Overview

URLgyopareszpresszo.hu/aet/index.php?qbot.zip
IP 185.111.89.170 (Hungary)
ASN#51013 WebSupport s.r.o.
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-18 21:02:09 UTC
StatusLoading report..
IDS alerts0
Blocklist alert141
urlquery alerts No alerts detected
Tags None

Domain Summary (23)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.comodoca.com (1) 1696 2012-05-21 07:01:17 UTC 2021-12-08 16:29:47 UTC 104.18.32.68
ocsp.pki.goog (7) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-18 18:56:50 UTC 142.250.74.168
fonts.gstatic.com (6) 0 2014-09-09 00:40:21 UTC 2022-11-18 14:58:55 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
pixel.barion.com (1) 270087 2019-06-18 20:15:35 UTC 2022-11-15 13:11:48 UTC 172.66.42.214
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-18 05:27:45 UTC 34.117.237.239
c0.wp.com (14) 6988 2018-09-24 15:59:05 UTC 2022-11-18 06:23:22 UTC 192.0.77.37
img-getpocket.cdn.mozilla.net (5) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-18 20:54:38 UTC 142.250.74.10
pixel.wp.com (1) 2545 2017-01-30 05:31:40 UTC 2022-11-18 06:04:11 UTC 192.0.76.3
i1.wp.com (2) 6037 2012-09-27 05:17:34 UTC 2022-11-18 07:06:17 UTC 192.0.77.2
static.xx.fbcdn.net (18) 661 2012-12-01 13:12:13 UTC 2020-04-26 08:40:46 UTC 31.13.72.12
ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
r3.o.lencr.org (6) 344 No data No data 23.36.77.32
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-18 05:29:52 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
gyopareszpresszo.hu (59) 0 2020-08-18 21:17:34 UTC 2022-11-18 03:40:27 UTC 185.111.89.170 Unknown ranking
i0.wp.com (1) 3021 2013-09-17 06:14:42 UTC 2022-11-18 06:09:48 UTC 192.0.77.2
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.41.253.170
i2.wp.com (1) 5618 2017-01-30 05:03:40 UTC 2022-11-18 06:12:06 UTC 192.0.77.2
connect.facebook.net (2) 139 2012-05-22 02:51:28 UTC 2020-02-17 13:26:09 UTC 31.13.72.12
www.facebook.com (1) 99 2012-05-21 00:23:41 UTC 2021-06-08 06:38:51 UTC 31.13.72.36
stats.wp.com (1) 2711 2017-01-30 05:06:59 UTC 2022-11-18 06:04:10 UTC 192.0.76.3

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-18 2 gyopareszpresszo.hu/aet/index.php?qbot.zip Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/themes/storefront/assets/css/base/gutenberg- (...) Malware
2022-11-18 2 gyopareszpresszo.hu/wp-includes/js/wp-emoji-release.min.js?ver=5.5.11 Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/plugins/wp-file-upload/css/wordpress_file_up (...) Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/plugins/wp-file-upload/vendor/jquery/jquery- (...) Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/plugins/wp-file-upload/css/wordpress_file_up (...) Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/plugins/wp-file-upload/vendor/jquery/jquery- (...) Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/plugins/cookie-notice/css/front.min.css?ver= (...) Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/plugins/woo-min-max-quantity-step-control-si (...) Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/themes/storefront/assets/css/jetpack/widgets (...) Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/themes/storefront/assets/js/navigation.min.j (...) Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/plugins/caxton/assets/caxton-utils.min.js?ve (...) Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/plugins/ml-slider/assets/sliders/flexslider/ (...) Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/plugins/woo-min-max-quantity-step-control-si (...) Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/themes/storefront/assets/js/footer.min.js?ve (...) Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/themes/storefront/style.css?ver=2.7.0 Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/themes/storefront/assets/css/woocommerce/woo (...) Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/themes/storefront/assets/js/skip-link-focus- (...) Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/themes/storefront/assets/js/vendor/pep.min.j (...) Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/plugins/wp-file-upload/js/wordpress_file_upl (...) Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/themes/storefront/assets/fonts/fa-solid-900.woff2 Malware
2022-11-18 2 gyopareszpresszo.hu/wp-content/plugins/ml-slider/assets/sliders/flexslider/ (...) Malware
2022-11-18 2 gyopareszpresszo.hu/aet/?qbot.zip Malware

mnemonic secure dns
Scan Date Severity Indicator Comment
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed
2022-11-18 2 gyopareszpresszo.hu Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 185.111.89.170
Date UQ / IDS / BL URL IP
2022-12-03 09:54:05 +0000 0 - 0 - 1 dev.tekt.hu/ 185.111.89.170
2022-11-18 21:02:09 +0000 0 - 0 - 141 gyopareszpresszo.hu/aet/index.php?qbot.zip 185.111.89.170
2022-11-17 22:43:10 +0000 0 - 0 - 5 monalinedesign.hu/ie 185.111.89.170
2022-10-27 02:29:25 +0000 0 - 0 - 4 monalinedesign.hu/ie/qbot.zip 185.111.89.170
2022-10-27 01:58:24 +0000 0 - 0 - 4 monalinedesign.hu/ie/qakbot.zip 185.111.89.170


Last 5 reports on ASN: WebSupport s.r.o.
Date UQ / IDS / BL URL IP
2023-02-08 00:19:55 +0000 0 - 0 - 6 auth-dkb-online.de/DKB/banking/ 37.9.175.172
2023-02-05 12:24:07 +0000 0 - 1 - 0 www.fiio.hu/ 185.111.89.253
2023-02-05 08:25:14 +0000 0 - 1 - 27 poistenie-deti.sk/ 37.9.175.132
2023-02-04 15:17:10 +0000 0 - 0 - 1 www.peterbarsony.com/userfiles/files/free-rob (...) 37.9.169.17
2023-02-02 08:25:23 +0000 0 - 0 - 29 poistenie-deti.sk/ 37.9.175.132


Last 1 reports on domain: gyopareszpresszo.hu
Date UQ / IDS / BL URL IP
2022-11-18 21:02:09 +0000 0 - 0 - 141 gyopareszpresszo.hu/aet/index.php?qbot.zip 185.111.89.170


No other reports with similar screenshot

JavaScript

Executed Scripts (94)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (137)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4521
Cache-Control: max-age=139474
Date: Fri, 18 Nov 2022 21:01:54 GMT
Etag: "63775eeb-1d7"
Expires: Sun, 20 Nov 2022 11:46:28 GMT
Last-Modified: Fri, 18 Nov 2022 10:31:07 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C15644F69FBFEB99074C7E9711DFC9452EE164FA78EB981B6BAE4FB7E3585F2A"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16085
Expires: Sat, 19 Nov 2022 01:29:59 GMT
Date: Fri, 18 Nov 2022 21:01:54 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 18 Nov 2022 20:45:03 GMT
cache-control: public,max-age=3600
age: 1011
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3295
Expires: Fri, 18 Nov 2022 21:56:49 GMT
Date: Fri, 18 Nov 2022 21:01:54 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: kXFGKSrV9Uz3gtdQSpRsdsKg3EPDaWA6+0M2yRxuB/8PzSjiQr/1PJMXheTiaNB0BR/Tgxpn49o=
x-amz-request-id: Q8QS4T8KNFVASYEW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 18 Nov 2022 20:53:04 GMT
age: 530
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 18 Nov 2022 21:01:54 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 21:01:54 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 05:51:01 GMT
Expires: Fri, 25 Nov 2022 05:51:00 GMT
Etag: "8bee3cfd6e70879c0964aa6a262e679f1f085e2a"
Cache-Control: max-age=549545,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76c3a4e0f98f1bfa-OSL

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 18 Nov 2022 20:25:01 GMT
cache-control: public,max-age=3600
age: 2214
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1611
Cache-Control: max-age=131512
Date: Fri, 18 Nov 2022 21:01:55 GMT
Etag: "63774b30-1d7"
Expires: Sun, 20 Nov 2022 09:33:47 GMT
Last-Modified: Fri, 18 Nov 2022 09:06:56 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /aet/index.php?qbot.zip HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         185.111.89.170
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
set-cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c; expires=Sun, 20-Nov-2022 21:01:55 GMT; Max-Age=172800; path=/
location: https://gyopareszpresszo.hu/aet/?qbot.zip
content-length: 0
date: Fri, 18 Nov 2022 21:01:54 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vzIXkZ3nMgdfKIas4XyZ2w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.41.253.170
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nTBPXmpcOIEPxD8BCsbAOst7ejA=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 21:01:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 21:01:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/ml-slider/assets/sliders/flexslider/flexslider.css?ver=3.27.14 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 17 Nov 2022 19:31:53 GMT
accept-ranges: bytes
content-length: 3747
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3746)
Size:   3747
Md5:    7a85173f979a585e975c5597389a9265
Sha1:   efbcca464e33cd943de39338604462ce4352fd48
Sha256: 195182403b2e9d2a0779903fdd87cf7b9047f6a8253d9d12f12e991e2714ca36

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.27.14 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 17 Nov 2022 19:31:53 GMT
accept-ranges: bytes
content-length: 6718
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   6718
Md5:    3521e5c143632acf07e5c0a3f8d52a7e
Sha1:   34a9197a5294b4e33e21e83a252b7fb365f6b9ef
Sha256: e72713b875ca0ba2cbbdc49680cd0ff95976dbb3d1ebc0364bce851dbd5abba8

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ml-slider/themes/bubble/v1.0.0/style.min.css?ver=1.0.0 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 17 Nov 2022 19:31:53 GMT
accept-ranges: bytes
content-length: 10689
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10689), with no line terminators
Size:   10689
Md5:    64f3974252823a10bc0177e9113505ce
Sha1:   46d7edfd633a4decb1d07da244a3afbdb7807a06
Sha256: 04d16770eb23e8f494f5fa0b2e25997b799ec968e51083ec47bf2fdf58cf1b6e

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/storefront/assets/css/base/gutenberg-blocks.css?ver=2.7.0 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Sep 2020 00:27:19 GMT
accept-ranges: bytes
content-length: 47283
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   47283
Md5:    138f234981aa0c9c5a554972c7f9db65
Sha1:   1d513ef9f5574080fe1418a5b395d6491f316e47
Sha256: 22b6875adc27b05e447d705d18d7a3abaf6e508bdae39988e1ce564b5c7f60dd

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=5.5.11 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 05 Feb 2021 03:06:34 GMT
accept-ranges: bytes
content-length: 14229
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11272)
Size:   14229
Md5:    878184c5d285d4d52d926d36ef19b718
Sha1:   dd260ffe0f8e3f38f58efd23cac8a1e5c788dad9
Sha256: 07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /gtag/js?id=UA-175921317-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 18 Nov 2022 21:01:56 GMT
expires: Fri, 18 Nov 2022 21:01:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43680
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43680
Md5:    66a413db9857908ac1732bc491ec2a14
Sha1:   7d10ab1c27ff3bf16d2be034f661adb65e50de63
Sha256: f56d316655a1a1323ffd9c1ccf88f6350b51840c06919162423e9d0066f52ebc
                                        
                                            GET /wp-content/plugins/wp-file-upload/css/wordpress_file_upload_style_safe.css?ver=5.5.11 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 16 May 2022 00:36:30 GMT
accept-ranges: bytes
content-length: 2988
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2988), with no line terminators
Size:   2988
Md5:    d859b5bfded380a04878e61d2d775b27
Sha1:   f66928b44c9ded7b85f27851076f6afbf52b1977
Sha256: 200a1178ee11fa1f0878ed7e71e7a2edd4125f4980b97abdb8bafa3683e4b16b

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/widget-options/assets/css/widget-options.css HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 26 Sep 2022 00:29:37 GMT
accept-ranges: bytes
content-length: 1046
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1045)
Size:   1046
Md5:    499c6ac5e063f83b2b763f52a51a9619
Sha1:   fa49212eb65861206da1a25c574e361ee6380566
Sha256: d4f24797ac4621646a35e5e688a697b8595cdcb186317372d3bc70c490bd6c73

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/wp-file-upload/css/wordpress_file_upload_style.css?ver=5.5.11 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 16 May 2022 00:36:30 GMT
accept-ranges: bytes
content-length: 1020
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1020), with no line terminators
Size:   1020
Md5:    490a9eef1ddfb72d61fbdce1da417072
Sha1:   7d365e0c81d7b188687b8f0c6b0f2850d4a93d84
Sha256: 22ae61e5267cdefe3cf3e5543e66e890e99e2efb0ad1860f8f5a824f5fa57066

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui.min.css?ver=5.5.11 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 16 May 2022 00:36:30 GMT
accept-ranges: bytes
content-length: 32082
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (29137), with CRLF line terminators
Size:   32082
Md5:    215077014154308be415e1181a14646f
Sha1:   8366128e32a0fd429eb64d6aeaa0dca535a8be27
Sha256: ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 15 Jul 2021 00:36:37 GMT
accept-ranges: bytes
content-length: 2640
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2640
Md5:    76e12144b6be9bc0a17dd880c5566156
Sha1:   c57db768b452aea923a2b083162e9e6ffb98d2f8
Sha256: 070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/wp-file-upload/css/wordpress_file_upload_adminbarstyle.css?ver=5.5.11 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 16 May 2022 00:36:30 GMT
accept-ranges: bytes
content-length: 78
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   78
Md5:    6df54a199f880071c180d0202bbfbe61
Sha1:   7fc1ed135ba3b6990ffa28b4ccd9ecc9a9bb8b67
Sha256: 065c475ea78b47f08797df84a4875adf506b986b612f973f8ca9fd2b5c989067

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui-timepicker-addon.min.css?ver=5.5.11 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 16 May 2022 00:36:30 GMT
accept-ranges: bytes
content-length: 1905
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1746), with CRLF line terminators
Size:   1905
Md5:    1eab3d214afc59f0dfa41fbb7cdca694
Sha1:   b53944ac0d9adcc81fc96972c0845189fe8bacee
Sha256: 3101026642c51ebeaf140425e23e9d543eca49d400f73acbd1b5be52178b1654

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ml-slider/assets/easing/jQuery.easing.min.js?ver=3.27.14 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 17 Nov 2022 19:31:53 GMT
accept-ranges: bytes
content-length: 5564
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (3601)
Size:   5564
Md5:    9cda9e740bbf260a190f4041132b5105
Sha1:   603599b494c5f0c9ed5d11ccea03ca6517da46dc
Sha256: ecfc183e33d25d24aa7c06218e0a413488fff8774e4b4b87543c766db9b0b8ba

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 21:01:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /c/5.5.11/wp-includes/css/dist/block-library/style.min.css HTTP/1.1 
Host: c0.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.0.77.37
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Fri, 18 Nov 2022 21:01:56 GMT
vary: Accept-Encoding
last-modified: Thu, 27 Aug 2020 18:00:38 GMT
content-encoding: br
expires: Sat, 18 Nov 2023 21:01:56 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27100)
Size:   7815
Md5:    acd23161eec750c154d09090bde0cb12
Sha1:   584176f758308a33994b0b9572fa90686ef5ce19
Sha256: 7a7fd6a7b44de99e699f3d32001a20d36f6f55b9f3d9a9d406c6ef35fa9faf9c
                                        
                                            GET /wp-content/plugins/cookie-notice/css/front.min.css?ver=5.5.11 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Tue, 01 Nov 2022 01:30:26 GMT
accept-ranges: bytes
content-length: 5334
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5334), with no line terminators
Size:   5334
Md5:    42d1ded165ef075d4a34f90debfdfc93
Sha1:   9d4f1473e17840cb173e1e2070915e885591426b
Sha256: f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/woo-min-max-quantity-step-control-single/assets/css/wcmmq-front.css?ver=1.0.0 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 16 Nov 2022 19:34:34 GMT
accept-ranges: bytes
content-length: 1208
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1208
Md5:    2211b0d1f0c6f5e8ae74b1e06ccf3588
Sha1:   180ee4d3e0daaa71ba55a4d1114231bf4408d6ab
Sha256: 9386f77f01dd970be44c06d4d88c33f463dc6d39bf361791f3966b2fa379391d

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/storefront/assets/css/jetpack/widgets.css?ver=2.7.0 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Sep 2020 00:27:19 GMT
accept-ranges: bytes
content-length: 282
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   282
Md5:    2302a6fb9a1aa47863514be05feba924
Sha1:   930f2537a3b2e17d0593951d34e859dfca1e7ed1
Sha256: 7daa85c12897dd3cdcbd10dd6584b346e5f69c066815458a73d329e9492b08cc

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2167
Expires: Fri, 18 Nov 2022 21:38:03 GMT
Date: Fri, 18 Nov 2022 21:01:56 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.12.4 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 17 Nov 2022 19:31:59 GMT
accept-ranges: bytes
content-length: 7922
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7874)
Size:   7922
Md5:    75b90c4351b6e079459237e66836ef4e
Sha1:   723590ed08677aad34239e4b03a5edd64acd208e
Sha256: f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.2 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 01 Nov 2022 01:30:26 GMT
accept-ranges: bytes
content-length: 8750
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (8750), with no line terminators
Size:   8750
Md5:    5f7dca83f1cac6295b0d4c72e325ac20
Sha1:   e0aacf1cfd0d8ed4bc37c8ef2be23d46513b71ed
Sha256: af735813266cdf52a38a6e1583a86066db357469ceded2d7ea8335b298d73d65

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Jul 2021 00:36:37 GMT
accept-ranges: bytes
content-length: 12987
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12987), with no line terminators
Size:   12987
Md5:    6ad9165b167d54947b37f4b9de75ab39
Sha1:   4c02f66fd8c26141450e310d6786f50f99913dd4
Sha256: eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2167
Expires: Fri, 18 Nov 2022 21:38:03 GMT
Date: Fri, 18 Nov 2022 21:01:56 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/themes/storefront/assets/js/navigation.min.js?ver=2.7.0 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 10 Sep 2020 00:27:19 GMT
accept-ranges: bytes
content-length: 3012
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3012), with no line terminators
Size:   3012
Md5:    c064602991b39afefb4527b6f6a086db
Sha1:   f47ea6ad5b79bc7e5bdc16736c80e04e8dd45336
Sha256: 9b2279224f07b0bb232b9c9ee5745c0076528f4a8b07ee55cdf167af050a05d3

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.16.2 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 17 Nov 2022 19:31:46 GMT
accept-ranges: bytes
content-length: 1530
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1530
Md5:    95bd9b340ad6826beff005e5df32bd77
Sha1:   fdb64d88e53c9279ea62b5acbcf86641c52d63f2
Sha256: f2c809f77b19df64ec8270272ac29ce3d84d242a663e589825a9e4f57b8a5461

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/caxton/assets/caxton-utils.min.js?ver=1.30.0 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 28 Feb 2022 01:33:53 GMT
accept-ranges: bytes
content-length: 6558
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6558), with no line terminators
Size:   6558
Md5:    612b80d5fd852ed495b818ea7d6b693d
Sha1:   7599c9d0058626aaea16f23088082c0f3f598fa2
Sha256: 97a10f80334b6d5e94a0591520c7930cf13844b521700c58c42862160bdfc9e1

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2167
Expires: Fri, 18 Nov 2022 21:38:03 GMT
Date: Fri, 18 Nov 2022 21:01:56 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 21:01:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2167
Expires: Fri, 18 Nov 2022 21:38:03 GMT
Date: Fri, 18 Nov 2022 21:01:56 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/lazy-images.min.js?ver=1.1.2 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 04 Jun 2021 00:35:50 GMT
accept-ranges: bytes
content-length: 3255
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3255), with no line terminators
Size:   3255
Md5:    39e30b0bc14e98380ad585aeddac9cef
Sha1:   13ade73eed36b47f764a5080a520a3b28838be34
Sha256: 51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd26f9e-1666-47e7-91b0-4b371ede5e61.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5955
x-amzn-requestid: fe915fbe-b1dc-4fbd-8a10-1cb46e08f56c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btqPjHloIAMFidw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63755730-16deb73f48305b0139b1d9bd;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 21:33:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qtpQ9y_8ohoqKpvTx-mWM439VyjZnpmTKKCEAEnknL3CVN8ZkiJaYQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:39:46 GMT
age: 84130
etag: "9404b0071027ac7ec0055a9edfbd607e3a8ae501"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5955
Md5:    30ad43f65949e7e22e73292e3d684f3d
Sha1:   9404b0071027ac7ec0055a9edfbd607e3a8ae501
Sha256: b97961cbd2245f9927c1c0406451449d28cca24c98c534cace78321ac62eeeb2
                                        
                                            GET /wp-content/themes/storefront/assets/js/woocommerce/header-cart.min.js?ver=2.7.0 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 10 Sep 2020 00:27:19 GMT
accept-ranges: bytes
content-length: 531
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (531), with no line terminators
Size:   531
Md5:    c51a7c1a02adeefbc4f233686e0f19d3
Sha1:   9181045e9d2ac100139fefe71111636dbd9a5e09
Sha256: 2875bdd16c004407f9f3190e3983384de61a9f37bf360600c963853a1595d56a

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider.min.js?ver=3.27.14 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 17 Nov 2022 19:31:53 GMT
accept-ranges: bytes
content-length: 23853
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (23852)
Size:   23853
Md5:    80f602ae586deb6e39d878515412eff0
Sha1:   2b9e5742e310773c4438690ba241b5381f317049
Sha256: 25ed4e3f92d17bc60fac51838b1b3650e17a07e289ac1c08b7e37abf03d76360

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/woo-min-max-quantity-step-control-single/assets/js/custom.js?ver=1.0.0 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 16 Nov 2022 19:34:34 GMT
accept-ranges: bytes
content-length: 1259
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1259
Md5:    25b6fde2ec47a68e43fc7fc0d847f4b6
Sha1:   646d36ec946e0e40ba3db6f9d3f868f365054aa0
Sha256: 017824bb152f101d7dad9fd4538dddc9c589f9ee461339ee031c525b4174958b

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6344
x-amzn-requestid: cac35b04-be3b-4ae1-bb5e-8cedcd7a7db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btqOVFCXIAMFcOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63755728-45c28fa333b748520be29b57;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 21:33:28 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: mhgNSp1_LsVmn00ULm116flMHpnfE6G6JABrJwXH5i4q-isv_W1-Ig==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:34:18 GMT
age: 84458
etag: "4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6344
Md5:    a9d32fa3866dd741de610a61a93ad893
Sha1:   4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e
Sha256: 4492338de536cfae6fb42fd37170c60f4fbc281a2a924efe6d2b5af352cd102c
                                        
                                            GET /wp-content/themes/storefront/assets/js/footer.min.js?ver=2.7.0 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 10 Sep 2020 00:27:19 GMT
accept-ranges: bytes
content-length: 745
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (745), with no line terminators
Size:   745
Md5:    5d78e84012bd8a93ac2c0e9e53f8e4f6
Sha1:   7cbd18032bc43072bc515902d64dbf2b5da32760
Sha256: 1cec602b4a6c5b65bf7951b61b97a00dc2fb654e31144002e91f66d2004f9086

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /p/jetpack/9.4.2/css/jetpack.css HTTP/1.1 
Host: c0.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         192.0.77.37
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Fri, 18 Nov 2022 21:01:56 GMT
vary: Accept-Encoding
last-modified: Tue, 05 Jan 2021 15:42:42 GMT
content-encoding: br
expires: Sat, 18 Nov 2023 21:01:56 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (20619)
Size:   25737
Md5:    b15613c0dd028aa4a570dbcccbededdf
Sha1:   cfa76ddb9c646c4563c1d297115d541819e4ca83
Sha256: b9220d340c0b2b2fe3bfd4d0e912f535bead40252722fe87000953a78203432c
                                        
                                            GET /wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/intersectionobserver-polyfill.min.js?ver=1.1.2 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 04 Jun 2021 00:35:50 GMT
accept-ranges: bytes
content-length: 7779
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7779), with no line terminators
Size:   7779
Md5:    5458b843e49399f05416725983f388c9
Sha1:   c10bbec207031b93b4a3ee309652208825acac63
Sha256: 88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/storefront/style.css?ver=2.7.0 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Sep 2020 00:27:19 GMT
accept-ranges: bytes
content-length: 58400
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (535)
Size:   58400
Md5:    b96e999491737de2d3b99ce05e2efdb4
Sha1:   dca8c1edeef73bdb2ca3fdd4dddb9881fdcfd9e2
Sha256: 0194bc7054b73d6fb6adf2b4ec31a2c4c6a0e3171a5cfb242824307a0edcc28c

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /css?family=Source+Sans+Pro:400,300,300italic,400italic,600,700,900&subset=latin%2Clatin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Nov 2022 21:01:56 GMT
date: Fri, 18 Nov 2022 21:01:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   8543
Md5:    fa0107e6367708ccff65e29e06edba24
Sha1:   785e569b27586c3684e337eeefcfdef1af959ba9
Sha256: 65deb4d3ab2324fd667abdbdbe5cff83ee3d8ae4dc0a8086dbf196805594707a
                                        
                                            GET /wp-content/plugins/caxton/assets/front.css?ver=1.30.0 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 28 Feb 2022 01:33:53 GMT
accept-ranges: bytes
content-length: 68303
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   68303
Md5:    8598fb8726518636ff15d4ccf55be9fa
Sha1:   385eb848b9bd1b9cbf3316043097f2efa0ec1884
Sha256: a1194d57cc2e9510b698fc3d0b787e5d7f57a6068f5a633945b0885835fee970

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/storefront/assets/css/woocommerce/woocommerce.css?ver=2.7.0 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Sep 2020 00:27:19 GMT
accept-ranges: bytes
content-length: 76793
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (390)
Size:   76793
Md5:    adf7b7ccecc27bfff3dbc738bd077334
Sha1:   aca8683b9c869577a86f5fcdb039f0cc4a410823
Sha256: d7bf16df0bedb27a396529cc6b28726e38196a8c31b671254a34535d5bf6c8cd

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/storefront/assets/js/skip-link-focus-fix.min.js?ver=20130115 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 10 Sep 2020 00:27:19 GMT
accept-ranges: bytes
content-length: 447
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (447), with no line terminators
Size:   447
Md5:    4655cff0816c365497404499c6918614
Sha1:   bb8856c6cac15295f72a3c1541cfe140727ef85a
Sha256: 298deb58ba18876cc734ca2ab7a03665fd8f2080d2606759a9e174ea6a27e9a7

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10281
x-amzn-requestid: 11dffc4e-71d7-4195-8890-62c8a2092728
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-77EWaIAMF3WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7f-3c0dc7e43023af827ac26958;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 48wUhxwMgsEj2J01EWOTCfWLNZPwFrjjXd6V_uSp8yae4YtGTTVlxA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:14:12 GMT
age: 82064
etag: "90a146aef85765630a5e09e46a0a8682e204bec1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10281
Md5:    35da1192dcadc6e329a9e60c16904301
Sha1:   90a146aef85765630a5e09e46a0a8682e204bec1
Sha256: 816d1387a3a91a82f0bdaa2b703b45aa30be206d30d4dd1e8ac5deca13de57ad
                                        
                                            GET /wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui-timepicker-addon.min.js?ver=5.5.11 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 16 May 2022 00:36:30 GMT
accept-ranges: bytes
content-length: 41445
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32048), with CRLF line terminators
Size:   41445
Md5:    302bea5eea22ed7977174b013cfc307a
Sha1:   9e48e6bef8f7512bb853d2c7098985232ce4d1cb
Sha256: cdf6e101693261003024f15e62d081789a1ae71b9ba7ebfa9bf7a451275a9769

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/storefront/assets/css/base/icons.css?ver=2.7.0 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Sep 2020 00:27:19 GMT
accept-ranges: bytes
content-length: 103181
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   103181
Md5:    62b887f0cd8fe0297355d985d9536fba
Sha1:   610c9b84d701deb77cdd4de27426bddffa0cd6af
Sha256: 97c6a8d8b200ea136e490587d5f8c5cc7d5413be584641c6bc7d9ce1744cc85d

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/storefront/assets/js/vendor/pep.min.js?ver=0.4.3 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 10 Sep 2020 00:27:19 GMT
accept-ranges: bytes
content-length: 18090
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17954)
Size:   18090
Md5:    17e609c1a0e26d6a24eb600ff4925de1
Sha1:   c0e7e2cde57cb587aa6ee37ee745fb5aadb0c86c
Sha256: d952e41a5ec72320f1e8660af9dc65a2a043467bc5a8d57b69422e740cc0b8b9

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/wp-file-upload/js/wordpress_file_upload_functions.js?ver=5.5.11 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 16 May 2022 00:36:30 GMT
accept-ranges: bytes
content-length: 68695
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (571)
Size:   68695
Md5:    3d2264d455cd23d176e6502fbe4b4974
Sha1:   7ab934144e8dc7520633c42706472a10c333e4e1
Sha256: 12c7a8f3cdf64c45d3e6b744a89f27a3544b3563f02909e9270d20ee9a978bd9

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /g.gif?v=ext&j=1%3A9.4.2&blog=181717491&post=0&tz=1&srv=gyopareszpresszo.hu&host=gyopareszpresszo.hu&ref=&fcp=0&rand=0.4724548059020619 HTTP/1.1 
Host: pixel.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         192.0.76.3
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Fri, 18 Nov 2022 21:01:56 GMT
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 6 x 5\012- data
Size:   50
Md5:    e4d673a55c5656f19ef81563fb10884c
Sha1:   1f2d8ed221d39329251ad3a6ff1edb20b7219443
Sha256: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
                                        
                                            GET /wp-content/uploads/2020/08/IMG_20200813_115352-1920x550.jpg HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Wed, 19 Aug 2020 23:33:38 GMT
accept-ranges: bytes
content-length: 419391
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1920x551, components 3\012- data
Size:   419391
Md5:    971e022fb5b8e3d8a48767d84e67b3f3
Sha1:   45dd55549e4bc1d4b7e30a8bba7340cc344c782e
Sha256: 35247894ce36dc1bae0e4cb892120c9bc6b2b6b675f26433c6f5524fdad30ad0

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 21:01:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gyopareszpresszo.hu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11792
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 14:43:57 GMT
expires: Wed, 15 Nov 2023 14:43:57 GMT
cache-control: public, max-age=31536000
age: 281879
last-modified: Wed, 27 Apr 2022 16:04:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 11792, version 1.0\012- data
Size:   11792
Md5:    619d81d89f24960286d052bc8843de1b
Sha1:   15274ef64de4eeda33d92f1f27f9a1d79099428d
Sha256: ee519845ad25d096974439033bfbfc99578285ab9788287b915940cc7f8d3147
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 21:01:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3759
x-amzn-requestid: 8c91ac59-89dc-4218-b69f-0cebb29f301b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-wJHgxoAMF-hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab33-4dac305614a92bc52c038222;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mb2-PTjNmt06Wd5jOjQ5WoLY-0NgI80CKPXtwgzBt4n5km8Pu_WN0Q==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:50:49 GMT
age: 83467
etag: "399ac393209dcdac7d2188d7aa8d95f04570ef7c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gyopareszpresszo.hu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12956
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:28:31 GMT
expires: Thu, 16 Nov 2023 19:28:31 GMT
cache-control: public, max-age=31536000
age: 178405
last-modified: Wed, 27 Apr 2022 16:54:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12956, version 1.0\012- data
Size:   12956
Md5:    1c772d9d0531b187db80bcfc199c1786
Sha1:   c0c04fb334190e10dffed0dcc5c817c2a6041a15
Sha256: 122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
                                        
                                            GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gyopareszpresszo.hu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:26:57 GMT
expires: Thu, 16 Nov 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 178499
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Size:   13036
Md5:    0ad032b3d07aaf33b160ac4799dda40f
Sha1:   06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
Sha256: c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
                                        
                                            GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwmRduz8A.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gyopareszpresszo.hu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 23:51:02 GMT
expires: Thu, 16 Nov 2023 23:51:02 GMT
cache-control: public, max-age=31536000
age: 162654
last-modified: Wed, 27 Apr 2022 16:54:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 11724, version 1.0\012- data
Size:   11724
Md5:    958c8aee3b714b0880a4747fe7a08f75
Sha1:   e29b74a98c861cb7f80932f9871afe0dc991f7af
Sha256: b37e107eda508aa85e93b3d934efc279b89a12e869248d4cd79244b9ad52f1fc
                                        
                                            GET /s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gyopareszpresszo.hu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:28:19 GMT
expires: Thu, 16 Nov 2023 19:28:19 GMT
cache-control: public, max-age=31536000
age: 178417
last-modified: Wed, 27 Apr 2022 16:19:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12580, version 1.0\012- data
Size:   12580
Md5:    eaf55d1d3b7c4a30203d2d5226c49b6d
Sha1:   11b63b740965603ef544f261ef036d24e6bb1fb5
Sha256: e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
                                        
                                            GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gyopareszpresszo.hu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:26:57 GMT
expires: Thu, 16 Nov 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 178499
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Size:   13052
Md5:    7cf79fbd1df848510d7352274efc2401
Sha1:   5540b5a26cc7dfe25294c4eabe011e2c6cd60143
Sha256: bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 21:01:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gyopareszpresszo.hu/wp-content/uploads/2020/08/DSCF1827-scaled.jpg?resize=324%2C324&ssl=1 HTTP/1.1 
Host: i2.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.0.77.2
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Fri, 18 Nov 2022 21:01:57 GMT
content-length: 32654
last-modified: Tue, 15 Nov 2022 16:56:24 GMT
expires: Fri, 15 Nov 2024 04:56:24 GMT
cache-control: public, max-age=63115200
link: <https://gyopareszpresszo.hu/wp-content/uploads/2020/08/DSCF1827-scaled.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "fc90cbd506c86427"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 324x324, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   32654
Md5:    bad7154af4f1557ef6c25804faa04282
Sha1:   99eb11b8c81e1fe40588717f7e61308fd97cda3b
Sha256: e1b3ea0ec502ffabae57d227cd713d523b8050bd1278a2604e75c2b8070c3bb8
                                        
                                            GET /gyopareszpresszo.hu/wp-content/uploads/2020/08/IMG_20200814_125023-scaled.jpg?resize=324%2C324&ssl=1 HTTP/1.1 
Host: i0.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.0.77.2
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Fri, 18 Nov 2022 21:01:57 GMT
content-length: 26692
last-modified: Fri, 18 Nov 2022 10:45:43 GMT
expires: Sun, 17 Nov 2024 22:45:43 GMT
cache-control: public, max-age=63115200
link: <https://gyopareszpresszo.hu/wp-content/uploads/2020/08/IMG_20200814_125023-scaled.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "5fe9f2be3eb9dad0"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 324x324, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   26692
Md5:    0269e28c57e8967f2a3b1a0634ccc198
Sha1:   5fa93164366312f6926e6f4660b045dc8e1e7be2
Sha256: 36d51afeb1e0e31cb1dd02a8fcfe545dd857a1405de16f8d28f4b21a65787c21
                                        
                                            GET /wp-content/themes/storefront/assets/fonts/fa-solid-900.woff2 HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/wp-content/themes/storefront/assets/css/base/icons.css?ver=2.7.0
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: font/woff2
                                        
last-modified: Thu, 10 Sep 2020 00:27:19 GMT
accept-ranges: bytes
content-length: 79444
date: Fri, 18 Nov 2022 21:01:57 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 79444, version 331.524\012- data
Size:   79444
Md5:    b15db15f746f29ffa02638cb455b8ec0
Sha1:   75a88815c47a249eadb5f0edc1675957f860cca7
Sha256: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ml-slider/themes/bubble/v1.0.0/images/arrow-left.png HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/style.min.css?ver=1.0.0
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Thu, 17 Nov 2022 19:31:53 GMT
accept-ranges: bytes
content-length: 1522
date: Fri, 18 Nov 2022 21:01:57 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 23 x 38, 8-bit/color RGBA, non-interlaced\012- data
Size:   1522
Md5:    a7b0fe9f7097aff4a65a2521f6f70c36
Sha1:   52a2aaf9a6cd8ee2e668662959105581d29af6c8
Sha256: 57472f4859650850932c8632daeb6b20483affb63fd8e86f65ba7462347891fe

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ml-slider/themes/bubble/v1.0.0/images/arrow-right.png HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/style.min.css?ver=1.0.0
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Thu, 17 Nov 2022 19:31:53 GMT
accept-ranges: bytes
content-length: 1522
date: Fri, 18 Nov 2022 21:01:57 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 23 x 38, 8-bit/color RGBA, non-interlaced\012- data
Size:   1522
Md5:    1e2129a2c494b38736e0ceced9cf8670
Sha1:   0cacb007e0de606e6a30ebf8aa801c081b07ad1b
Sha256: e060d2552f40e99ad96957f7e4cc703a26fdc6f6846a79c61ec5a72a0a63fd00

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ml-slider/assets/sliders/flexslider/fonts/flexslider-icon.woff HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/wp-content/plugins/ml-slider/assets/sliders/flexslider/flexslider.css?ver=3.27.14
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: font/woff
                                        
last-modified: Thu, 17 Nov 2022 19:31:53 GMT
accept-ranges: bytes
content-length: 1268
date: Fri, 18 Nov 2022 21:01:57 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 1268, version 1.0\012- data
Size:   1268
Md5:    f8b92f66539473eea649c8514eb836a0
Sha1:   9876bce2a7b39125bd7a406c445e46e704d7b37e
Sha256: 333fe8266952f16c8b686f3edd78293da28e6eaef314dca86bc4eeaa23f290e8

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2020/08/IMG_20200813_115901.jpg HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sun, 16 Aug 2020 22:25:57 GMT
accept-ranges: bytes
content-length: 954697
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=17, height=5472, bps=0, PhotometricIntepretation=RGB, manufacturer=HUAWEI, model=LYA-L29, orientation=upper-left, width=7296], baseline, precision 8, 1920x550, components 3\012- data
Size:   954697
Md5:    81697a3414f707fc88e2195c671d397f
Sha1:   b99435bcd480f428e48e3da65c9f40f1da33eedd
Sha256: ae459e797c326441424ba57d7640a57af7f4b5a1541f2d94713fca2a527f66ce

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2020/08/IMG_20200813_115523.jpg HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sun, 16 Aug 2020 22:25:50 GMT
accept-ranges: bytes
content-length: 1020124
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=17, height=5472, bps=0, PhotometricIntepretation=RGB, manufacturer=HUAWEI, model=LYA-L29, orientation=upper-left, width=7296], baseline, precision 8, 1920x550, components 3\012- data
Size:   1020124
Md5:    7c494e9bff757cb0a2a7279a25705c9f
Sha1:   1de314b8c59847d9f392ba6ce162b92f04cc1c0e
Sha256: 2e398fae0507ab05384b4ebcff28803bc584582271750a01b0b5019eaff97976

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2020/08/IMG_20200813_115403.jpg HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sun, 16 Aug 2020 22:25:46 GMT
accept-ranges: bytes
content-length: 999860
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=17, height=5472, bps=0, PhotometricIntepretation=RGB, manufacturer=HUAWEI, model=LYA-L29, orientation=upper-left, width=7296], baseline, precision 8, 1920x550, components 3\012- data
Size:   999860
Md5:    5930aa20ca1f93d262581c2bf6d83ae3
Sha1:   3afa3781755ae924557594c2d9336d83594ef6ee
Sha256: 1dc3980088f35499195d57f22670f540567a9bf9b472afde179bb355c4538be2

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2020/08/kicsinyitett.jpg HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sun, 16 Aug 2020 22:26:18 GMT
accept-ranges: bytes
content-length: 1071072
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=17, height=2736, bps=0, PhotometricIntepretation=RGB, manufacturer=HUAWEI, model=LYA-L29, orientation=upper-left, width=3648], progressive, precision 8, 1920x550, components 3\012- data
Size:   1071072
Md5:    42c7200bbb5e4db688c2393f70231d41
Sha1:   0a6945c4f6f5aae9dc220cd2515452111358a859
Sha256: 2673c33c1a614981a53da9631acec4c7cad39dc10091bf4b5a69f3ddde0ee4ed

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2020/08/IMG_20200813_124957.jpg HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sun, 16 Aug 2020 22:26:07 GMT
accept-ranges: bytes
content-length: 1199354
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=17, height=3648, bps=0, PhotometricIntepretation=RGB, manufacturer=HUAWEI, model=LYA-L29, orientation=upper-left, width=2736], baseline, precision 8, 1920x550, components 3\012- data
Size:   1199354
Md5:    32e9eef8a78fd2446b4ae3c4e3471dcc
Sha1:   aa9ab89472f2822f3ca78749531705aab3d64a95
Sha256: 97842caf8673dac285910089538ea373950ca64eb818985aeb993a8006d4cffa

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2020/08/IMG_20200813_115701.jpg HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sun, 16 Aug 2020 22:25:52 GMT
accept-ranges: bytes
content-length: 1257543
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=17, height=2736, bps=0, PhotometricIntepretation=RGB, manufacturer=HUAWEI, model=LYA-L29, orientation=upper-left, width=3648], baseline, precision 8, 1920x550, components 3\012- data
Size:   1257543
Md5:    a6ec1ac0dba7dfb4ccba0113ac9a9c3c
Sha1:   9957049aded085b625fa3d238c20e970d7a0602b
Sha256: 3cf7ebb6a9b82e6402fc7998476ec11e9586ff29ae251172fc58c1e6222d5e04

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2020/08/IMG_20200813_115731.jpg HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sun, 16 Aug 2020 22:25:55 GMT
accept-ranges: bytes
content-length: 1346678
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=15, height=0, bps=0, PhotometricIntepretation=RGB, manufacturer=HUAWEI, model=LYA-L29, orientation=upper-left, width=0], baseline, precision 8, 1920x550, components 3\012- data
Size:   1346678
Md5:    cdcfc99b5ad10d47fcbaa0d2fd742d78
Sha1:   fa219c9bc391eeca6079685a3dac9673470f28ad
Sha256: adb432458d4c338d653a105fd448a25f775f6f64d90a0ac76a20a2e50803ac1d

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2020/08/IMG_20200813_120417.jpg HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sun, 16 Aug 2020 22:24:48 GMT
accept-ranges: bytes
content-length: 1564888
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=17, height=2736, bps=0, PhotometricIntepretation=RGB, manufacturer=HUAWEI, model=LYA-L29, orientation=upper-left, width=3648], progressive, precision 8, 1920x550, components 3\012- data
Size:   1564888
Md5:    9b62fc3dd6e8f4f394106eabcf6c9f40
Sha1:   530d2f701b69852a87dfd4513e302f894925bbe1
Sha256: 1aff685f36b39a28d9b412e70b3024016770651f5c4d3f4d43a233589898b5f7

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2020/08/IMG_20200813_115201.jpg HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sun, 16 Aug 2020 22:25:38 GMT
accept-ranges: bytes
content-length: 1435615
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=15, height=0, bps=0, PhotometricIntepretation=RGB, manufacturer=HUAWEI, model=LYA-L29, orientation=upper-left, width=0], baseline, precision 8, 1920x550, components 3\012- data
Size:   1435615
Md5:    1129ae1f5482e6cf9df10ec2bfbdf8cc
Sha1:   7295f3a1c17656ef48445277419306cb95593fa3
Sha256: 1c1de073e5000f7e65dbcd236cce6f89f0308de8d3e7b5101b9365888f5e746e

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2020/08/IMG_20200813_124944.jpg HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sun, 16 Aug 2020 22:26:03 GMT
accept-ranges: bytes
content-length: 1407738
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=17, height=2736, bps=0, PhotometricIntepretation=RGB, manufacturer=HUAWEI, model=LYA-L29, orientation=upper-left, width=3648], baseline, precision 8, 1920x550, components 3\012- data
Size:   1407738
Md5:    a6e71901db6042141f5d4115b21e87fd
Sha1:   8b7f6865f31158f8b072064fc19777cee97690ed
Sha256: 511a1e736439ca9a70468a38b1a5dcb98474cbb239851b5a00635e3b66267544

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2020/08/IMG_20200813_113410.jpg HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sun, 16 Aug 2020 22:25:34 GMT
accept-ranges: bytes
content-length: 1542147
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=17, height=2736, bps=0, PhotometricIntepretation=RGB, manufacturer=HUAWEI, model=LYA-L29, orientation=upper-left, width=3648], baseline, precision 8, 1920x550, components 3\012- data
Size:   1542147
Md5:    f6cdba0ebbcca1a0cb13ef04d7fb0fd8
Sha1:   56331abc0b17bc2e702feda5c3621bcac2262c87
Sha256: 0ef972c9edce2568a019fbb7c3fedcd7c279b289e9c8c8402bb334e09c0c23ea

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2020/08/IMG_20200813_125010.jpg HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sun, 16 Aug 2020 22:26:09 GMT
accept-ranges: bytes
content-length: 1514280
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=17, height=2736, bps=0, PhotometricIntepretation=RGB, manufacturer=HUAWEI, model=LYA-L29, orientation=upper-left, width=3648], baseline, precision 8, 1920x550, components 3\012- data
Size:   1514280
Md5:    52c1fe8a75d01c70ec3a8fb8a859d64d
Sha1:   5c9aa01966552f184c7eea52f1dc20f58dd3ded2
Sha256: b47e2c89197ffe3019ad84fb7e32135431cf4fabdd4a5482b4e595c8e060df54

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2020/08/IMG_20200813_120417-1.jpg HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sun, 16 Aug 2020 22:26:01 GMT
accept-ranges: bytes
content-length: 1564888
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=17, height=2736, bps=0, PhotometricIntepretation=RGB, manufacturer=HUAWEI, model=LYA-L29, orientation=upper-left, width=3648], progressive, precision 8, 1920x550, components 3\012- data
Size:   1564888
Md5:    9b62fc3dd6e8f4f394106eabcf6c9f40
Sha1:   530d2f701b69852a87dfd4513e302f894925bbe1
Sha256: 1aff685f36b39a28d9b412e70b3024016770651f5c4d3f4d43a233589898b5f7

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2020/08/IMG_20200813_115311.jpg HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sun, 16 Aug 2020 22:25:40 GMT
accept-ranges: bytes
content-length: 1628910
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=15, height=0, bps=0, PhotometricIntepretation=RGB, manufacturer=HUAWEI, model=LYA-L29, orientation=upper-left, width=0], baseline, precision 8, 1920x550, components 3\012- data
Size:   1628910
Md5:    e79a2281a938f798720179193679f86d
Sha1:   24e7285986e333b361874e31fd7734d03d20f713
Sha256: c0e66afab861beae32e4b890e98008263cb6dacdeb9b756774f18f77fde35f3f

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2020/08/IMG_20200813_125814.2.jpg HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sun, 16 Aug 2020 22:25:17 GMT
accept-ranges: bytes
content-length: 2038599
date: Fri, 18 Nov 2022 21:01:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=17, height=5472, bps=0, PhotometricIntepretation=RGB, manufacturer=HUAWEI, model=LYA-L29, orientation=upper-left, width=7296], baseline, precision 8, 1920x550, components 3\012- data
Size:   2038599
Md5:    3ba3677c8e8feb1d2814e51f45da78b4
Sha1:   e993ea1d16174cbc4579eb47e09468bc867e213c
Sha256: b9e04a61aa08274d588fe5cfb55e0652e435e33f6f1dd852272dd8cac20756bf

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /gyopareszpresszo.hu/wp-content/uploads/2020/08/cropped-Irj-be-nemi-torzsszoveget-416x416-1.png?fit=32%2C32&ssl=1 HTTP/1.1 
Host: i1.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         192.0.77.2
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Fri, 18 Nov 2022 21:01:58 GMT
content-length: 706
last-modified: Thu, 17 Nov 2022 17:03:04 GMT
expires: Sun, 17 Nov 2024 05:03:04 GMT
cache-control: public, max-age=63115200
link: <https://gyopareszpresszo.hu/wp-content/uploads/2020/08/cropped-Irj-be-nemi-torzsszoveget-416x416-1.png>; rel="canonical"
x-content-type-options: nosniff
etag: "e21ce9a8214f394d"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   706
Md5:    fbe246fcf4f4a49fc33eacadadd59a9e
Sha1:   4328da09f888f3b230de2cf34710d6d816220c31
Sha256: 46defaa0632b0cc6967f1065dc69bbfb10c7dfc8c05354f99f5a795b40a35f86
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2275
Cache-Control: max-age=89703
Date: Fri, 18 Nov 2022 21:01:58 GMT
Etag: "6376a54a-1d7"
Expires: Sat, 19 Nov 2022 21:57:01 GMT
Last-Modified: Thu, 17 Nov 2022 21:19:06 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /bp.js HTTP/1.1 
Host: pixel.barion.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.66.42.214
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 18 Nov 2022 21:01:56 GMT
cache-control: max-age=2592000, public
cf-bgj: minify
cf-polished: origSize=68448
access-control-allow-credentials: true
access-control-allow-origin: *
content-security-policy: block-all-mixed-content
etag: W/"f050ec3c8b6d9ebbe2ae90042a6efcbd"
expires: Sun, 04 Dec 2022 13:25:43 GMT
last-modified: Thu, 07 Jul 2022 13:25:26 GMT
strict-transport-security: max-age=15552000
vary: Accept-Encoding, Origin
x-amz-request-id: 16FF8EEDA9ECD6AA
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1236338
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c3a4edfe070b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11962)
Size:   31494
Md5:    6aeb68dc7cb5aa0858e02c021b5cdd3f
Sha1:   8022132885ef4ff8c927b65cf6634e1a1e421df3
Sha256: 12ad4e0c6e07a4571c5567f2ed06ef00936cb963257de8a37323f1fc3bc8fbd4
                                        
                                            GET /hu_HU/sdk.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 3730073520c35ec494e3c625d07396d1
etag: "8e9813d1e7b69e42c7b6f2b5d8f4e97a"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 18 Nov 2022 21:14:52 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: r9udMsnh/JzRUHfTAIjV6w==
x-fb-debug: Mnr2K2l2F8lBza7FnRZwZJvyq5IvFLMLovPET3HyHdNQuAFEbqleDP01XjzFCy5G0b9obP6cCUGV1fMpjHkKIw==
content-length: 1687
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 21:01:58 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1957)
Size:   1687
Md5:    afdb9d32c9e1fc9cd15077d30088d5eb
Sha1:   d70cf9ff256fee469f0f0974bb23b9bbf88f5977
Sha256: eec8c9e6d4a427e5648312b3ad8db70b328e755b7fcc6c817c69658bc79ff7ad
                                        
                                            GET /gyopareszpresszo.hu/wp-content/uploads/2020/08/cropped-Irj-be-nemi-torzsszoveget-416x416-1.png?fit=192%2C192&ssl=1 HTTP/1.1 
Host: i1.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         192.0.77.2
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Fri, 18 Nov 2022 21:01:58 GMT
content-length: 16380
last-modified: Fri, 18 Nov 2022 21:01:58 GMT
expires: Mon, 18 Nov 2024 09:01:58 GMT
cache-control: public, max-age=63115200
link: <https://gyopareszpresszo.hu/wp-content/uploads/2020/08/cropped-Irj-be-nemi-torzsszoveget-416x416-1.png>; rel="canonical"
x-content-type-options: nosniff
etag: "cbe7498980e5fa32"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   16380
Md5:    4a97eb1464265dd3de68cd8a89ce21a5
Sha1:   bf1127b12de9bd3f5ec4bd23d3b3e45e0286093c
Sha256: 723e4e03ab7031e80f848ed883c3504a669ff42225d78b247bdda8a07fc8b08b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2275
Cache-Control: max-age=89703
Date: Fri, 18 Nov 2022 21:01:58 GMT
Etag: "6376a54a-1d7"
Expires: Sat, 19 Nov 2022 21:57:01 GMT
Last-Modified: Thu, 17 Nov 2022 21:19:06 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /hu_HU/sdk.js?hash=470137e874779e5761e268f3bf8ef9d1 HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gyopareszpresszo.hu
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 56d6bfefbb2f121e664d5e4284e63909
etag: "9896f98fe4e3566f7081b07d368056a2"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 18 Nov 2023 17:34:25 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: QtZ2U1QHdmMWNG7ULnx5Gg==
x-fb-debug: 5RnhE0UfFBg4U6v5A+4l5hhnyPJyaxnoWEObWu3JHtp7qtYJt8disjNYbuP/jJggNKCaj39C/S0468IdCiuSuA==
priority: u=3,i
content-length: 87028
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 21:01:59 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13192)
Size:   87028
Md5:    42d676535407766316346ed42e7c791a
Sha1:   d721844281be81bae6870e886f61a06de5c98ff7
Sha256: e018c7ea46b7e3ed7f3acabedc422319929f50d9a6149c58bcfddb869c8b3165
                                        
                                            GET /rsrc.php/v3/yt/l/0,cross/s7Li9Aq-hu0.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 15 Nov 2023 17:16:43 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: UCTXUcAUMgNvH9Y/jrG2EQ==
x-fb-debug: rc9yi1bDEv0y0aKKdBwD9QzO1fO7zCGgRqpV/0XZDbLehje51vjMbNXv1JiOtPVbMFGSSm3ttyZQtB4EezVAzA==
content-length: 4696
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 21:02:01 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, ASCII text, with very long lines (2642)
Size:   4696
Md5:    5024d751c01432036f1fd63f8eb1b611
Sha1:   a3715766ced44ec80370205c277b350ce62cb02b
Sha256: 9aea4f4cab9baea9136507cc618763179c0bc6c80ad6a80eb4f68316b174c95c
                                        
                                            GET /rsrc.php/v3/y0/l/0,cross/0Tr5NQXuVJC.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 18 Nov 2023 18:18:39 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: f/Pn1oktGirDa+tnlGs7Lg==
x-fb-debug: LdPFxYcZDnWEXk5q2+rEpeg1RhK6nEXV+TRPrxGi97n2pcl6Rq//gE7xbYYCESXbmkX/KGIQWU6UzyTdba0d0g==
content-length: 5099
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 21:02:01 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4431)
Size:   5099
Md5:    7ff3e7d6892d1a2ac36beb67946b3b2e
Sha1:   7e4252e178786cfeb7e7a4203309b7e1f54b09ba
Sha256: 0fb1095a6aa680a65f88e60cd15a81d91e14c18efa4d02925c957f3ddae1c349
                                        
                                            POST /?wc-ajax=get_refreshed_fragments HTTP/1.1 
Host: gyopareszpresszo.hu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://gyopareszpresszo.hu
Connection: keep-alive
Referer: https://gyopareszpresszo.hu/aet/?qbot.zip
Cookie: wp_wpfileupload_f8e1f4768418187a6b3d8fe3e4e73c78=RkF8dcDhpWyrhKmEGbZzWDO5YBSO365c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.111.89.170
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
access-control-allow-origin: https://gyopareszpresszo.hu
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
date: Fri, 18 Nov 2022 21:01:57 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- data
Size:   3234
Md5:    c7dc2f273d1d564ab5614f2129ec7645
Sha1:   d7ddad41829c240c6d3c2ed44c2e56990bb06314
Sha256: 92735dade91ce7a04a2cd5c01c1a3844447be91be20b02cc06348a00042e5876

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /rsrc.php/v3/y2/l/0,cross/omRD7tpM0dQ.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 15 Nov 2023 02:22:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 0tQS1EsC+xdeZhxxv3DZgg==
x-fb-debug: 71MlXQuZAqG5LcOCecnZKjVFsDfpm6FNMDVkfbcZW01eTC09L4DPRHFxFVy4nUvJRQ8Mv1/WQ0Ce5JxHAgr4jw==
priority: u=3,i
content-length: 1389
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 21:02:01 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5454)
Size:   1389
Md5:    d2d412d44b02fb175e661c71bf70d982
Sha1:   4d6dac1a81ca87c33931a2366d80b2b91d5bb279
Sha256: 3387eea3f37a7582732b0ba893faef13759736dd2aefe1dd4a932f7bb353d722
                                        
                                            GET /rsrc.php/v3/y8/r/qc0dVyw0ZD0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 17 Nov 2023 16:37:58 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FR6H049PQl5E2chRya7PBQ==
x-fb-debug: 578mKTEkjWrVEys7x3EPigYBAculQ9+xqvoP9TrG2OhBAdzzHHNJrM2CslcbWlUPbOvnx/9TeqgH2B9JTmDk2g==
content-length: 91088
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 21:02:01 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18622)
Size:   91088
Md5:    151e87d38f4f425e44d9c851c9aecf05
Sha1:   762111e5095f5354be95b98ad476f6e7161ce6b1
Sha256: f236f289f38c8081b496e0537ed3b2c66822e7a743f5d9d4959f955c64b0b2b0
                                        
                                            GET /rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 07 Nov 2023 21:29:50 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
x-fb-debug: 8wfJHm/OTmUimpYLHqmFx0zK7zZKmbhmdxKPRe0Ddb/jB3DBuwry5M4WAMCosSl33thx2iA5vMezBbW00qquSw==
priority: u=3,i
content-length: 1657
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 21:02:01 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1984)
Size:   1657
Md5:    16f083b23b565db9d2f20d1ad75933c1
Sha1:   6d74ad139c96b1e3fc9d541419788b5b4893ec9a
Sha256: 36b909cd9132a8996a1bbb221d05217c31506a6951bb408deeea6aa612dc4200
                                        
                                            GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 04:45:50 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: B2XXbXRnFhVtU9Nu5vgINg==
x-fb-debug: 01HAuQilrQz1l0sulnsK+0BR8ONViIeLDTMAqQ3wAdlNmPG4zBCSQLPEDqUoARlbnYccIanwdU3Xn2LwA9VHBA==
content-length: 12369
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 21:02:01 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5542)
Size:   12369
Md5:    0765d76d746716156d53d36ee6f80836
Sha1:   17e1546f87cc6417615caa10dcbbcb699c59471a
Sha256: f1e6af63ae9ff0385126b72a492b0d34709514dd4c00074a1be28272c253d4f8
                                        
                                            GET /rsrc.php/v3/yz/r/lYejkzyV906.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 04:30:18 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: lTtwXiE9Z6XJ8ZO+A6+U0g==
x-fb-debug: 5MbwS7Od7bA+eY4pSk5u6ViHSQeYk2u8LzIq12NLXIFgZnFBud362NrbIgFOqGPLZNtxu0H06X5X2TQW4AiU8w==
content-length: 427
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 21:02:01 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (704)
Size:   427
Md5:    953b705e213d67a5c9f193be03af94d2
Sha1:   20ba97702ad0d0ca499a65bffd5ca50740c62b79
Sha256: 1e7fa0e9a2ddc308ed653e5928c1ff4edcfffabe518f18407beffac932b7f93e
                                        
                                            GET /rsrc.php/v3i48T4/yn/l/hu_HU/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 18 Nov 2023 00:26:23 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: j0ULSOtUPsOu61371SSLsg==
x-fb-debug: p3U9XYWvPa/I+fuke8JHXNfFjk3ZBJ7Xid2kyYfpUP2bTvr/CxEXWBRlyA4VK3/HiAI5h20XPzjPNRsvMI5XcQ==
content-length: 8335
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 21:02:01 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2905)
Size:   8335
Md5:    8f450b48eb543ec3aeeb5dfbd5248bb2
Sha1:   ffc120c2a1cf2b58b23f3e1136ab09cadbf9d04b
Sha256: fb6f535cd4de7fa1d0ba762680362d3f50681779ef27aedd8a4df31e26cd1846
                                        
                                            GET /rsrc.php/v3/y-/r/y841rZ2iNa0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 05:04:43 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: cejpO15V8gEAE7CBT0465Q==
x-fb-debug: C/EC5sZQT7XV5BDFunWE5HcD8G7fTnWFrFwWQ/rGHeSNO5XkK706ORQBk10xOa7Ow+oKSIdFxS6Ia8i534VOUA==
priority: u=3,i
content-length: 8748
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 21:02:01 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9885)
Size:   8748
Md5:    71e8e93b5e55f2010013b0814f4e3ae5
Sha1:   4732ba3acc539a0e9ff12d08c1b5a16f535bd594
Sha256: b710ea52f812ac39c5195f0c170142bfcfcc274aa6b250a29a1ed1c59ea58556
                                        
                                            GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 09 Nov 2023 00:23:00 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dvWT6EJnf3PNCgYjKHSyww==
x-fb-debug: VhNvMqq/a2luBaPuhJG8Dzm4AEhba5Hu9VZqhpiyqsgK6QT56eyQYxgyUGYTFMgqEqcwBYmGxlsdY6Hv+MZEow==
priority: u=3,i
content-length: 338
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 21:02:01 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (327)
Size:   338
Md5:    76f593e842677f73cd0a06232874b2c3
Sha1:   25a13f79478d5a0e286a2299dca2f3b296463079
Sha256: 74dcbe026002f10b703960a500b50dabe518862e568a9e689dec7afa243fa44d
                                        
                                            GET /rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 04:54:20 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 37KShYF/ynsGi6DsmKojkg==
x-fb-debug: 1OJX/K81m7XImTplLGw/7ANit8XayK5qe73Ffg7JAY5pCZTbd+j9zpsVmjKxIE8dfQCm3VZyVLLkqeUvbScSuA==
content-length: 16262
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 21:02:01 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (8741)
Size:   16262
Md5:    dfb29285817fca7b068ba0ec98aa2392
Sha1:   78cd49585da28a245a096781c8e0fada59cf2b72
Sha256: 2c4a3a46d7dfaf97bbc16a2b93470d1b3382c0da3f44dca0c987a3384cee43d3
                                        
                                            GET /rsrc.php/v3iYek4/yf/l/hu_HU/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 16 Nov 2023 19:32:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: VB9vNo9Q7MKq5nqfJRIorw==
x-fb-debug: QI1e59fAP6p+4/1XHj3siTG/D2mwHncnuD9vyoqRBrAqJXwOup1FN/LBsfIlHaghtDG/yDixgTfKtDFm0OfUZg==
content-length: 23591
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 21:02:01 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (42306)
Size:   23591
Md5:    541f6f368f50ecc2aae67a9f251228af
Sha1:   2c3492782d1682d5c88ab7ea535fed88b8e8f631
Sha256: e8712cb28c58b3192f0400422038c19ef9d116beb39b82e04d0370104645a368
                                        
                                            GET /rsrc.php/v3/yJ/r/wXhbxYJbfst.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 15 Nov 2023 01:40:21 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: QmOQLwjUKZxrrQqoyQG7hQ==
x-fb-debug: JqhJj/bvAxUsOKUmx3CiaFP/qnyKl+697no31BNYk0yEkExY/3R1VF1x5e/20IvZCEaRxNilSvjacCLZqhC5Tg==
content-length: 7865
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 21:02:01 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4643)
Size:   7865
Md5:    4263902f08d4299c6bad0aa8c901bb85
Sha1:   47867a84b33903997793c2d6089774d47a266faf
Sha256: 61d1b58a7f92df7ada14a899e3c72bea0b8d6b5fdefe94c42848da6af4b33002
                                        
                                            GET /rsrc.php/v3/yd/r/6Tt3dFU7fzn.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 18 Nov 2023 18:11:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: myabTwtBokoHurykL+AzJQ==
x-fb-debug: t0F3xQJZpkVdCk7XEqybgtN87QHRJORcFcgBM4teAILVLm5ZdVd8ZnBkFifRaW+X9Z8/ae5lXkkBoJtX6K4HTA==
content-length: 5246
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 21:02:01 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2