145.237:0
File type HTML document, ASCII text, with very long lines (31972)
Hash f8b62df0805382748074af7be8c55fc3
954cce85dd07378f6161bf292e42c53da428ff62
90d139e51b28f09110a6653ac7ce12f6b603bed42be80bccc9876130e6eaf61a
Analyzer Verdict Alert fortinet Malware
GET /assets/js/plugins/fancybox.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 22014
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/js/plugins/canvas.js
66.29.145.237200 OK 1.2 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/canvas.js
IP 66.29.145.237:0
Hash 2f9f9599c326666430e240bd2040229e
97c3e0885adae1da5658fc57b036ccd1c3bf1fd8
087eaf86761d05a8fc0acf6e754b2d3fbbc3ecc41e8c5795576a8b18638d61ad
Analyzer Verdict Alert fortinet Malware
GET /assets/js/plugins/canvas.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Tue, 06 Apr 2021 17:31:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1202
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/js/plugins/parsley.min.js
66.29.145.237200 OK 12 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/parsley.min.js
IP 66.29.145.237:0
File type ASCII text, with very long lines (32005), with CRLF line terminators
Hash d0d7a0f3ca1af46edd464738404d704b
07acb5664b72237d6803d79e04f357bae456b52d
f2e8a1ed3fcb50a9a3412859f34677cada1cc2d8617367edcefb80939f2f7f5d
Analyzer Verdict Alert fortinet Malware
GET /assets/js/plugins/parsley.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Wed, 10 Jun 2020 19:30:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12347
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/js/main.js
66.29.145.237200 OK 3.6 kB URL HTTP/1.1 sadevafric.com/assets/js/main.js
IP 66.29.145.237:0
Hash 13dffac744d12e9a004a0fd2af0c3a77
3612a0b04888d05ef4d7f98a57f334cde2fa8437
166c8d0a025d55aa663d8b511e94347e98383501c818824adf44ca662b0cd91f
Analyzer Verdict Alert fortinet Malware
GET /assets/js/main.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Fri, 06 Aug 2021 22:03:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3626
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/js/plugins/mapbox.min.js
66.29.145.237200 OK 195 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/mapbox.min.js
IP 66.29.145.237:0
File type ASCII text, with very long lines (64450)
Size 195 kB (195389 bytes)
Hash 01db876058ff9998316589ae375c5eaa
62d02a663b9c62df16d810721d9a921b0c9e39a8
969d77541d90a4bcee5cb7cf16256c3b0479fbfed7fd853cf9a17ef6aa07359b
Analyzer Verdict Alert fortinet Malware
GET /assets/js/plugins/mapbox.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Thu, 11 Feb 2021 22:56:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
sadevafric.com/assets/img/light/logo.svg
66.29.145.237200 OK 5.9 kB URL HTTP/1.1 sadevafric.com/assets/img/light/logo.svg
IP 66.29.145.237:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (14829), with no line terminators
Hash 5d71acf1ba704203c83505c454c71a7d
5ba3860609d1efd27b5197a01221e6a2d3c275dc
f4953d5cb08b703d9410426321b286a83d15d7877f035e948cd34a3f50375b42
Analyzer Verdict Alert fortinet Malware
GET /assets/img/light/logo.svg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Wed, 04 Aug 2021 21:54:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5908
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml
sadevafric.com/assets/css/webfonts/fa-brands-400.woff2
66.29.145.237200 OK 72 kB URL HTTP/1.1 sadevafric.com/assets/css/webfonts/fa-brands-400.woff2
IP 66.29.145.237:0
File type Web Open Font Format (Version 2), TrueType, length 72112, version 329.31064\012- data
Hash 4b115e1153a9ea339d6a0bb284cc8ed3
f988b2efe9434b0af28943708d33dd3afad9a5ba
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e
Analyzer Verdict Alert fortinet Malware
GET /assets/css/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sadevafric.com/assets/css/plugins/font-awesome.min.css
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Fri, 04 Dec 2020 18:24:30 GMT
Accept-Ranges: bytes
Content-Length: 72112
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2
sadevafric.com/assets/img/light/projects/prjct-3/1.jpg
66.29.145.237200 OK 56 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-3/1.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Hash b47b994c0a66534e7d34aeda5ed59bfc
bf22f9c59bfb45cfb25d7ac5942b7ae4e89c418b
6028f0d5e49a93ed75c589ee1f6207305b456ced1a13a8e59e3929346401208b
GET /assets/img/light/projects/prjct-3/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:35:46 GMT
Accept-Ranges: bytes
Content-Length: 56354
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/img/light/projects/prjct-3/3.jpg
66.29.145.237200 OK 69 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-3/3.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Hash dfe8e0ee27d28a653a85ff0c4c825d40
f138f2799f9c0acc075d13bf4ec4feb579eab458
c54e96adff4d4f4a7589e9422884cdab0bade020c3237dd6b591d29f29e1c5ae
GET /assets/img/light/projects/prjct-3/3.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:37:06 GMT
Accept-Ranges: bytes
Content-Length: 69435
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/img/light/projects/prjct-5/1.jpg
66.29.145.237200 OK 168 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-5/1.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 525x350, components 3\012- data
Size 168 kB (168178 bytes)
Hash 028857dbead357da2bac5b2f6291df9f
4c102a542b0f33188029bd2440079b7608cf915d
9b6c9b8f1c2717a4d4c7ab47ffa5f3367584b0724c8db1e1dd458cfdc595d8d0
GET /assets/img/light/projects/prjct-5/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Fri, 06 Aug 2021 21:18:00 GMT
Accept-Ranges: bytes
Content-Length: 168178
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/img/light/projects/prjct-3/2.jpg
66.29.145.237200 OK 80 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-3/2.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Hash 3705e146ab0f6bb39a47073594f3af64
2769eb25cc3a4b1ad2683c17be5d1614928d9e33
72df5d2cdd184bf7316b97fc2c946e219a872acd953ef7b0a8cb05a0e9ddd9f8
GET /assets/img/light/projects/prjct-3/2.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:36:24 GMT
Accept-Ranges: bytes
Content-Length: 79874
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/img/light/projects/prjct-3/4.jpg
66.29.145.237200 OK 71 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-3/4.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Hash 1293bdd489072870ce5379f12975700b
975f5ccb33687f1b211f44d850238f2731af55a3
f11ff0997fcf8ab152a595ea8077ca73647283c3e37ebc01747d107a360d7183
GET /assets/img/light/projects/prjct-3/4.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:37:48 GMT
Accept-Ranges: bytes
Content-Length: 71233
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0e8935125f24086b1a90db0771267bab
b120ac30a95d9b220355c8b0f16445b93c40b214
c1c06b01e5be9bd45bdcffcce02377556a72229278abe5eadc3c122e9856dc59
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Dec 2022 21:39:34 GMT
Expires: Tue, 27 Dec 2022 21:39:33 GMT
Etag: "b120ac30a95d9b220355c8b0f16445b93c40b214"
Cache-Control: max-age=325382,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77e61f114930b50b-OSL
sadevafric.com/assets/img/light/projects/prjct-1/fs/7.jpg
66.29.145.237200 OK 266 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-1/fs/7.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1280, components 3\012- data
Size 266 kB (265847 bytes)
Hash 26dc75e955c7ca26a0cd11aa6df6d797
aec1976b12c97b99ae54e893dc348d38fbca7169
624a503da93148052e817c78cbad18aa7de6eca175866a29c6164044b41e6961
GET /assets/img/light/projects/prjct-1/fs/7.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 18:00:56 GMT
Accept-Ranges: bytes
Content-Length: 265847
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/img/light/projects/prjct-3/5.jpg
66.29.145.237200 OK 78 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-3/5.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Hash 6b278691e2c4dd737c27276cda08f914
8233d5ddae68550a0455dd87e3e10ef3d6ed8f41
97c83f05952458d6ad49ea9f5436abb5152f3ad17d67d3347c56e339d20f35c9
GET /assets/img/light/projects/prjct-3/5.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:38:54 GMT
Accept-Ranges: bytes
Content-Length: 77738
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/img/light/projects/prjct-3/6.jpg
66.29.145.237200 OK 81 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-3/6.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Hash 627098bf83cf944e9e5bfdbd80b18521
56357d4091e550362537589a5c6f0dfe4856269e
f54366ec758c9e2e0799b318ff37bc131021c40c9db773f98577dd7c650ad946
GET /assets/img/light/projects/prjct-3/6.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:30 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:39:52 GMT
Accept-Ranges: bytes
Content-Length: 81339
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
aws-wwcloud.net/async/?id=588e2a123b18kd2s9t1it3yt11z778t3
195.123.218.98200 OK 177 B URL HTTP/1.1 aws-wwcloud.net/async/?id=588e2a123b18kd2s9t1it3yt11z778t3
IP 195.123.218.98:0
File type PNG image data, 1 x 1, 4-bit colormap, non-interlaced\012- data
Hash a9428714a3fc96dda46bf3dcb266266a
ccdf71be456f9f753967364b9b0ef38c1159d5ed
4f078541628ddaeeb2c66ef06b22c95df4ff9deb16a68554d4ad2f78380c42c2
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /async/?id=588e2a123b18kd2s9t1it3yt11z778t3 HTTP/1.1
Host: aws-wwcloud.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sadevafric.com
Connection: keep-alive
Referer: https://sadevafric.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.1
Date: Sat, 24 Dec 2022 03:06:30 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Access-Control-Allow-Origin: *
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=8iisj9itsntuikbcug7kheteg7; path=/
_subid=3fk8c9q9uq1b6; expires=Sun, 25-Dec-2022 03:06:30 GMT; path=/; domain=.aws-wwcloud.net
fcada=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM3MVwiOjE2NzE4NTExOTB9LFwiY2FtcGFpZ25zXCI6e1wiMjJcIjoxNjcxODUxMTkwfSxcInRpbWVcIjoxNjcxODUxMTkwfSJ9.5vbe_sRoDmslpd5GaRhyLCkiWoRspO2uxWlyeCFdRdo; expires=Sun, 25-Dec-2022 03:06:30 GMT; path=/; domain=.aws-wwcloud.net
Strict-Transport-Security: max-age=31536000;
sadevafric.com/assets/img/light/projects/prjct-2/1.jpg
66.29.145.237200 OK 88 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-2/1.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x439, components 3\012- data
Hash 7370c173fea66f848ced70915e1d3320
738039bf40e0bfe13342ed2ce2434eaeb93620d9
246911ef2605d9ed13772a09a524093239de160a91292aec7add41101b01f6a6
GET /assets/img/light/projects/prjct-2/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:30 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:16:58 GMT
Accept-Ranges: bytes
Content-Length: 88296
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/img/light/projects/prjct-2/2.jpg
66.29.145.237200 OK 90 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-2/2.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x439, components 3\012- data
Hash c1f1ea75fc81d18169038aeda9057f74
193cb6f6fd7bd30c4406948a1359f6dd0bd31aca
bda2eb9c12de07dd821e20bec754680c50debb7ec4f4b040826e65aa16cb5370
GET /assets/img/light/projects/prjct-2/2.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:30 GMT
Server: Apache
Last-Modified: Fri, 20 Aug 2021 16:34:24 GMT
Accept-Ranges: bytes
Content-Length: 89785
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/img/light/projects/prjct-1/fs/1.jpg
66.29.145.237200 OK 648 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-1/fs/1.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1440, components 3\012- data
Size 648 kB (647484 bytes)
Hash 0ff0ec8dad290a5118853902b9086311
01a9d94248043f47dceb7f87b01bb73022f281cc
31f49e0601c40942e8fc6f847eaf7da7211e2a9e6048c7ab2e7ca49c2c566de7
GET /assets/img/light/projects/prjct-1/fs/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Thu, 18 Aug 2022 15:51:34 GMT
Accept-Ranges: bytes
Content-Length: 647484
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/img/light/projects/prjct-2/3.jpg
66.29.145.237200 OK 126 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-2/3.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x439, components 3\012- data
Size 126 kB (125788 bytes)
Hash 40be0bb2600417e62fd4c6e585fe0767
a2ed1a0e3ccf4068d509e1b35ad5254283521ef8
15ec434815b7c476b13ca1cd52abbc297f7d5d8c19ce8e63b6f68ce4ad7863d6
GET /assets/img/light/projects/prjct-2/3.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:30 GMT
Server: Apache
Last-Modified: Fri, 20 Aug 2021 16:38:30 GMT
Accept-Ranges: bytes
Content-Length: 125788
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/img/light/projects/prjct-4/1.jpg
66.29.145.237200 OK 341 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-4/1.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x731, components 3\012- data
Size 341 kB (340751 bytes)
Hash b81a273e0fe698c9ff0bb384644e02b7
fc09ddaa570e338d02227d5debbc0c98a0674e30
ec4cc2847ed874cfd2bc56fa186946d0f8b373e62441d07e6393ec0406aa6a37
GET /assets/img/light/projects/prjct-4/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:30 GMT
Server: Apache
Last-Modified: Fri, 20 Aug 2021 17:15:36 GMT
Accept-Ranges: bytes
Content-Length: 340751
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
www.applitech.ci/assets/images/logo.png
66.29.145.237200 OK 7.1 kB URL HTTP/1.1 www.applitech.ci/assets/images/logo.png
IP 66.29.145.237:0
File type PNG image data, 350 x 78, 8-bit/color RGBA, non-interlaced\012- data
Hash b8eb88106d1545ea12a6185215e99a33
d82138cf5c47a60538898d5de1374b92572dd6de
143e08dbbb3247dd1bbaa00e73b9da6b696e25262045796f4b9f197f18f8d316
GET /assets/images/logo.png HTTP/1.1
Host: www.applitech.ci
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:30 GMT
Server: Apache
Last-Modified: Fri, 18 Mar 2022 17:26:24 GMT
Accept-Ranges: bytes
Content-Length: 7050
Cache-Control: max-age=2592000
Expires: Mon, 23 Jan 2023 03:06:30 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
sadevafric.com/assets/img/light/favicon.png
66.29.145.237200 OK 2.0 kB URL HTTP/1.1 sadevafric.com/assets/img/light/favicon.png
IP 66.29.145.237:0
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 511e7d91b99af1430ae66c2190769370
790a4d5a98c90d36ec8e2b1f9782099c77964688
9d6ae67eb2f11755ad511ca5db8f3c5b8041f84ef9901662758900be7662448a
GET /assets/img/light/favicon.png HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:30 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:13:16 GMT
Accept-Ranges: bytes
Content-Length: 1993
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ea23fe-7e38-4bc2-9a3c-0348db307737.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ea23fe-7e38-4bc2-9a3c-0348db307737.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7514aea8a6ecc6d2c4c4362719ec1f71
cb1cbae883c69fba75b584248c2ba79663175e66
0233fca45e85ea0fcd83083ce1c32084411067d01df99eb67ce15d00c361a16e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ea23fe-7e38-4bc2-9a3c-0348db307737.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6663
x-amzn-requestid: 7a457075-fb06-4be7-be96-c9d5e176e39a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnPzGukIAMF1OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f31-59b7441372a27f0f793c73e7;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 77BRdhrG6j7XXr_v3GUHnpjCn9xtlkKavKu1dpn7NZQe7KU3z370eA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:42:36 GMT
etag: "cb1cbae883c69fba75b584248c2ba79663175e66"
content-type: image/jpeg
age: 19439
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2