r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15692
Expires: Sun, 05 Feb 2023 20:24:59 GMT
Date: Sun, 05 Feb 2023 16:03:27 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12195
Expires: Sun, 05 Feb 2023 19:26:42 GMT
Date: Sun, 05 Feb 2023 16:03:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 15:33:56 GMT
content-type: application/json
age: 1771
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3841
Expires: Sun, 05 Feb 2023 17:07:28 GMT
Date: Sun, 05 Feb 2023 16:03:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vFwffrahan1qQglx26RWVOR3quozkU8uJGD1p0I4VitGwFF29VZ4AEYv7Bx34rR3bVDCofm/TADXtKyrwYTi5Q==
x-amz-request-id: EA2C5RNHCTXJNCER
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 15:53:20 GMT
age: 607
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 16:03:27 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 15:07:20 GMT
age: 3367
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12715
Expires: Sun, 05 Feb 2023 19:35:23 GMT
Date: Sun, 05 Feb 2023 16:03:28 GMT
Connection: keep-alive
push.services.mozilla.com/
34.211.126.51101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.211.126.51:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OPJebOBXAsg/7XhPd5pBLw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jo6ioQbt/n6uM2pODb+sEryAVlo=
fonts.googleapis.com/css?family=Karla:600
142.250.74.106200 OK 344 B URL HTTP/1.1 fonts.googleapis.com/css?family=Karla:600
IP 142.250.74.106:0
Hash 6fe2a0160871a0b3314c7ce6e364aef7
4ba268ba28e104929f66604d3e29613326f76c4b
9704e700033938e0c80a5fcecece1dedb6b77efb546b26dcc39e2af13bf90216
GET /css?family=Karla:600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 05 Feb 2023 16:03:29 GMT
Date: Sun, 05 Feb 2023 16:03:29 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10306
Expires: Sun, 05 Feb 2023 18:55:15 GMT
Date: Sun, 05 Feb 2023 16:03:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 14:53:51 GMT
age: 4178
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 93ef9da6520124f03883a2b5241e0623
41b557bb05e1769c124aa0195c398e2dbd1fc0e9
dd6a1589ae40fb69c60f1675ea49a6a1a00d43e29d1a18f0d30b7c4e9bceee5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11198
x-amzn-requestid: f21313a6-3ca8-4c58-981c-a1700769719c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKUGu6IAMFsww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-1d60cc337f91692e436f2990;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QiFDDww7IfjOYHGfK3NiaBts_69I05L7bngAfyJUtG6VNwptdaI5nQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 15:02:59 GMT
age: 3630
etag: "41b557bb05e1769c124aa0195c398e2dbd1fc0e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jIvBQjGh9JzWQM0YpEYiqP5CcBrkwqLVjAYhMWJ1P1H0MRkm7kpnpg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:12:06 GMT
age: 64283
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: c11233d1-ef16-4b03-9174-a493011dc0ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEoFHOKIAMFZwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8166-4a290e811547293f437311bb;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:49:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1F0bxib8bn4kZvGBTL63ecNDDEy6XZ8kIb8K5BNqusVL9SvAAARUJw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:11:45 GMT
age: 64304
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7a466d89c75ff3459b7328591db52cf
c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb
e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:58 GMT
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
age: 64351
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 38c58626-f4ad-4e2b-ad71-a628519d2ea2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmEdHFwCoAMFhxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8b453-7da6d0c1093468d320caaa1e;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 06:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t8dZTwod1-pZr8ACfp-6gfEu0TA3kGpfJrQeF8VgLg2tlrt03sa6Bg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:40:08 GMT
age: 44601
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10306
Expires: Sun, 05 Feb 2023 18:55:15 GMT
Date: Sun, 05 Feb 2023 16:03:29 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:03:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
installme.yorkevent.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1
192.254.235.207409 Conflict 83 B URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 409 Conflict
Date: Sun, 05 Feb 2023 16:03:29 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:03:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
installme.yorkevent.com/
192.254.235.207200 OK 54 kB IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (27413), with CRLF, LF line terminators
Hash 7834b1eddaee954c7b179c21dc967221
045e2f1f77fae5ab5219a37fc599d8267b1a501a
c6fa5caf264c00d3429978ea37fb5234b158b4f5ee785973a5065bcb41f49496
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:27 GMT
Server: Apache
Link: <http://installme.yorkevent.com/wp-json/>; rel="https://api.w.org/", <http://installme.yorkevent.com/>; rel=shortlink
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
installme.yorkevent.com/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=4.9.22
192.254.235.207200 OK 2.7 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=4.9.22
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9152), with no line terminators
Hash 44022ff8f2e16434bd88d7fe67511731
8743e90bcb34740ba7e5645dd27dfb779921269e
37605c4f39ff0397d6a2ff8f6d5928a75552356d23d0f2212ffa5311e7843895
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=4.9.22 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:29 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 10 Mar 2022 16:41:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2665
Keep-Alive: timeout=5, max=75
Content-Type: text/css
installme.yorkevent.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0
192.254.235.207200 OK 7.1 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30837)
Hash 82a55032c4b614390aea6ef6870d3e90
bb21577feea531540a8d4f27ac3730ffac111e1b
4f068500ef9ef0dbffa5b76ac10f1970a7a9de8ff033f84228971a140eb20069
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:29 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 09 May 2019 15:57:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7114
Keep-Alive: timeout=5, max=75
Content-Type: text/css
installme.yorkevent.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
192.254.235.207200 OK 1.2 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5da7e83bf9b7b7ae6b9825977476994f
0f5b2e616159bff9bff65c979896717e4409b151
59955a52571b4419a3fe764c316900de6af0e259c654718e59efb2f43399ef63
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:29 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 09 May 2019 15:57:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1188
Keep-Alive: timeout=5, max=75
Content-Type: text/css
installme.yorkevent.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
192.254.235.207200 OK 12 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash c220a68e588d62a720ffacfa52ad31d3
430b0eb0bdf72cebd13d43d18b8a276847b7a786
c12f9fb0d32fe152c3306f864f398f965b24ac6ffe01697b2b05fac214d2991a
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:29 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 09 May 2019 15:57:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12242
Keep-Alive: timeout=5, max=75
Content-Type: text/css
installme.yorkevent.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.7
192.254.235.207200 OK 62 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.7
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 92e8ec7d79ffb360abc23e3859567527
8e260181161b644c3bd28cab1fbe74e2dfa77a36
e1169e5f72f94ec0dcaa41af60cbef78449b17e94cd85062222b9996054cfb37
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.7 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:29 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:57:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
installme.yorkevent.com/wp-content/themes/basel/css/font-awesome.min.css?ver=4.5.0
192.254.235.207200 OK 7.1 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/themes/basel/css/font-awesome.min.css?ver=4.5.0
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30837)
Hash 82a55032c4b614390aea6ef6870d3e90
bb21577feea531540a8d4f27ac3730ffac111e1b
4f068500ef9ef0dbffa5b76ac10f1970a7a9de8ff033f84228971a140eb20069
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/basel/css/font-awesome.min.css?ver=4.5.0 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:29 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:56:13 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7114
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
installme.yorkevent.com/wp-content/themes/basel/css/bootstrap.min.css?ver=4.5.0
192.254.235.207200 OK 9.3 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/themes/basel/css/bootstrap.min.css?ver=4.5.0
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (35650)
Hash f5aa6d140e5cd633415b5149fe2677a3
899b7165910564cdf1fbe91306c64ea457bc6d4a
8778cd02181a48eb5038566628b27c683defff8910ed630302f723a333b6ac45
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/basel/css/bootstrap.min.css?ver=4.5.0 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:29 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:56:13 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9251
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
installme.yorkevent.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.2.10
192.254.235.207200 OK 3.8 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.2.10
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3ac4cee6db08de58d2e2115dd6b94b06
32e9734f0f21f531db07953d118c141a31f64816
15aca489d99e26af1f587cf7eaa502752123885ad91b46a1ed2219c3d04ac211
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.2.10 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 09 May 2019 15:57:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3814
Keep-Alive: timeout=5, max=75
Content-Type: text/css
installme.yorkevent.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
192.254.235.207200 OK 4.4 kB URL HTTP/1.1 installme.yorkevent.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9959)
Hash 1e40dfe689f1e989e1a3de2e3c6e26bf
4196eddc5203fd18f63e90065d777f757088ca2f
b40b1ef07db6e093ad2df064e8cb582906eb2448e1caacc2f5b721cd5d0e3cb4
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Fri, 20 May 2016 06:11:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4444
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
installme.yorkevent.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
192.254.235.207200 OK 43 kB URL HTTP/1.1 installme.yorkevent.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (31997)
Hash 58d326e4cc09f905eb0020706c6b2b95
c19bd9030a7117699a3dd57dc1b69a3889409f61
63cd2e517cb5c7de07842d11640edb2d11359c76f7227160bc339347e39c1001
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:29 GMT
Server: Apache
Last-Modified: Thu, 05 Sep 2019 07:47:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
installme.yorkevent.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3
192.254.235.207200 OK 24 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (64614), with CRLF line terminators
Hash aac9ab270a7b9355fdc5fc6929933f9c
c5b5782e8b56416fdbde80fe1d4f5448dfb0e0ca
81376e137c62f816079f78532a44698af897dbd058f79485f4becb3450cf1b3a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:57:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
installme.yorkevent.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
192.254.235.207200 OK 4.0 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9172)
Hash 1634848cac6bee67add01a21261fcde0
5a831f11c2aed128419ec5fe2bfdb91e04b770f5
bf7374b854854ed1a337f0c83f0d8ee44b2e2d09d2ed9669b6f04456cd93416c
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 16:41:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4024
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
installme.yorkevent.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.6.7
192.254.235.207200 OK 1.0 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.6.7
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (2637), with no line terminators
Hash d00a0e2fd744e90da609b341229c805a
8601759df20d6452b999adc9969f214b087432b2
15b09e00879046ab81a9c91ab0a0a5d0bd8c36a71a09f38acbba7f890e2d269e
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.6.7 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 16:41:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1034
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
installme.yorkevent.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3
192.254.235.207200 OK 48 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (27287), with CRLF line terminators
Hash a8b8d4a742e653438eb798e12665b43b
a080832766e89dfefb068a4633779a8accf98a39
9b0b623a3b416b395040f7680358e699b9c3818841042946137a993cce1a19cf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:57:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
installme.yorkevent.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.7
192.254.235.207200 OK 348 B URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.7
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 1c2e22378018f96c567ef0442e1e8890
30032407c1aeaa13cbce8a245a98a621370456ac
e02367dff982893c4fe2f822d51168c15f7b5f006a55df5b47d2666701b2107d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.7 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:57:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 348
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
installme.yorkevent.com/wp-content/themes/basel/js/device.min.js?ver=4.5.0
192.254.235.207200 OK 1.2 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/themes/basel/js/device.min.js?ver=4.5.0
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3061), with no line terminators
Hash ce9937bab11dd84a29b41cfc26684abf
28e6f633451fb7ae328ea6bb1c810d553f640665
db6703d10032492261f5bc58c843d3eab00ff6b740787d44ba3069867feb231d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/basel/js/device.min.js?ver=4.5.0 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:56:13 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1235
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
installme.yorkevent.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
192.254.235.207409 Conflict 83 B URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 409 Conflict
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
installme.yorkevent.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
192.254.235.207200 OK 994 B URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1680)
Hash 6288aae4bca8a1cf895fc741f6758bea
ae5a8bd6281e058852d8a93562196298556f53f5
1136e8c7449b0bfb5117fc8a0807125dc2e9b5afa45994af3a058a2a77d3e5d7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 16:41:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 994
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
installme.yorkevent.com/wp-content/themes/basel/style.min.css?ver=4.5.0
192.254.235.207200 OK 199 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/themes/basel/style.min.css?ver=4.5.0
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size 199 kB (198751 bytes)
Hash b38be8ef166bdbcee299773b5fede32c
1ac8e8366bf7f697c98ea8f3f7c5a376205aab8f
25886940f32c84037b16c41560be34e8a94c94c38a106675cbc9410e6ff5fa52
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/basel/style.min.css?ver=4.5.0 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:29 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:56:13 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
installme.yorkevent.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.6.7
192.254.235.207200 OK 622 B URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.6.7
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1472), with no line terminators
Hash 141bb95e572172acdbe6676a83e84df3
3829931abc1d6dde6803fb763f4a23fd17067007
207cd6ad1c941fc75e661f1baa1ee696f5db920e0e1be345f6400fd5916050b9
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.6.7 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 16:41:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 622
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
installme.yorkevent.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.6.7
192.254.235.207200 OK 1.1 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.6.7
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2940), with no line terminators
Hash 7651ad27b3fd7dff417370d3899ff533
e138c5d9beff0d797671cd26e45a665f6e8e9bfa
d34f0f559a85e4aa7f14ec64aae390a98d495033f19e2c51008e1a1e264022bd
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.6.7 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 16:41:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1096
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
installme.yorkevent.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
192.254.235.207200 OK 5.2 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15658)
Hash ae2c7094b509e7e01529c4ae9dcea000
809683693956d7f3c5907ddf6065ed8fc934b2a5
41289567ed6f914d3115357c5380a4e7c2e34aca37ccdd45f3ac930a5c66a172
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:57:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5202
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
installme.yorkevent.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=5.7
192.254.235.207200 OK 13 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=5.7
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32004)
Hash 9dcdc4e813ceb6f7dfcf8ff917556033
8ccb6e59a5919728dd495afbf172f3d576e69aa9
8be1d18337874c4b9a76de6b95e69c92ddc2063d779cd79e673ee8fb068087c4
GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=5.7 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:57:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13109
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
installme.yorkevent.com/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.7
192.254.235.207200 OK 3.1 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.7
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7808)
Hash d24f70901f104dd76b430252bb3bf2e1
784b0ea20fea97b9bb7ee56f0b3436895c2e5c15
915b4f416c548cf1e57c127aae747569cc4b2918453e509889bc24d7ce3fe692
GET /wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.7 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:57:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3126
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
installme.yorkevent.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.7
192.254.235.207200 OK 7.1 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.7
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19706), with no line terminators
Hash 3224472ff3e8104a9d96d134cb014f26
b59e297dfb8190c7e03018f0715e80e4576334e5
738872ca6c0fa0cbc3cdd1f93f975d398b6aec3a9b07e8573c09a823c9d0f875
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.7 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:57:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7131
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
installme.yorkevent.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.2.10
192.254.235.207200 OK 3.7 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.2.10
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (577)
Hash 63b3a5af6838c6d146cb328e5d960c58
be95b2703499e43c899f096dc1d5cc8f62ec2aa1
4ccd3b35d21b82599f945921c842caaabc23904b69e5667e5a19e8fa58d41e39
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.2.10 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 09 May 2019 15:57:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3735
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript
installme.yorkevent.com/wp-includes/js/underscore.min.js?ver=1.8.3
192.254.235.207200 OK 6.5 kB URL HTTP/1.1 installme.yorkevent.com/wp-includes/js/underscore.min.js?ver=1.8.3
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (16194)
Hash 0e888afe3909bffd10652804718e1500
dc03202be61af67cbf9b2dc9ec4caaddf58d1041
f9bd15a7002cf564ee4b1f61828fced68a6001d08a1accf40ec28c0d231e1874
GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Wed, 17 Feb 2016 15:22:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6534
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/karla/v23/qkBIXvYC6trAT55ZBi1ueQVIjQTDJp2aE0lK.woff2
216.58.207.227200 OK 12 kB URL HTTP/1.1 fonts.gstatic.com/s/karla/v23/qkBIXvYC6trAT55ZBi1ueQVIjQTDJp2aE0lK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11464, version 1.0\012- data
Hash 5166e792a2c9d4e305377b94d3256835
becabdca64a9ff7bc95c81ace1352583e2ed89c0
aa03293eeb1c37abad371a42fffdd3540056931bf5f2474459bbd4067e9a64b3
GET /s/karla/v23/qkBIXvYC6trAT55ZBi1ueQVIjQTDJp2aE0lK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://installme.yorkevent.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 11464
Date: Sun, 05 Feb 2023 16:03:30 GMT
Expires: Mon, 05 Feb 2024 16:03:30 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 11 Jul 2022 20:38:56 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21248, version 1.0\012- data
Hash 481105857aba99f91faa3cd9a360e8e1
a2d8dcb59555878d359c2bebbc8be6985d26d7d2
f8c2240958cb1fff47d921ca0f3097f9e7403ada01af2382477ef42c404c38d4
GET /s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://installme.yorkevent.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 10:14:49 GMT
expires: Sat, 03 Feb 2024 10:14:49 GMT
cache-control: public, max-age=31536000
age: 193721
last-modified: Mon, 11 Jul 2022 20:38:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
installme.yorkevent.com/wp-includes/js/wp-util.min.js?ver=4.9.22
192.254.235.207200 OK 565 B URL HTTP/1.1 installme.yorkevent.com/wp-includes/js/wp-util.min.js?ver=4.9.22
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1042), with no line terminators
Hash 4b26190dd7bfeee18f0ee8a8d61a6551
065e24a1f0a28253ad5d0d55408378f3a63d6bb8
4446d62284a6f967f68a8e16207d42dc890d78bc13e347927848df5414af59b5
GET /wp-includes/js/wp-util.min.js?ver=4.9.22 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Fri, 16 Apr 2021 03:32:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 565
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
installme.yorkevent.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=3.6.7
192.254.235.207200 OK 4.3 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=3.6.7
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (13277), with no line terminators
Hash 4e1a382c97fb907bb142996c38276f09
14a39b84deb2a7928113b81a1c7a078f2173e420
089244d1d0904c13a237b6b0068a5f9b073db9f4b05a4b44823f69858527e587
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=3.6.7 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 16:41:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4344
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
installme.yorkevent.com/wp-includes/js/wp-embed.min.js?ver=4.9.22
192.254.235.207200 OK 750 B URL HTTP/1.1 installme.yorkevent.com/wp-includes/js/wp-embed.min.js?ver=4.9.22
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1391), with no line terminators
Hash 1c782657b72dd210e34fe872458db8a4
9aab886e2eb32e3ad3b48b414725b93875843201
f938f1b4a0bac49749cd11a5f8838cdcf6a188f2b4c5054467a08e209a1560aa
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=4.9.22 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Fri, 16 Apr 2021 03:32:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 750
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
installme.yorkevent.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
192.254.235.207409 Conflict 83 B URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 409 Conflict
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
installme.yorkevent.com/wp-content/themes/basel/js/theme.min.js?ver=4.5.0
192.254.235.207200 OK 206 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/themes/basel/js/theme.min.js?ver=4.5.0
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32030)
Size 206 kB (205590 bytes)
Hash 1617598c5a16e9091f3c79348f1d31a9
ffccdb2587cdfb5a8d4a757c96c679dc46837921
4c46389990f7ecbd8e96504989c3416564c12d1d0267104ffa55d3eec23a5518
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/basel/js/theme.min.js?ver=4.5.0 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:56:13 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
installme.yorkevent.com/wp-content/uploads/2019/05/product-6009880232659-02.jpg1400_1400xoxarxe-300x300.jpg
192.254.235.207200 OK 18 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/uploads/2019/05/product-6009880232659-02.jpg1400_1400xoxarxe-300x300.jpg
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 7aab7605841a089439aab05059893fda
064f11195f288795888170a5b1ca34037bbea133
92c217fde1aa961dfa35a1ed8328851ef97a7a5260f82ff3df660a11307e0f23
GET /wp-content/uploads/2019/05/product-6009880232659-02.jpg1400_1400xoxarxe-300x300.jpg HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 18:40:04 GMT
Accept-Ranges: bytes
Content-Length: 17925
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/jpeg
installme.yorkevent.com/wp-content/uploads/2019/05/product-6002508001002-01.png1400_1400xoxarxe-1-300x300.jpg
192.254.235.207200 OK 7.9 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/uploads/2019/05/product-6002508001002-01.png1400_1400xoxarxe-1-300x300.jpg
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 23b08ab5aa85c82c653f4a8298b84d9d
1cb4ff081dab0a1595ad1f0c3a97a5daeb45d42b
a8d8510fd62408f7ccef20e1e12cb71611182e8e8f4f8d825e52b20772a7c5fb
GET /wp-content/uploads/2019/05/product-6002508001002-01.png1400_1400xoxarxe-1-300x300.jpg HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 19:26:58 GMT
Accept-Ranges: bytes
Content-Length: 7888
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/jpeg
installme.yorkevent.com/wp-content/uploads/2019/05/LNBU10-6-3.jpg
192.254.235.207200 OK 32 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/uploads/2019/05/LNBU10-6-3.jpg
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015.5 (Windows), datetime=2016:12:12 11:56:37], baseline, precision 8, 600x600, components 3\012- data
Hash 123a0c4b8ac062cec6aee94f896a9a78
4481cb4431e84bbd53f6a2c0b31cc23ccf759b0e
3ce96b6b478f0d02378c53aea85cd73cca0a770caefb8f8129d64602a6f922be
GET /wp-content/uploads/2019/05/LNBU10-6-3.jpg HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 19:16:13 GMT
Accept-Ranges: bytes
Content-Length: 32424
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/jpeg
installme.yorkevent.com/wp-content/uploads/2019/05/LNBMX2-1.jpg
192.254.235.207200 OK 40 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/uploads/2019/05/LNBMX2-1.jpg
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x600, components 3\012- data
Hash 5b576a56bc176b631ec09e8605e526d9
a456cfdb1a1ff2e204a40f23cd1f2eeea7a3bc1b
8a4c281e66bc2ea167473e13638df0a73b8102b34cbd82c705d82ecb8545edf6
GET /wp-content/uploads/2019/05/LNBMX2-1.jpg HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 19:13:48 GMT
Accept-Ranges: bytes
Content-Length: 40281
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/jpeg
installme.yorkevent.com/wp-content/themes/basel/fonts/fontawesome-webfont.woff2?v=4.7.0
192.254.235.207200 OK 77 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/themes/basel/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/basel/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://installme.yorkevent.com/wp-content/themes/basel/css/font-awesome.min.css?ver=4.5.0
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:56:13 GMT
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: font/woff2
installme.yorkevent.com/wp-content/uploads/2019/05/LNBMX1.jpg
192.254.235.207200 OK 40 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/uploads/2019/05/LNBMX1.jpg
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015.5 (Windows), datetime=2016:12:12 11:40:19], baseline, precision 8, 600x600, components 3\012- data
Hash 431d65ea67a7f2e61dc8bcf963cb56a7
143b0d6c67a2fc0c8fe4b56486963f49ff6b04c4
e0ef94179098d14f48adb9f87f658971fef0c2c166d27f707652931bba66d95a
GET /wp-content/uploads/2019/05/LNBMX1.jpg HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 19:11:35 GMT
Accept-Ranges: bytes
Content-Length: 39471
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/jpeg
installme.yorkevent.com/wp-content/uploads/2019/05/LNBU8.jpg
192.254.235.207200 OK 36 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/uploads/2019/05/LNBU8.jpg
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015.5 (Windows), datetime=2016:12:12 11:56:42], baseline, precision 8, 600x600, components 3\012- data
Hash 5046094a6949ecabc56f7298d9cfa229
95c66acc3bd5229a7056d52deaefeaae32738831
9b85d297c0212e1c74121cf7525c8ec3a02abcbd8b0d10a258d101b9adcdfcec
GET /wp-content/uploads/2019/05/LNBU8.jpg HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 19:07:56 GMT
Accept-Ranges: bytes
Content-Length: 36524
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/jpeg
installme.yorkevent.com/wp-content/uploads/2019/05/product-6002508001002-01.png1400_1400xoxarxe-600x600.jpg
192.254.235.207200 OK 18 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/uploads/2019/05/product-6002508001002-01.png1400_1400xoxarxe-600x600.jpg
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 600x600, components 3\012- data
Hash 4e39b224ab5c7a7e46f5f3965f5422c1
e559ab8648b44a6e9699edbb7f68c5914aa7545c
cad697c802aa9c36ee90973186c80b730d2879c86c94b53d2c8b975106743b51
GET /wp-content/uploads/2019/05/product-6002508001002-01.png1400_1400xoxarxe-600x600.jpg HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 19:05:39 GMT
Accept-Ranges: bytes
Content-Length: 18486
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/jpeg
installme.yorkevent.com/wp-content/uploads/2019/05/RMHD4136-4.jpg
192.254.235.207200 OK 47 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/uploads/2019/05/RMHD4136-4.jpg
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015.5 (Windows), datetime=2016:12:12 11:40:25], baseline, precision 8, 600x600, components 3\012- data
Hash 7222be553fe72af2eae8d507fe2585c3
69ae4cb08bcf6ede72414169174a9b7d59c866ca
006ffb2c527448f901dfd0fb988b77217ce94d78e669992928b203a9a0f54a76
GET /wp-content/uploads/2019/05/RMHD4136-4.jpg HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 19:02:51 GMT
Accept-Ranges: bytes
Content-Length: 47107
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/jpeg
installme.yorkevent.com/wp-content/uploads/2019/05/logo-png.png
192.254.235.207200 OK 125 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/uploads/2019/05/logo-png.png
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1299 x 393, 8-bit/color RGBA, non-interlaced\012- data
Size 125 kB (124604 bytes)
Hash c158719a4b0370523d1addfc16994359
8bce78f6eb368fdc497737093fbd8df8a32502a0
c47a7d5fe11ff61609ceb381af23d95cce1dd2c640fbbdcf8373b19b11898f2e
GET /wp-content/uploads/2019/05/logo-png.png HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 17:10:07 GMT
Accept-Ranges: bytes
Content-Length: 124604
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/png
installme.yorkevent.com/wp-content/uploads/2019/05/Picture3-1-600x514.png
192.254.235.207200 OK 211 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/uploads/2019/05/Picture3-1-600x514.png
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 600 x 514, 8-bit/color RGBA, non-interlaced\012- data
Size 211 kB (211387 bytes)
Hash 0a948654d4a8dd6f3fb616d443a9b289
41951b51b458f8f02605fc19d7beeb03f7cc2881
1796a49fa98be23cb5e1e345e8cb067f32b21274d66943b576e694e28a74c5dd
GET /wp-content/uploads/2019/05/Picture3-1-600x514.png HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 19:00:06 GMT
Accept-Ranges: bytes
Content-Length: 211387
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/png
installme.yorkevent.com/wp-content/uploads/2019/05/RMHDX-1.jpg
192.254.235.207200 OK 21 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/uploads/2019/05/RMHDX-1.jpg
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x600, components 3\012- data
Hash bba0b0d8211b60a2390eae2556274b80
08cf9be4efadc53e9d6fc2d355e5cf59348ff0af
5a156e2ca2aa0b8a24846916f812bb1496c9611fda7860861839b94b498db04c
GET /wp-content/uploads/2019/05/RMHDX-1.jpg HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 18:56:30 GMT
Accept-Ranges: bytes
Content-Length: 21326
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/jpeg
installme.yorkevent.com/wp-content/uploads/2019/05/Free-Delivery.png
192.254.235.207200 OK 239 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/uploads/2019/05/Free-Delivery.png
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 6666 x 625, 8-bit/color RGB, non-interlaced\012- data
Size 239 kB (238865 bytes)
Hash 26c7294c1dd4fe4411a3b81a45e74346
6d70a6cc879359a0452e44bf22b8336655746679
9844c6a21b1b44ec1377bb91262bc9d67d9e150a686d62a2c7c2153cf722b3bf
GET /wp-content/uploads/2019/05/Free-Delivery.png HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 21:54:15 GMT
Accept-Ranges: bytes
Content-Length: 238865
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/png
installme.yorkevent.com/wp-content/uploads/2019/05/BLNBUTK-1.jpg
192.254.235.207200 OK 57 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/uploads/2019/05/BLNBUTK-1.jpg
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x600, components 3\012- data
Hash 6ade0d74ac346e5da9c5e3a5f8224db8
007a17e0bbc1ffcac6b566c1c75c363bbff3548d
1d00ac550ce279505eb31081978235cd28e4fdd474bf774bf5a210cbf0b81f4a
GET /wp-content/uploads/2019/05/BLNBUTK-1.jpg HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 09 May 2019 19:17:28 GMT
Accept-Ranges: bytes
Content-Length: 57310
Keep-Alive: timeout=5, max=75
Content-Type: image/jpeg
installme.yorkevent.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.4.8
192.254.235.207200 OK 2.8 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.4.8
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8089), with CRLF line terminators
Hash 4b7965432515b8c0726df47d008f39b3
4da311c37395db04b3f0e25c88e595f0a3c96c88
f08d33a18da2349f5627a6a90e0823b9a904151e514a7fd353dca48c5717cbe3
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.4.8 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:57:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2845
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
installme.yorkevent.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8
192.254.235.207200 OK 8.4 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (28818), with CRLF line terminators
Hash 9e9b332abe4a46934cc85242e22dd146
25dd86bdfc67ef2a8ce5561f73d5f5d147476da6
94f47ceb3f24fc839c1d3a60ed818edd717253efd60153e4e3ea2f00a7aba0ff
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:57:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8380
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: application/javascript
installme.yorkevent.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8
192.254.235.207200 OK 18 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (55556), with CRLF line terminators
Hash 9fbd7f61d50cf491bbf8472db215c74e
70e15c29e655f212aa18876e77e5e4723ec70885
a76b5284297afd74845c0250c254cef73e00fcf4d6ebda103acd6d32204cb641
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:57:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
installme.yorkevent.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8
192.254.235.207200 OK 8.9 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (25862), with CRLF line terminators
Hash 24cc4ae82947db94318c91847a49ee68
23ba55c3129dec4bb3c302eef52bebcbfa172e97
a3ab15aba69b891687f297afd31f1b09aa19856083d4ce9bb59d5b8f9df21477
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:57:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8892
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
installme.yorkevent.com/wp-content/uploads/2019/05/Picture4.png
192.254.235.207200 OK 720 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/uploads/2019/05/Picture4.png
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1143 x 850, 8-bit/color RGBA, non-interlaced\012- data
Size 720 kB (720113 bytes)
Hash 50eabdaf658b9e0bfaadc550c69f21d6
aa43172fb536dd5b44b50d52edcabe7d71e4d36b
2767d9ad5759878495830831d3e0f63442a261367c3ac06c3610d43033ede871
GET /wp-content/uploads/2019/05/Picture4.png HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 17:32:57 GMT
Accept-Ranges: bytes
Content-Length: 720113
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/png
installme.yorkevent.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.parallax.min.js?version=5.4.8
192.254.235.207200 OK 4.1 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.parallax.min.js?version=5.4.8
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10692), with CRLF line terminators
Hash 4118e329abf762c8b2ab03755dd88677
b3cc2dc381b9f93aa6e5633e6c96bf7cabedf40f
a7f6a1623f082a32352cddcd2a10d4dce4e60a11d9feb3c5a1a7ff5259996f1b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.parallax.min.js?version=5.4.8 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:32 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:57:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4148
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
installme.yorkevent.com/wp-content/uploads/2019/05/payments.png
192.254.235.207200 OK 9.1 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/uploads/2019/05/payments.png
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 255 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash ef95749583f58a783c20ae21281670b7
8d037c56b18cbc553ff973cb616144197d05f391
b273e9b7c36c48c9a4ce99b4d6529f716c664c7b12e3072a709fcd2cf10f5524
GET /wp-content/uploads/2019/05/payments.png HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:32 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 19:23:37 GMT
Accept-Ranges: bytes
Content-Length: 9089
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/png
installme.yorkevent.com/wp-content/plugins/revslider/admin/assets/images/transparent.png
192.254.235.207200 OK 71 B URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/revslider/admin/assets/images/transparent.png
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash 753f6c59bbe7913f21576b58b193bc5a
b3e3885f69e401b3a320010ff7a40dd19768fe3b
8ea078292393a14a8e44be139a7fa6ed09d9c650e210eccca587045239b71cab
GET /wp-content/plugins/revslider/admin/assets/images/transparent.png HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:32 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:57:42 GMT
Accept-Ranges: bytes
Content-Length: 71
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/png
installme.yorkevent.com/wp-content/plugins/yith-woocommerce-wishlist/assets/images/wpspin_light.gif
192.254.235.207200 OK 2.2 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/yith-woocommerce-wishlist/assets/images/wpspin_light.gif
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 16 x 16\012- data
Hash dd4e6dd268a70ce4c1c5143b1a4092dd
e687c07184e17ba103c5c3947988b817ef6af513
6764d1ceca55223d425248b80a02eca133fddb83163a2841c9d84965f44206d3
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/images/wpspin_light.gif HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:32 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:57:54 GMT
Accept-Ranges: bytes
Content-Length: 2209
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/gif
installme.yorkevent.com/wp-content/plugins/revslider/public/assets/assets/loader.gif
192.254.235.207200 OK 2.5 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/plugins/revslider/public/assets/assets/loader.gif
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 24 x 24\012- data
Hash 4b3afb84b2b71ef56df09997a350bd04
accdac8a7abeab0e21c49539aad0a973addb28ef
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:32 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:57:42 GMT
Accept-Ranges: bytes
Content-Length: 2545
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/gif
installme.yorkevent.com/wp-content/uploads/2019/05/Picture3-1.png
192.254.235.207200 OK 241 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/uploads/2019/05/Picture3-1.png
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 691 x 514, 8-bit/color RGBA, non-interlaced\012- data
Size 241 kB (240689 bytes)
Hash 2d448f2439309531fcb750a3c6e1d5a1
b9b2d12d058d1cab839a01a26c22ba954d4a4184
c51eae01b80dafce37e170d0d87ad6de59ad4c882463c158066f6852ddf824f4
GET /wp-content/uploads/2019/05/Picture3-1.png HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:32 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 19:00:04 GMT
Accept-Ranges: bytes
Content-Length: 240689
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/png
installme.yorkevent.com/wp-content/uploads/2019/05/CCTTV_Kits-04_e1c28c71-b3f7-4c5b-b908-bc2b3449a2fa_1024x1024-1.png
192.254.235.207200 OK 729 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/uploads/2019/05/CCTTV_Kits-04_e1c28c71-b3f7-4c5b-b908-bc2b3449a2fa_1024x1024-1.png
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1023 x 1024, 8-bit/color RGB, non-interlaced\012- data
Size 729 kB (728785 bytes)
Hash 149bd83302cb327f480b279ffacd2b09
ddab7aea4c6a1a616398c5e7394cb0935835c1ae
49c7acc7e38269a79c2729c7977a6361b21c09d521d190eddad348ff18063a7c
GET /wp-content/uploads/2019/05/CCTTV_Kits-04_e1c28c71-b3f7-4c5b-b908-bc2b3449a2fa_1024x1024-1.png HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:32 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 18:37:44 GMT
Accept-Ranges: bytes
Content-Length: 728785
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/png
installme.yorkevent.com/wp-content/uploads/2019/05/fav.png
192.254.235.207200 OK 68 kB URL HTTP/1.1 installme.yorkevent.com/wp-content/uploads/2019/05/fav.png
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 529 x 382, 8-bit/color RGBA, non-interlaced\012- data
Hash 898ef041ca60d6b8a363c442c612b034
0d9d2d40aca9199c305a2a646a515498c52068db
2bfc010ef4c75adba5f3de09114cc2b5a0b5ded141a745ca013a7c82ccd28569
GET /wp-content/uploads/2019/05/fav.png HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:32 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 17:14:27 GMT
Accept-Ranges: bytes
Content-Length: 67920
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/png
installme.yorkevent.com/?wc-ajax=get_refreshed_fragments
192.254.235.207200 OK 266 B URL HTTP/1.1 installme.yorkevent.com/?wc-ajax=get_refreshed_fragments
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JSON data\012- , ASCII text, with very long lines (519), with no line terminators
Hash 85b64c3c6aae1e36ec3307e8168902ac
c17066abf216182da7faf3e5c407a889b9b00a15
e81ddb8af57d743b1ca46fc22ac6b4ddb053560475fd41347ef3f9ee257ea8b1
Analyzer Verdict Alert fortinet Malware
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://installme.yorkevent.com
Connection: keep-alive
Referer: http://installme.yorkevent.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:31 GMT
Server: Apache
Access-Control-Allow-Origin: http://installme.yorkevent.com
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-transform, no-cache, must-revalidate, max-age=0
X-Robots-Tag: noindex
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 266
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
fonts.googleapis.com/css?family=Karla:400,700,400italic,700italic%7CLato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic&display=swap&ver=1557422097
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Karla:400,700,400italic,700italic%7CLato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic&display=swap&ver=1557422097
IP 142.250.74.106:0
GET /css?family=Karla:400,700,400italic,700italic%7CLato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic&display=swap&ver=1557422097 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://installme.yorkevent.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 16:03:29 GMT
date: Sun, 05 Feb 2023 16:03:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
installme.yorkevent.com/wp-content/themes/basel/fonts/Simple-Line-Icons.ttf?v=2.2.2
192.254.235.207200 OK 0 B URL HTTP/1.1 installme.yorkevent.com/wp-content/themes/basel/fonts/Simple-Line-Icons.ttf?v=2.2.2
IP 192.254.235.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/basel/fonts/Simple-Line-Icons.ttf?v=2.2.2 HTTP/1.1
Host: installme.yorkevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://installme.yorkevent.com/wp-content/themes/basel/style.min.css?ver=4.5.0
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:03:30 GMT
Server: Apache
Last-Modified: Thu, 09 May 2019 15:56:13 GMT
Accept-Ranges: bytes
Content-Length: 53368
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: font/ttf