althyplane.com/wp-admin/ELWa8YcOqlJn/
188.130.25.102302 Found 0 B URL HTTP/1.1 althyplane.com/wp-admin/ELWa8YcOqlJn/
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-admin/ELWa8YcOqlJn/ HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
content-length: 0
location: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
cache-control: no-cache
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10877
Expires: Sat, 21 Jan 2023 12:43:13 GMT
Date: Sat, 21 Jan 2023 09:41:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 20d267853e48ef7d476459ed67da5d97
06d1bd08efd69c0e93486d3c423fa2640f372d29
24323cd45ca2ed01c63f908233d9b2ad5bb6f63394884c45bf6abb0221d0edd6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24323CD45CA2ED01C63F908233D9B2AD5BB6F63394884C45BF6ABB0221D0EDD6"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7082
Expires: Sat, 21 Jan 2023 11:39:58 GMT
Date: Sat, 21 Jan 2023 09:41:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 08:49:37 GMT
content-type: application/json
age: 3139
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5481
Expires: Sat, 21 Jan 2023 11:13:17 GMT
Date: Sat, 21 Jan 2023 09:41:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RtlmmiHEG77c44RydB71Vcy9e+n4lp2/WZBdE726EnL/CLgaavU3vGijFa+7VGakbEVOFuh5QOR8LQ4RbQo76A==
x-amz-request-id: NNXFYS8KZN1C6N4F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 09:17:57 GMT
age: 1439
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 09:41:56 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash accb429a574a49779807e2e7a4e520ab
be289095bbacf335ad3abd39902e4f484ef1ee1e
af99bad646a7eaf23d3d8964374bdfb81cf180c0205ce56d6d6b039adc44639b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF99BAD646A7EAF23D3D8964374BDFB81CF180C0205CE56D6D6B039ADC44639B"
Last-Modified: Thu, 19 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 21 Jan 2023 15:41:57 GMT
Date: Sat, 21 Jan 2023 09:41:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 09:17:29 GMT
age: 1468
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bdb8a13dfce39d6e151a9ef185a772a1
037a680510f9dbce3c7cc3c0f9115fd587dbcd1d
98c8b7f269b9aad73b73fd946788ebfd7a4d7afbdd5347b56c67f73b947f5ff6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4035
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 09:41:57 GMT
Last-Modified: Sat, 21 Jan 2023 08:34:42 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.218.164.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.164.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: F9g7QeTi9kGjEpbpGsW/oA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pIwAWIaCCz4zjp0J25+xKyEifvQ=
althyplane.com/wp-content/plugins/easy-lite-preloader/assets/css/elpl-style.css
188.130.25.102200 OK 883 B URL HTTP/1.1 althyplane.com/wp-content/plugins/easy-lite-preloader/assets/css/elpl-style.css
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (2600), with no line terminators
Hash 5d59e659d3248507dbc80221ea04ee6e
ec6af8390cc1c98c3abea1382864a2b0b50c735c
14f9d624404d0a076134dd13c4cdf45c0d63e6bc0713d41ade484cd2c7b10923
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/easy-lite-preloader/assets/css/elpl-style.css HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:41:58 GMT
server: Apache
last-modified: Thu, 11 Aug 2022 13:07:13 GMT
etag: "a28-5e5f6d813225e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 883
content-type: text/css
althyplane.com/wp-includes/css/classic-themes.min.css?ver=1
188.130.25.102200 OK 189 B URL HTTP/1.1 althyplane.com/wp-includes/css/classic-themes.min.css?ver=1
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:41:58 GMT
server: Apache
last-modified: Wed, 02 Nov 2022 04:11:38 GMT
etag: "d9-5ec750984e819-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 189
content-type: text/css
althyplane.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
188.130.25.102200 OK 5.5 kB URL HTTP/1.1 althyplane.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (15660)
Hash fd249d77a83bd3d86eec39a9f781f0d9
6f0db150f14435e01fffbbbd5989e7239b61fc4a
a829e94587d925b4354d79960f245e3362f6f49dcf6159fb9755b66047c94bba
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:41:58 GMT
server: Apache
last-modified: Wed, 25 May 2022 03:35:07 GMT
etag: "48b9-5dfcdc27a25ed-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5523
content-type: application/javascript
althyplane.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
188.130.25.102200 OK 15 kB URL HTTP/1.1 althyplane.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (47826)
Hash 3e893e2807bec1d21af440a8668d839a
8d7a6486b6d2f3d6003b13935620a548c30efb10
eb4261aff57ef6f13ccbeecfab74a3ea3ed71f4d872ef3c1a108ac7ff96c85ad
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:41:58 GMT
server: Apache
last-modified: Wed, 16 Nov 2022 03:39:44 GMT
etag: "172a9-5ed8e392e2745-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 14912
content-type: text/css
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4578
Expires: Sat, 21 Jan 2023 10:58:17 GMT
Date: Sat, 21 Jan 2023 09:41:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4578
Expires: Sat, 21 Jan 2023 10:58:17 GMT
Date: Sat, 21 Jan 2023 09:41:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4578
Expires: Sat, 21 Jan 2023 10:58:17 GMT
Date: Sat, 21 Jan 2023 09:41:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4578
Expires: Sat, 21 Jan 2023 10:58:17 GMT
Date: Sat, 21 Jan 2023 09:41:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3193eab-6c48-4dde-bbaf-b719037166b6.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3193eab-6c48-4dde-bbaf-b719037166b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 117e54579fa4a1f0f394f8aace6e39ae
26503673cacf3e925d8ba27150dc42e6f0b7e08c
6a1748bb0306ebe366de8399ed71737c4f47b87dd1b213634289d6362b3bc3c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3193eab-6c48-4dde-bbaf-b719037166b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6569
x-amzn-requestid: 147b81e3-726d-442b-ad2e-18ee04cc1583
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6xgmFOpoAMF0Ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c762d0-754855cf11055b2f57c9c448;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 03:09:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _82f4lTRtAHufs3-QeVhRq3Jddszm53yQCCjVAMNt49Iahq0BKrzUQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 06:11:56 GMT
age: 12603
etag: "26503673cacf3e925d8ba27150dc42e6f0b7e08c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F565a8eca-40af-442b-9fe9-95e12dc0170a.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F565a8eca-40af-442b-9fe9-95e12dc0170a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa786854fde0d99189b458067b9d9418
ddf0fb650816b969d53d6e32ae31074bcb7e944e
a3d08b87658f756aa2f9e3072e87d52db30884aa6b6ab0cd8b278d0c870db2b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F565a8eca-40af-442b-9fe9-95e12dc0170a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7000
x-amzn-requestid: 05354e13-330d-40fc-9a96-ac345cfc80f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4BN9HBgoAMF9Iw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c648bf-146e89a423565a04139b19cb;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:05:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JPr1Q54hGh5TxVRUTIHXPEviHADCGwqbU5WDd7B4JubG6ZiRG1Yr4Q==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 07:28:23 GMT
age: 8016
etag: "ddf0fb650816b969d53d6e32ae31074bcb7e944e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 893ea518ea7c11ec06ffea60b2ee7921
34675a13bbac6abd1b087e546425e141215cf072
675ec12ed5803fad5036cedc1a3b66229316836bb321b4ad3a34aab56a100ca7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8698
x-amzn-requestid: 97c3bd04-2d8a-447e-85cb-376ea44b283c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0K85GOQIAMFbPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4beb8-5b6517906d2f8bad6488e6f8;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:04:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: reROJ7ha0LKGWpSMN0ioNVaIrIEhJUn_cfprHVZlfyY7jBoFyKh0rw==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 13:48:55 GMT
age: 71584
etag: "34675a13bbac6abd1b087e546425e141215cf072"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b08ef55971faa2683ab9f2af8a11dcec
a46c748cccb714f05a068c2438181328b4fbd57a
1d073abf25fbea2d85f34076eae47f9e89502846815094f5288b8e80762a8fe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11562
x-amzn-requestid: 67ff0d3d-ed43-4269-92f4-c3eb5445e9c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyBEhzIAMFnCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-27c6ebf6450d0e3275dad906;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8-aCSDcxTLree8fsGCxZEqY0272fNcqQEtHJ7aVAO6XjQRmjZXgqdw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 05:18:04 GMT
age: 15835
etag: "a46c748cccb714f05a068c2438181328b4fbd57a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf32145-89e4-4f11-b8c1-0f5b832b325a.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf32145-89e4-4f11-b8c1-0f5b832b325a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a43120101d55af4d7d2cb93aa3f81560
2c1443887c1e4a85ad794f463fc947a97486e091
055cd52ec7c883a67e521fba820e80cbbf8ecb59343f6d48ba5e5d9b22bfddcc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf32145-89e4-4f11-b8c1-0f5b832b325a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7895
x-amzn-requestid: 3ae300df-5e6c-4c70-a8ed-1475b7580b9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etlxaEz2IAMFwDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21cd5-1b0ce13023f3ada1112870db;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:09:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ffjveHMubnwvTvS4AC0uHyf1hCYDHluCS3oxM25bE5U1sbjD65Gjcw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 21:49:35 GMT
age: 42744
etag: "2c1443887c1e4a85ad794f463fc947a97486e091"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cxuHpm9vR0_DvHdEtR5p5eRRNAFgCrOTnak0RsH3OeCccehhurKhJA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 01:38:03 GMT
age: 29036
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
althyplane.com/wp-content/themes/kava/style.css?ver=2.1.4
188.130.25.102200 OK 4.8 kB URL HTTP/1.1 althyplane.com/wp-content/themes/kava/style.css?ver=2.1.4
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (698)
Hash c8c6f2b7ae83ababb726a9c7e93e5c71
3671ec8ac5e19a33ee83428acb5591de3d476b74
d477732133c7087e1550d86e424cbc78c474df5d08b3ba89a36cacf35f09e4d8
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/kava/style.css?ver=2.1.4 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:41:59 GMT
server: Apache
last-modified: Mon, 02 May 2022 08:38:48 GMT
etag: "6a9a-5de0352336a14-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4829
content-type: text/css
althyplane.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
188.130.25.102200 OK 1.0 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
Hash 8c5101cf326d40bd98df98a8d0c0519e
6e81a81ba411ac3f3ef44123ccbeb994c1363f84
7297a73ebadada2be39b896862257140781c6f221c08906553ae463a68ab290e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:41:59 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:22:10 GMT
etag: "aab-5df6edd00a9fe-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1028
content-type: text/css
althyplane.com/wp-content/themes/contractor/style.css?ver=2.1.4
188.130.25.102200 OK 1.3 kB URL HTTP/1.1 althyplane.com/wp-content/themes/contractor/style.css?ver=2.1.4
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
Hash 780dbb11bb2645417b9adec244c8940d
dec7435fb927dca2f2a9ba2427356ab68b68d1bb
ea3b1a7168b6e70cab4c678fa39781de5c0ab68ee0629557d739dc98a5c9fd94
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/contractor/style.css?ver=2.1.4 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:41:59 GMT
server: Apache
last-modified: Fri, 20 May 2022 09:16:48 GMT
etag: "1c08-5df6df33788b7-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1252
content-type: text/css
althyplane.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
188.130.25.102200 OK 7.8 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (30837)
Hash 531520c6b62996e425e71677e7c669f8
e61f0f20ac9c3e06b2a6110b1380cc1a1db9f3f0
dbcbacf75752afd0beb201851a11976f99375bd8fe637dfc0b289b4388ce6fda
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:41:59 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:06:54 GMT
etag: "7917-5df6ea6630da3-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7777
content-type: text/css
althyplane.com/wp-content/themes/kava/theme.css?ver=2.1.4
188.130.25.102200 OK 13 kB URL HTTP/1.1 althyplane.com/wp-content/themes/kava/theme.css?ver=2.1.4
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
Hash 557455a41999815d6342377fa211cad3
a6acc1879658d37e36cff74298ed1856cdc6520e
bb20c30b7c83da3ab079462ef6a949d759f7b32c61048d96bebde448f2b77fcb
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/kava/theme.css?ver=2.1.4 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:41:59 GMT
server: Apache
last-modified: Mon, 02 May 2022 08:38:45 GMT
etag: "11902-5de0352018092-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 12626
content-type: text/css
althyplane.com/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/v4-shims.min.css?ver=5.12.0
188.130.25.102200 OK 4.6 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/v4-shims.min.css?ver=5.12.0
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (26516)
Hash 0a5db1971fb28d6574555fa419b98b29
ea2a03dc8645cf6f05965c5c44ebde3511bdbe3a
4aea8d79474adc94bdcf2ae91cbc201f04b9c457019b74a9cc46a97bfdf24444
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/v4-shims.min.css?ver=5.12.0 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:41:59 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:52:21 GMT
etag: "684e-5df6f48ea74a4-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4632
content-type: text/css
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 5422c49666fc195ae94aa0f5cf837bfc
e0f1dd926cd9328ccf9cc99389337056c62f1043
f639aad2dc85708fa922b793660f13ae597f275a8ebf61e7e72fb2bce257cc76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 09:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
althyplane.com/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/all.min.css?ver=5.12.0
188.130.25.102200 OK 14 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/all.min.css?ver=5.12.0
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (56994)
Hash eb6abb1cf5de576042b28aa707b0d0da
9793f607ef137cac95018fa1b5e5c1242e6000c3
8ac73a488995f9d71df48d3779a82e2a00f5a7317f6f57496ab0a5cb31dafd65
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/all.min.css?ver=5.12.0 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:41:59 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:52:21 GMT
etag: "df5c-5df6f48e93832-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 13754
content-type: text/css
althyplane.com/wp-content/themes/kava/inc/modules/blog-layouts/assets/css/blog-layouts-module.css?ver=2.1.4
188.130.25.102200 OK 14 kB URL HTTP/1.1 althyplane.com/wp-content/themes/kava/inc/modules/blog-layouts/assets/css/blog-layouts-module.css?ver=2.1.4
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (65536), with no line terminators
Hash 936829b4cdb1987825e1cb8da1939514
9413a345008cb1569c2a1563b04f1247f65b89a3
8bc0a646b509f304c8f218ae7b26dbde9d88edc2fdd1e92cb3175cc782b543d5
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/kava/inc/modules/blog-layouts/assets/css/blog-layouts-module.css?ver=2.1.4 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:41:59 GMT
server: Apache
last-modified: Mon, 02 May 2022 08:40:14 GMT
etag: "24b19-5de035749141c-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 14536
content-type: text/css
althyplane.com/wp-content/plugins/jet-menu/assets/public/css/public.css?ver=2.1.7
188.130.25.102200 OK 7.7 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/jet-menu/assets/public/css/public.css?ver=2.1.7
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8568588662b46aeabcbefdb708e610e5
0954f6c5c69adfbc0fab8bdfb4ee2be93e207b5d
9d75544b1dca9f4a645e5cb23ed27d12f3c9119ef9ae499490f7c203fbc064ed
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/jet-menu/assets/public/css/public.css?ver=2.1.7 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:41:59 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:52:20 GMT
etag: "13801-5df6f48e3f889-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7661
content-type: text/css
althyplane.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
188.130.25.102200 OK 4.4 kB URL HTTP/1.1 althyplane.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (11126)
Hash 24957bc8161f979c6e661f46fdc3974f
fa1237ffe8b3745baa78ac481239038e133fcc17
46acf87c90961d413ac24eace25b77a8d5236daf38799fec2daf0bc350cc6ebe
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:41:59 GMT
server: Apache
last-modified: Wed, 16 Mar 2022 15:12:40 GMT
etag: "2bd8-5da57583052b6-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4405
content-type: application/javascript
althyplane.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
188.130.25.102200 OK 1.1 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (11736)
Hash 0245325e4441943aa0d5c94f5ab31df8
07b72ab29da491f27775ecf63265156dd0c14919
a79c04c103520c9b23092af8d2bcb9f5bb4ad1d0bdea4b1fbcfba90a2e7ae3fa
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:41:59 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:06:51 GMT
etag: "2dff-5df6ea637bfa2-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1127
content-type: text/css
althyplane.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
188.130.25.102200 OK 34 kB URL HTTP/1.1 althyplane.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (65447)
Hash cd21f355e6304704e2cb9eef61f69aa3
ee985d01dff7c459092822e410abbcd931d8d034
bf2281bc7411707eaabea35da78474c33d8ff475bbefcba3ebd4c5ed771a19fc
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:41:59 GMT
server: Apache
last-modified: Wed, 02 Nov 2022 04:11:39 GMT
etag: "15e54-5ec75098e2f1d-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 34122
content-type: application/javascript
fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C900%7CMontserrat%3A700&subset=latin&ver=6.1.1
142.250.74.138200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C900%7CMontserrat%3A700&subset=latin&ver=6.1.1
IP 142.250.74.138:0
Hash 34f19b5a2dd6f1fb1034db141e1bf7e0
1f28ae32c2e06c96879a1ffdc2792c2e2b68e239
6e5e6196808ee99d6fc5440cb9020f5db2b9d4d10f22b48aa6043bebc9267a0f
GET /css?family=Roboto%3A300%2C400%2C500%2C900%7CMontserrat%3A700&subset=latin&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://althyplane.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 21 Jan 2023 09:41:59 GMT
date: Sat, 21 Jan 2023 09:41:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
althyplane.com/wp-content/plugins/jet-blocks/assets/css/jet-blocks.css?ver=1.3.2
188.130.25.102200 OK 5.7 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/jet-blocks/assets/css/jet-blocks.css?ver=1.3.2
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (41372)
Hash 5aabf53a4f3602650371629bfdf68e87
a9927b2062ec208451db998ef393a3c83035488c
4f16fa5c9a41ea183e39a4b765756dbb49191c3a1995303cd4798401bb25991a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/jet-blocks/assets/css/jet-blocks.css?ver=1.3.2 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:50:37 GMT
etag: "a19d-5df6f42b82711-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5659
content-type: text/css
althyplane.com/wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=2.6.5
188.130.25.102200 OK 27 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=2.6.5
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (65536), with no line terminators
Hash dd36b85e0617ba07d9fd0f917cafd210
5631a87beef06ffd98513c588e62f654e70e3cbf
ad6d289243c84474b01cf68b6e1c88f83d7b08178019066e0a44ad5c9f0d7a08
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=2.6.5 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:51:13 GMT
etag: "38e1f-5df6f44dcbd3f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 26973
content-type: text/css
althyplane.com/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.6.5
188.130.25.102200 OK 3.4 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.6.5
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (17467)
Hash 7e388ccdd964a2238f31d889b5bc2990
9d5e7e9ce98b4cad6d3fafdfbc090452b40843c4
74aaab0de504b12178d4b5254abe24ba10338009b42704cf4342dfa682075995
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.6.5 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:51:13 GMT
etag: "443c-5df6f44dca1cf-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3403
content-type: text/css
althyplane.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
188.130.25.102200 OK 4.3 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (19082)
Hash dad4ff3760a11a8cc25cd46877a4b85d
ecd225ee9665a235ab689d98a96c4242a4d2e297
b1131bcd187b4b83911e412ae14589f321cb71a1562a4d1995e07af7ca27b5ab
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:06:54 GMT
etag: "4ab8-5df6ea65cacc3-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4314
content-type: text/css
althyplane.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.5
188.130.25.102200 OK 17 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.5
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (65497)
Hash fea5ff60476002c75fa7947b9e88e369
a6ac22b4b39dddc3e32bacdb4556f3417565968f
7aed29af39a931b43e19c013851cf1a8e7a3f2b8f25023f56e537c7a0a24827f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.5 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:06:51 GMT
etag: "1a592-5df6ea6353719-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 16553
content-type: text/css
althyplane.com/wp-content/plugins/kava-extra/assets/fonts/nucleo-outline-icon-font/nucleo-outline.css?ver=1.0.0
188.130.25.102200 OK 20 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/kava-extra/assets/fonts/nucleo-outline-icon-font/nucleo-outline.css?ver=1.0.0
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
Hash 18ec8981905520387c757d139e528777
e9d4b057e43fc7ab4611a312f7c9836c4b8bb51f
d2273239918c4c33c759f57405edb1d7e26c6193617c520e111d02353d4f83f9
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/kava-extra/assets/fonts/nucleo-outline-icon-font/nucleo-outline.css?ver=1.0.0 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:50:24 GMT
etag: "218a4-5df6f41edbe7a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20168
content-type: text/css
althyplane.com/wp-content/uploads/2022/05/logo-FOOTER-althyplane-Althy-blanc.png
188.130.25.102200 OK 16 kB URL HTTP/1.1 althyplane.com/wp-content/uploads/2022/05/logo-FOOTER-althyplane-Althy-blanc.png
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type PNG image data, 261 x 122, 8-bit/color RGBA, non-interlaced\012- data
Hash 27300c28deb17ed32b2daa4ed09366d2
ec99036aa13ba0149765dfc4ac20f41b4dce2642
39e3a3d01200bdbfcc5595eeb0810b801832e45f7857b47caab24d9c1cf60f6d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/05/logo-FOOTER-althyplane-Althy-blanc.png HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 14:07:21 GMT
etag: "3fe6-5df7202543118"
accept-ranges: bytes
content-length: 16358
vary: User-Agent
content-type: image/png
althyplane.com/wp-content/uploads/2022/05/logo-HEADER-althyplane-Althy-blanc.png
188.130.25.102200 OK 17 kB URL HTTP/1.1 althyplane.com/wp-content/uploads/2022/05/logo-HEADER-althyplane-Althy-blanc.png
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type PNG image data, 306 x 143, 8-bit/color RGBA, non-interlaced\012- data
Hash a8d62d62ae4ec4148deb854f4add9cb5
6a15c5f27f0c4fa8378ba8939e85721e0428aa59
c0a2cf62c170668ee50aff4b6a576cf60aacec4afadaf4bfe4a205f0ff305de4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/05/logo-HEADER-althyplane-Althy-blanc.png HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 14:07:24 GMT
etag: "41d3-5df72027cf2c7"
accept-ranges: bytes
content-length: 16851
vary: User-Agent
content-type: image/png
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash e6d21eff1927f7a74984663b16cfe21a
b747f7d42cdf7cfea6900348cd257066b2634222
a4343acb5bda29aa0d6d64bbefd6bc07a1c5e0166646171be74f4a1d266e3c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 09:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash e6d21eff1927f7a74984663b16cfe21a
b747f7d42cdf7cfea6900348cd257066b2634222
a4343acb5bda29aa0d6d64bbefd6bc07a1c5e0166646171be74f4a1d266e3c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 09:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash e6d21eff1927f7a74984663b16cfe21a
b747f7d42cdf7cfea6900348cd257066b2634222
a4343acb5bda29aa0d6d64bbefd6bc07a1c5e0166646171be74f4a1d266e3c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 09:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://althyplane.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 10:26:49 GMT
expires: Sun, 14 Jan 2024 10:26:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
age: 602111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://althyplane.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 19:33:54 GMT
expires: Thu, 18 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 223686
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://althyplane.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 01:49:59 GMT
expires: Sat, 20 Jan 2024 01:49:59 GMT
cache-control: public, max-age=31536000
age: 114721
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
althyplane.com/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/webfonts/fa-solid-900.woff2
188.130.25.102200 OK 76 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type Web Open Font Format (Version 2), TrueType, length 76084, version 330.-16253\012- data
Hash f6121be597a72928f54e7ab5b95512a1
b2c74520c3f506efbfefca867918e5ae28bd5222
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/jet-menu/assets/public/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://althyplane.com/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/all.min.css?ver=5.12.0
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:52:21 GMT
etag: "12934-5df6f48ef7dc5"
accept-ranges: bytes
content-length: 76084
vary: User-Agent
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 12848, version 1.0\012- data
Hash f0b3206d02a2f684530117ce1d7e8ce0
f3708b707b65e241b0f1c819d5f7bf7da8412653
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://althyplane.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12848
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 10:14:57 GMT
expires: Thu, 18 Jan 2024 10:14:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
content-type: font/woff2
age: 257223
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash e6d21eff1927f7a74984663b16cfe21a
b747f7d42cdf7cfea6900348cd257066b2634222
a4343acb5bda29aa0d6d64bbefd6bc07a1c5e0166646171be74f4a1d266e3c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 09:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
althyplane.com/wp-admin/ELWa8YcOqlJn/
188.130.25.102404 Not Found 123 kB URL HTTP/1.1 althyplane.com/wp-admin/ELWa8YcOqlJn/
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32905)
Size 123 kB (123292 bytes)
Hash 3a4ddae2d75e5164e711419e536d13e8
0087a879ba12a514cfa0cfd629a73b63ea6b990d
0a549fd24b51240870b3be5db2396da81835be8af2a03fc5e15a1ed2cc4aaa7b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-admin/ELWa8YcOqlJn/ HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
date: Sat, 21 Jan 2023 09:41:57 GMT
server: Apache
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=2592000
permissions-policy: geolocation=(self)
content-security-policy: default-src 'unsafe-inline' 'self' www.google.com www.gstatic.com fonts.googleapis.com assets.seedprod.com; font-src 'self' data: fonts.gstatic.com; img-src 'self' data: ld-wp73.template-help.com secure.gravatar.com;
link: <https://althyplane.com/wp-json/>; rel="https://api.w.org/"
vary: User-Agent
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=6330017219b9e65f7c54343594222630; path=/
WEBMO-MNO=11124|Y8uza|Y8uza; path=/; HttpOnly; SameSite=Strict
althyplane.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
188.130.25.102200 OK 14 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (57726)
Hash 6beeb00492b17f60469fffd6235ac053
2cb41c0b11e13f880fc6e45c70d90c84f0c85db8
ee4ce52a73d54a2228265d719338c0853e6549877d0eb182ba8c28ece6f38d21
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:06:54 GMT
etag: "e238-5df6ea66334a8-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 13976
content-type: text/css
althyplane.com/wp-content/plugins/easy-lite-preloader/assets/js/elpl-script.js
188.130.25.102200 OK 802 B URL HTTP/1.1 althyplane.com/wp-content/plugins/easy-lite-preloader/assets/js/elpl-script.js
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (2068), with no line terminators
Hash 903bb05b64866d0aa75346e749eaabc7
3d38d39bd36ccba83ceff714100953d871536d64
e08f79616aa7624fb6f11efe5dafd96497bb678d8178e75505e07af59e34f631
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/easy-lite-preloader/assets/js/elpl-script.js HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Thu, 11 Aug 2022 13:07:13 GMT
etag: "814-5e5f6d8145ecd-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 802
content-type: application/javascript
althyplane.com/wp-content/plugins/jet-blog/assets/css/jet-blog.css?ver=2.2.17
188.130.25.102200 OK 12 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/jet-blog/assets/css/jet-blog.css?ver=2.2.17
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (65536), with no line terminators
Hash b81d9e2a04aa02a372d77082eb0d67d5
6577e99cf77458479a9bbe67b731e8763794c758
3cd6caf8c5e9a773f74d5af9b63d5277e212e83735680a59a7a48093f9bac46c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/jet-blog/assets/css/jet-blog.css?ver=2.2.17 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:50:54 GMT
etag: "1cb4e-5df6f43c2b5b4-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11738
content-type: text/css
althyplane.com/wp-content/plugins/jet-tricks/assets/css/jet-tricks-frontend.css?ver=1.4.1
188.130.25.102200 OK 3.6 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/jet-tricks/assets/css/jet-tricks-frontend.css?ver=1.4.1
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (26810)
Hash 4e4837fdd5906a3421cde79cf91f782c
e3bc666db4444d32bab0db958bdc7b09070480db
a8ebb615fdb991da2bb073a6d5b128f4c46809a5dc5c50ce4f79be8d17fbd6cd
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/jet-tricks/assets/css/jet-tricks-frontend.css?ver=1.4.1 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:52:02 GMT
etag: "68bb-5df6f47c58fcf-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3603
content-type: text/css
althyplane.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
188.130.25.102200 OK 2.6 kB URL HTTP/1.1 althyplane.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (6475), with no line terminators
Hash cba765ca076cb13c7678f0293fb8a3da
98430a0a3db9c19a16f6940750a6738c4d00f962
f68a3fba394baf3508e7987049a6037d9f3e212dc9698976df9fbeb5703379ab
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Wed, 25 May 2022 03:35:03 GMT
etag: "194b-5dfcdc23ea76b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2581
content-type: application/javascript
althyplane.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
188.130.25.102200 OK 312 B URL HTTP/1.1 althyplane.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (483)
Hash 1a5f57a3c279130e5385dc23c63480ca
495d0b9326b42d552932276b815779bbc09d7083
6f5b533f1629e50e5fe7e2e9ede37072b0f9d65e439d0d56d43daa4373d1d745
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:06:54 GMT
etag: "29d-5df6ea663c531-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 312
content-type: text/css
althyplane.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
188.130.25.102200 OK 7.0 kB URL HTTP/1.1 althyplane.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash b4a70dc1cbab139e5c134567c695c56c
9956a9b64eaa0f5e5d3b88476479ed5d54d7a402
01982bec09be80973aca5b43dc0cfa5208c15bc2a4f7406edbee25cc6d5f7a8f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Wed, 02 Nov 2022 04:11:38 GMT
etag: "459f-5ec7509863428-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6964
content-type: application/javascript
althyplane.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
188.130.25.102200 OK 3.5 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash 166915ea03529ad614e726271e24131f
b7c07cf3db2ac4676ce67733bd14dd01fe3ac012
fba99b39e4202fec3919a140609af8fc0a25a7a19034dee31db57d9a39772470
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:22:11 GMT
etag: "25f8-5df6edd050ef7-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3484
content-type: application/javascript
althyplane.com/wp-content/themes/kava/assets/js/theme-script.js?ver=2.1.4
188.130.25.102200 OK 1.9 kB URL HTTP/1.1 althyplane.com/wp-content/themes/kava/assets/js/theme-script.js?ver=2.1.4
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
Hash c5112146ec33237fc8ba0de6b5f75140
fa612ce18a559b6764539d340858d22f33ce716b
ebfcc2de7a8b3faf5ece8d4960270337ffe92384267bb120ed9831d0381fe5a7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/kava/assets/js/theme-script.js?ver=2.1.4 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Mon, 02 May 2022 08:39:06 GMT
etag: "14e2-5de0353467c3f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1862
content-type: application/javascript
althyplane.com/wp-content/plugins/jet-menu/assets/public/js/legacy/jet-menu-public-scripts.js?ver=2.1.7
188.130.25.102200 OK 12 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/jet-menu/assets/public/js/legacy/jet-menu-public-scripts.js?ver=2.1.7
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type HTML document, Unicode text, UTF-8 text, with very long lines (2070)
Hash 7be3a7861f6088f9ca430b08c165b43f
5b5f4133b3a1bd5817cff8fee052aa99558d32d9
333e42bff4bf2b463f633d430770c9dc22b8a88a1c487254970e3d6ae7946e90
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/jet-menu/assets/public/js/legacy/jet-menu-public-scripts.js?ver=2.1.7 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:52:20 GMT
etag: "c9d4-5df6f48e4a836-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11827
content-type: application/javascript
althyplane.com/wp-content/plugins/jet-menu/assets/public/lib/vue/vue.min.js?ver=2.6.11
188.130.25.102200 OK 37 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/jet-menu/assets/public/lib/vue/vue.min.js?ver=2.6.11
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (65449)
Hash 812e4ee899fb954a1d4b4533d97b979b
a6567bc7966ae4137fd2a5734ad4de86b602618d
5045c86e999c53f17d001bd91fcfa39e39fad685d447e3f1457527aaedf07b27
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/jet-menu/assets/public/lib/vue/vue.min.js?ver=2.6.11 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:52:21 GMT
etag: "16de6-5df6f48f00670-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 37096
content-type: application/javascript
althyplane.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.6.1
188.130.25.102200 OK 517 B URL HTTP/1.1 althyplane.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.6.1
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (999), with no line terminators
Hash 6b13d85c4e8a4f11ebfcfe0d25413b30
fc4f796200f30834cdca0da811677e9a7ac25fff
b8e49065b5068504b9f362f1c99c1f0df3b8acf689130cc64175f093cb52cbd5
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.6.1 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:22:11 GMT
etag: "3e7-5df6edd097019-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 517
content-type: application/javascript
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
142.250.74.35200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data
Hash 716309aab2bca045f9627f63ad79d0bf
38804233a29aaf975d557fe14e762c627bef76e0
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://althyplane.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 12:50:52 GMT
expires: Thu, 18 Jan 2024 12:50:52 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
content-type: font/woff2
age: 247868
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
althyplane.com/wp-content/plugins/jet-blocks/assets/js/lib/jsticky/jquery.jsticky.min.js?ver=1.1.0
188.130.25.102200 OK 589 B URL HTTP/1.1 althyplane.com/wp-content/plugins/jet-blocks/assets/js/lib/jsticky/jquery.jsticky.min.js?ver=1.1.0
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (1282), with no line terminators
Hash 5e0d7963a4685b1b68ed5f44ce721c86
c65beb8053b0528e7e4387b9f902e03bb0583482
f35a6c86653f22fdf7c282451a3b6c02557a7087860abb259fa254a2c33275d3
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/jet-blocks/assets/js/lib/jsticky/jquery.jsticky.min.js?ver=1.1.0 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:50:37 GMT
etag: "502-5df6f42b9d4bc-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 589
content-type: application/javascript
althyplane.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
188.130.25.102200 OK 717 B URL HTTP/1.1 althyplane.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (1464)
Hash de31b0055a32e4b7e0a9c4f37c4533a6
38f97c027e37296f65e17123d1c447e4c09cae4c
f98f2bb301525e484836fd100cc812290214082296f0d19ce77e340404c38d8b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Wed, 25 May 2022 03:35:07 GMT
etag: "5db-5dfcdc2799180-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 717
content-type: application/javascript
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.35200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://althyplane.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 07:08:09 GMT
expires: Sat, 20 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 95631
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
althyplane.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.5
188.130.25.102200 OK 2.3 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.5
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (4921)
Hash 2e26cd9286cd02e16e63b1020abae8b8
0e66672437e3a8cd19a192e0d60c9841ad58fb2f
a60e5692b9d7529bda9b98a619797003918f3768210a061762811c1503cfe393
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.5 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:06:53 GMT
etag: "1360-5df6ea65332fd-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2256
content-type: application/javascript
althyplane.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
188.130.25.102200 OK 3.3 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (12198), with no line terminators
Hash e7e06a56acbe48a5e94540829d446734
a62e3d7ea0dbd0a3e771f419377882aee5512e67
42ba07f11715edb58a365296c32ae85230bb28f164a34f561f295cbceb1f5981
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:06:55 GMT
etag: "2fa6-5df6ea6781849-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3281
content-type: application/javascript
althyplane.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.5
188.130.25.102200 OK 4.9 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.5
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (14238)
Hash 4d5a81f21239cde53e1874dd31bdd890
99c54b3efe24c30d32333c7cb15d5d0c2c98aaaf
97c8919c821ed10158adbff4eae15dc687d3ff517503e97a66e6a930d74b5d27
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.5 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:06:53 GMT
etag: "37c5-5df6ea64eb293-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4949
content-type: application/javascript
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
142.250.74.35200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 17552, version 1.0\012- data
Hash d2ba19a6a5f50390a2615d53c5053252
54fffeccd72a30cee0c4915a1dbade016c7c2a3e
3cf78ad3bcd1324e10a4acdc34bfc4a159f9a045b30edbe3738a9d1b9f807a39
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://althyplane.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 14:49:58 GMT
expires: Wed, 17 Jan 2024 14:49:58 GMT
cache-control: public, max-age=31536000
age: 327122
last-modified: Wed, 11 May 2022 19:25:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI9w2_Gwft.woff2
142.250.74.35200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI9w2_Gwft.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 17728, version 1.0\012- data
Hash 9d09d1df90538b11770ec5f593b6d792
6e117eeeda54f443063becf094332b362e19abb8
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
GET /s/lato/v23/S6u_w4BMUTPHjxsI9w2_Gwft.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://althyplane.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17728
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 14:05:36 GMT
expires: Wed, 17 Jan 2024 14:05:36 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 16:10:29 GMT
content-type: font/woff2
age: 329784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
althyplane.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
188.130.25.102200 OK 7.6 kB URL HTTP/1.1 althyplane.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 5005ee3cc370bc97787c6eb31eb254b3
e979f38a9a6582dc08c0f32992b4e458b5062e9a
319410655f7c5f03497a9f1ee3d575a9c518d89ca19781492f23e9ac15d90d13
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Wed, 02 Nov 2022 04:11:39 GMT
etag: "53c0-5ec75098b8766-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7637
content-type: application/javascript
althyplane.com/wp-content/plugins/jet-blocks/assets/js/jet-blocks.min.js?ver=1.3.2
188.130.25.102200 OK 4.3 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/jet-blocks/assets/js/jet-blocks.min.js?ver=1.3.2
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (15704), with no line terminators
Hash 46e9a5094ce1674c2ef9709d183e0f61
28b7847fdc53526b1dcf78a1e81bbbd47a9cc49b
b995bc9df8832e7af1087244d2451a56b4bdea3cb99109ac248ddfa400e7b9a2
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/jet-blocks/assets/js/jet-blocks.min.js?ver=1.3.2 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:50:37 GMT
etag: "3d58-5df6f42ba78de-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4325
content-type: application/javascript
althyplane.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.5
188.130.25.102200 OK 12 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.5
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (37702)
Hash bc4fd7c1280d277d292304b673c9fd9d
132be96113bec711a4b5be163ea5231656a766e1
b26231810899f5743ec63e300d83b0d503987ceded62734f93ed32230c013461
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.5 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:06:53 GMT
etag: "936d-5df6ea64e7427-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 12111
content-type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 34a6ffa8918b00f3f6d21bd90db799f4
6573697e6488b07ba3551ca7fea9b89220494b3a
dff7862c0cfa5ae27f6e8daef94bf0cd05000b667dbabd62a673ec0354e4873b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 09:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
althyplane.com/wp-content/plugins/jet-tricks/assets/js/lib/tippy/popperjs.js?ver=2.5.2
188.130.25.102200 OK 7.1 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/jet-tricks/assets/js/lib/tippy/popperjs.js?ver=2.5.2
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (18506)
Hash c13d27e021f238a7f63620c29ecf5cda
f758b3532b09309e7fb5291a20cd44a1d0131fc9
c56d52789141b7d73211fb49335bc03b63c67478ac749fe372b95d37d781890c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/jet-tricks/assets/js/lib/tippy/popperjs.js?ver=2.5.2 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:52:02 GMT
etag: "487a-5df6f47c8df77-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7089
content-type: application/javascript
althyplane.com/wp-content/plugins/jet-menu/includes/elementor/assets/public/js/legacy/widgets-scripts.js?ver=2.1.7
188.130.25.102200 OK 3.7 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/jet-menu/includes/elementor/assets/public/js/legacy/widgets-scripts.js?ver=2.1.7
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (2070)
Hash 40892fb103fe0b77adab6c9dc192923f
775d023777da2ae16c0763e4f5d78b0c8126aeeb
7f85ca1fc613cabd2cc5364b5ad739af6f744b27a2b3bd2b7fa3be9e90eba7a9
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/jet-menu/includes/elementor/assets/public/js/legacy/widgets-scripts.js?ver=2.1.7 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:52:22 GMT
etag: "2c5b-5df6f48f7b349-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3684
content-type: application/javascript
althyplane.com/wp-content/plugins/jet-tricks/assets/js/jet-tricks-frontend.js?ver=1.4.1
188.130.25.102200 OK 6.5 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/jet-tricks/assets/js/jet-tricks-frontend.js?ver=1.4.1
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
Hash dfc707d3ea643816ffc7c544f938eecb
286a29a54a037dd10a70cd324624790ce467d7bf
16c64bcdb49839eaf2520ef1060420700157d9c01165b42cc309babd4c5dc633
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/jet-tricks/assets/js/jet-tricks-frontend.js?ver=1.4.1 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:52:02 GMT
etag: "663e-5df6f47c9ba49-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6466
content-type: application/javascript
www.google.com/recaptcha/api.js?render=6Lf--KshAAAAAA89CmOTSvEiANmZOUZg7wPbwsot&ver=3.0
142.250.74.164200 OK 584 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lf--KshAAAAAA89CmOTSvEiANmZOUZg7wPbwsot&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 8b5762f86892827d922b879179322d16
ee688c9cd498dd81a28798d130e548caf737483e
ad72b2381d2d3181f22c0bf3c2919d32f9643c356bde6b8e6fdbf46e9c568699
GET /recaptcha/api.js?render=6Lf--KshAAAAAA89CmOTSvEiANmZOUZg7wPbwsot&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://althyplane.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 21 Jan 2023 09:42:00 GMT
date: Sat, 21 Jan 2023 09:42:00 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
althyplane.com/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.6.5
188.130.25.102200 OK 26 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.6.5
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4d1d5439840a850c7d02253b52f05403
24cc9e173de2feb92912232500a18b74f513a764
e095195af020ba30f8f0060e0575aa75eb044c4e2d789c712ec0e6351dcabc0f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.6.5 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:51:14 GMT
etag: "1184f-5df6f44ef7269-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 25615
content-type: application/javascript
althyplane.com/wp-content/plugins/jet-blog/assets/js/jet-blog.min.js?ver=2.2.17
188.130.25.102200 OK 3.6 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/jet-blog/assets/js/jet-blog.min.js?ver=2.2.17
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (11537), with no line terminators
Hash ab8d7ca9ba362ce5566ff1c978cbdc0c
9237b8fc618e6c95844223d81f42348e40db73ca
314286026a9b6e11dc7358e96a35c75186f4ffe0331a72477696b6bcb7638d71
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/jet-blog/assets/js/jet-blog.min.js?ver=2.2.17 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:50:54 GMT
etag: "2d11-5df6f43c4923a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3624
content-type: application/javascript
althyplane.com/wp-content/uploads/2022/08/load_althyplane.svg
188.130.25.102200 OK 593 B URL HTTP/1.1 althyplane.com/wp-content/uploads/2022/08/load_althyplane.svg
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash ec7a215a9e5277bf280b013aae6236e1
ae3bdd44528339d3c623140b38efad1520d02c64
4d620c6ba46288440c2b72dbf53f4060f88966a86ff81061096e5d98a1bc10c8
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/2022/08/load_althyplane.svg HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Thu, 11 Aug 2022 12:41:01 GMT
etag: "251-5e5f67a67ee57"
accept-ranges: bytes
content-length: 593
vary: User-Agent
content-type: image/svg+xml
althyplane.com/wp-content/plugins/jet-tricks/assets/js/lib/tippy/tippy-bundle.js?ver=6.3.1
188.130.25.102200 OK 21 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/jet-tricks/assets/js/lib/tippy/tippy-bundle.js?ver=6.3.1
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type Unicode text, UTF-8 text, with very long lines (1407)
Hash e05ee3f058132861c0d10df977aae818
e4be7303569b1df89bd8b02ff7c92c486d3039c4
1868b5a0cab36e8ad557935e19328a0311662b599e86e1cddbe4ace6c402024a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/jet-tricks/assets/js/lib/tippy/tippy-bundle.js?ver=6.3.1 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:52:02 GMT
etag: "13099-5df6f47c8febf-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20931
content-type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 9046bdd3634f2cfb8ace7c326c4af05f
d92d1610bbcc211f0648ec87b5aee6a562f606db
eea88fe2aaabd085058e3cf139e8780e1ddeff62e4fb94d6eeabe512a309d8ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 09:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
althyplane.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
188.130.25.102200 OK 78 kB URL HTTP/1.1 althyplane.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://althyplane.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:06:55 GMT
etag: "13174-5df6ea66ec1b4"
accept-ranges: bytes
content-length: 78196
vary: User-Agent
althyplane.com/wp-content/uploads/2022/05/Picto-Favicon.png
188.130.25.102200 OK 5.6 kB URL HTTP/1.1 althyplane.com/wp-content/uploads/2022/05/Picto-Favicon.png
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e3dab4a3791d2d942d39246103822b5
b46dd8ce96a3fb6c53268c9a388dcdad724ce624
689c755241dc53cbb9edc19225613d66d225f9d1f3574f4bbab24bea24b63067
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/05/Picto-Favicon.png HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:00 GMT
server: Apache
last-modified: Fri, 20 May 2022 14:07:27 GMT
etag: "15cd-5df7202a73afd"
accept-ranges: bytes
content-length: 5581
vary: User-Agent
content-type: image/png
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
216.58.211.3200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
IP 216.58.211.3:0
File type ASCII text, with very long lines (636)
Size 164 kB (163892 bytes)
Hash f2995e9cc3eedf3359420fb8d714b2ca
bdc68875ff161b35dbe9d8d85241e41c862ec8e3
fbe663b4f0f239aca19a5a2720c2b494ac58a53e0d68288155eb772ae04935c1
GET /recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://althyplane.com
Connection: keep-alive
Referer: https://althyplane.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 15:41:18 GMT
expires: Wed, 17 Jan 2024 15:41:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
content-type: text/javascript
age: 324042
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
althyplane.com/wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js
188.130.25.102200 OK 670 B URL HTTP/1.1 althyplane.com/wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js
IP 188.130.25.102:0
ASN #35393 CTS Computers and Telecommunications Systems SAS
File type ASCII text, with very long lines (1316)
Hash 01c2e3076da579ecfeb5a0b6571f212f
2eac02360c148ac65622c334897c232231ae613c
3cc0b956453f04a6a1176b2690ce21c334cf982bf7a3c8b6a192fc87c8ea2163
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js HTTP/1.1
Host: althyplane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://althyplane.com/wp-admin/ELWa8YcOqlJn/
Connection: keep-alive
Cookie: PHPSESSID=6330017219b9e65f7c54343594222630; WEBMO-MNO=11124|Y8uza|Y8uza
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 09:42:01 GMT
server: Apache
last-modified: Fri, 20 May 2022 10:06:53 GMT
etag: "54b-5df6ea6513b06-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 670
content-type: application/javascript
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 21:48:03 GMT
expires: Fri, 19 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 129238
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 16:40:43 GMT
expires: Fri, 19 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 147678
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2