Overview

URLbataan.gov.ph/behold-bataan/pawikan-conservation-center/
IP 162.240.12.240 (United States)
ASN#46606 UNIFIEDLAYER-AS-1
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-02 09:21:15 UTC
StatusLoading report..
IDS alerts0
Blocklist alert64
urlquery alerts No alerts detected
Tags None

Domain Summary (15)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-01 17:14:08 UTC 34.102.187.140
www.bataan.gov.ph (107) 0 2013-05-09 04:45:20 UTC 2015-08-28 11:53:02 UTC 162.240.12.240 Unknown ranking
r3.o.lencr.org (7) 344 No data No data 23.36.76.226
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-01 17:12:49 UTC 34.117.237.239
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.187.71.185
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
fonts.gstatic.com (12) 0 2014-09-09 00:40:21 UTC 2022-12-01 22:08:56 UTC 142.250.74.35 Domain (gstatic.com) ranked at: 540
gwhs.i.gov.ph (1) 287398 2016-03-18 10:58:32 UTC 2022-11-30 05:33:23 UTC 202.90.154.133
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-12-01 17:12:24 UTC 142.250.74.99 Domain (gstatic.com) ranked at: 540
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
bataan.gov.ph (3) 0 2013-05-09 04:45:20 UTC 2022-11-30 12:00:29 UTC 162.240.12.240 Unknown ranking
ocsp.pki.goog (9) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
fonts.googleapis.com (3) 8877 2013-06-10 20:14:26 UTC 2022-12-01 17:28:41 UTC 142.250.74.106
zerossl.ocsp.sectigo.com (1) 4049 No data No data 172.64.155.188

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-02 2 bataan.gov.ph/behold-bataan/pawikan-conservation-center/ Phishing
2022-12-02 2 bataan.gov.ph/behold-bataan/pawikan-conservation-center/ Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/contact-form-7/includes/css/styles.css (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/ova-dep/assets/css/frontend/ovadep-sty (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/ova-portfolio/assets/css/frontend/ovap (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/ova_doc/assets/css/frontend/ovadoc-sty (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/ova-sev/assets/css/frontend/ovasev-sty (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/uploads/elementor/css/post-6.css?ver=1660871083 Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/tablepress/css/default.min.css?ver=1.14 Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/uploads/elementor/css/post-917.css?ver=1660876409 Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/essential-addons-for-elementor-lite/as (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor/assets/lib/font-awesome/css/ (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/uploads/elementor/css/post-664.css?ver=1660871652 Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/uploads/elementor/css/post-230.css?ver=1666753966 Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor/assets/lib/font-awesome/css/ (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/ova-events/assets/js/frontend/event.js (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/uploads/elementor/css/global.css?ver=1660871669 Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/ova-team/assets/js/script-elementor.js (...) Malware
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/contact-form-7/modules/recaptcha/index (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-includes/js/imagesloaded.min.js?ver=4.1.4 Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor/assets/lib/font-awesome/css/ (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor/assets/css/frontend-lite.min (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/themes/egovt/assets/js/script.js Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor-pro/assets/js/webpack-pro.ru (...) Malware
2022-12-02 2 www.bataan.gov.ph/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd0 (...) Malware
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor/assets/js/webpack.runtime.mi (...) Malware
2022-12-02 2 www.bataan.gov.ph/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/essential-addons-for-elementor-lite/as (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazylo (...) Malware
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor/assets/lib/waypoints/waypoin (...) Malware
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/contact-form-7/includes/js/index.js?ve (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 Phishing
2022-12-02 2 www.bataan.gov.ph/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor-pro/assets/js/elements-handl (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor-pro/assets/js/frontend.min.j (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/ova-portfolio/assets/libs/isotope/isot (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1 Malware
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor/assets/js/frontend.min.js?ve (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-includes/js/dist/vendor/moment.min.js?ver=2.29.2 Malware
2022-12-02 2 www.bataan.gov.ph/wp-content/themes/egovt/assets/libs/select2/select2.min.js Malware
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/happy-elementor-addons-pro/assets/js/h (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/themes/egovt/assets/libs/feather.min.js Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/themes/egovt/assets/libs/bootstrap/js/bootstra (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor/assets/lib/font-awesome/webf (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor/assets/js/text-editor.2c35aa (...) Malware
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor/assets/lib/dialog/dialog.min (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor/assets/js/lightbox.2d166d71b (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor/assets/lib/font-awesome/webf (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor/assets/lib/font-awesome/webf (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/themes/egovt/assets/libs/elegant_font/fonts/El (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/themes/egovt/assets/libs/elegant_font/fonts/El (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor/assets/lib/font-awesome/webf (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/themes/egovt/assets/libs/fontawesome/webfonts/ (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/themes/egovt/assets/libs/fontawesome/webfonts/ (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor/assets/lib/font-awesome/webf (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/themes/egovt/assets/libs/fontawesome/webfonts/ (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/themes/egovt/assets/libs/fontawesome/webfonts/ (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor/assets/lib/font-awesome/webf (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/themes/egovt/assets/libs/fontawesome/webfonts/ (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/themes/egovt/assets/libs/fontawesome/webfonts/ (...) Phishing
2022-12-02 2 bataan.gov.ph/mod_pagespeed_beacon?url=https%3A%2F%2Fbataan.gov.ph%2Fbehold (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/themes/egovt/assets/libs/fontawesome/webfonts/ (...) Phishing
2022-12-02 2 www.bataan.gov.ph/wp-content/plugins/elementor/assets/lib/font-awesome/webf (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 162.240.12.240
Date UQ / IDS / BL URL IP
2022-12-02 09:21:15 +0000 0 - 0 - 64 bataan.gov.ph/behold-bataan/pawikan-conservat (...) 162.240.12.240
2022-11-30 12:00:24 +0000 0 - 0 - 36 bataan.gov.ph/ 162.240.12.240


Last 5 reports on ASN: UNIFIEDLAYER-AS-1
Date UQ / IDS / BL URL IP
2023-02-05 02:05:58 +0000 0 - 0 - 5 versoflor.de/bppost/ 69.49.229.142
2023-02-05 02:03:54 +0000 0 - 0 - 2 goto.otopplace.com/DE/ING/Anmelden-mit-Zugang (...) 192.185.48.129
2023-02-05 02:03:40 +0000 3 - 2 - 2 www.alibaba-enquiryservice.com/Download/ 50.116.114.88
2023-02-05 02:03:15 +0000 0 - 0 - 2 goto.otopplace.com/DE/ING/Anmelden-mit-Zugang (...) 192.185.48.129
2023-02-05 02:02:36 +0000 0 - 0 - 5 www.rccgdrc.ca/mygovato/otp2.html 162.215.214.86


Last 2 reports on domain: bataan.gov.ph
Date UQ / IDS / BL URL IP
2022-12-02 09:21:15 +0000 0 - 0 - 64 bataan.gov.ph/behold-bataan/pawikan-conservat (...) 162.240.12.240
2022-11-30 12:00:24 +0000 0 - 0 - 36 bataan.gov.ph/ 162.240.12.240


No other reports with similar screenshot

JavaScript

Executed Scripts (64)

Executed Evals (5)
#1 JavaScript::Eval (size: 15588) - SHA256: 0d4559ba47020dfb3d3229a79fae241152a0337f86a9c8a01bd5add41c1753b7
/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var y = this || self,
        e = function(R) {
            return R
        },
        q = function(R, n) {
            if ((n = (R = y.trustedTypes, null), !R) || !R.createPolicy) return n;
            try {
                n = R.createPolicy("bg", {
                    createHTML: e,
                    createScript: e,
                    createScriptURL: e
                })
            } catch (k) {
                y.console && y.console.error(k.message)
            }
            return n
        };
    (0, eval)(function(R, n) {
        return (n = q()) && 1 === R.eval(n.createScript("1")) ? function(k) {
            return n.createScript(k)
        } : function(k) {
            return "" + k
        }
    }(y)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var p=function(R,n,k){k[V(R,n,k),Rl]=2796},nX=function(R,n){return R(function(k){k(n)}),[function(){return n}]},kz=function(R,n,k,q,c){for(n=(q=(c=n[3]|0,0),n[2])|0;14>q;q++)c=c>>>8|c<<24,k=k>>>8|k<<24,k+=R|0,c+=n|0,k^=n+2298,R=R<<3|R>>>29,c^=q+2298,R^=k,n=n<<3|n>>>29,n^=c;return[R>>>24&255,R>>>16&255,R>>>8&255,R>>>0&255,k>>>24&255,k>>>16&255,k>>>8&255,k>>>0&255]},E,L=function(R,n,k,q,c,y,e,K,N,Q,Z,w,U,h){if(y=v(n,278),y>=n.B)throw[x,31];for(c=(K=0,q=R,Q=y,n.c0.length);0<q;)Z=Q%8,N=8-(Z|0),N=N<q?N:q,U=Q>>3,w=n.i[U],k&&(e=n,e.A!=Q>>6&&(e.A=Q>>6,h=v(e,358),e.l=kz(e.O,[0,0,h[1],h[2]],e.A)),w^=n.l[U&c]),K|=(w>>8-(Z|0)-(N|0)&(1<<N)-1)<<(q|0)-(N|0),Q+=N,q-=N;return V(278,n,(k=K,(y|0)+(R|0))),k},yB=function(R,n,k,q){try{q=R[((n|0)+2)%3],R[n]=(R[n]|0)-(R[((n|0)+1)%3]|0)-(q|0)^(1==n?q<<k:q>>>k)}catch(c){throw c;}},eM=function(R,n){return n=P(R),n&128&&(n=n&127|P(R)<<7),n},qX=function(R,n,k){if((n=typeof R,"object")==n)if(R){if(R instanceof Array)return"array";if(R instanceof Object)return n;if("[object Window]"==(k=Object.prototype.toString.call(R),k))return"object";if("[object Array]"==k||"number"==typeof R.length&&"undefined"!=typeof R.splice&&"undefined"!=typeof R.propertyIsEnumerable&&!R.propertyIsEnumerable("splice"))return"array";if("[object Function]"==k||"undefined"!=typeof R.call&&"undefined"!=typeof R.propertyIsEnumerable&&!R.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==n&&"undefined"==typeof R.call)return"object";return n},C=function(R,n){R.P.splice(0,0,n)},G=function(R,n,k,q,c,y){if(n.C==n)for(c=v(n,R),421==R?(R=function(e,K,N,Q){if(c.mm!=(Q=((K=c.length,K)|0)-4>>3,Q)){Q=(c.mm=(N=[0,0,y[1],y[2]],Q),(Q<<3)-4);try{c.nk=kz(KX(c,Q),N,KX(c,(Q|0)+4))}catch(Z){throw Z;}}c.push(c.nk[K&7]^e)},y=v(n,408)):R=function(e){c.push(e)},q&&R(q&255),n=k.length,q=0;q<n;q++)R(k[q])},NX=function(R,n,k,q){for(;R.P.length;){k=(R.F=null,R).P.pop();try{q=ca(R,k)}catch(c){r(R,c)}if(n&&R.F){n=R.F,n(function(){B(true,R,true)});break}}return q},QB=function(R,n,k,q){return(q=I[R.substring(0,3)+"_"])?q(R.substring(3),n,k):nX(n,R)},sk=function(R,n,k,q,c){G(((c=(k=u((c=u((q=n&4,n&=3,R)),R)),v(R,c)),q)&&(c=pX(""+c)),n&&G(k,R,D(2,c.length)),k),R,c)},l=function(R,n,k,q,c,y,e,K,N){if((R.C=(((K=(y=(N=(c=(e=0<(k||R.X++,R).U&&R.S&&R.xh&&1>=R.J&&!R.L&&!R.F&&(!k||1<R.Z-n)&&0==document.hidden,4==R.X))||e?R.s():R.T,N-R.T),y)>>14,R).O&&(R.O^=K*(y<<2)),R).Y+=K,K||R.C),c)||e)R.X=0,R.T=N;if(!e||N-R.H<R.U-(q?255:k?5:2))return false;return!((V(278,(q=v(R,(R.Z=n,k?426:278)),R),R.B),R.P).push([jM,q,k?n+1:n]),R.F=z,0)},Ek=function(R,n,k){if(3==R.length){for(k=0;3>k;k++)n[k]+=R[k];for(k=[(R=0,13),8,13,12,16,5,3,10,15];9>R;R++)n[3](n,R%3,k[R])}},u=function(R,n){if(R.L)return Zn(R,R.N);return n=L(8,R,true),n&128&&(n^=128,R=L(2,R,true),n=(n<<2)+(R|0)),n},KX=function(R,n){return R[n]<<24|R[(n|0)+1]<<16|R[(n|0)+2]<<8|R[(n|0)+3]},we=function(R,n,k,q,c,y,e,K){return(c=d[n.I]((k=[-2,42,-72,-(y=va,46),-26,-71,k,61,(K=q&7,9),2],n.MJ)),c)[n.I]=function(N){e=N,K+=6+7*q,K&=7},c.concat=function(N){return(N=(e=(N=+(N=R%16+1,k)[K+59&7]*R*N-N*e- -2440*e+(y()|0)*N+1*R*R*N-2562*R*e-61*R*R*e+K+61*e*e,void 0),k[N]),k[(K+69&7)+(q&2)]=N,k)[K+(q&2)]=42,N},c},V=function(R,n,k){if(278==R||426==R)n.u[R]?n.u[R].concat(k):n.u[R]=h8(n,k);else{if(n.D&&358!=R)return;305==R||421==R||352==R||236==R||408==R?n.u[R]||(n.u[R]=we(R,n,k,54)):n.u[R]=we(R,n,k,113)}358==R&&(n.O=L(32,n,false),n.A=void 0)},P=function(R){return R.L?Zn(R,R.N):L(8,R,true)},B=function(R,n,k,q,c,y){if(n.P.length){(n.S=!(n.S&&0(),0),n).xh=k;try{q=n.s(),n.H=q,n.T=q,n.X=0,c=NX(n,k),y=n.s()-n.H,n.G+=y,y<(R?0:10)||0>=n.g--||(y=Math.floor(y),n.K.push(254>=y?y:254))}finally{n.S=false}return c}},xz=function(R,n,k,q){for(k=(q=u(n),0);0<R;R--)k=k<<8|P(n);V(q,n,k)},I,Pa=function(R,n,k,q){return v(R,(LX((q=v(R,278),R.i&&q<R.B?(V(278,R,R.B),Uk(k,R)):V(278,R,k),n),R),V(278,R,q),15))},Tu=function(R,n,k,q,c){for(c=(q=(k.In=(k.MJ=J8(k.I,(k.v0=(k.NJ=be,CX),k.c0=k[F],{get:function(){return this.concat()}})),d)[k.I](k.MJ,{value:{value:{}}}),[]),0);128>c;c++)q[c]=String.fromCharCode(c);B((C((C(k,(C(k,(p(340,(V((V(305,k,[160,((V(307,(V(327,(V(236,k,(p(59,k,(p(127,k,(p(119,(V(421,k,(V(270,k,(p(87,(p(158,(p(396,k,(p(448,k,(k.on=(p(362,(k.E9=(p((p(250,k,(p(371,(V(15,(p(354,k,(V(352,k,((p(442,k,(p(227,k,(p(103,k,(p(11,k,(p(121,(V(289,(p(173,(V(409,k,(p(275,k,(p(317,(p(375,k,(p(432,((p((p(295,(V(278,k,(k.B0=(k.wE=(k.P0=function(y){this.C=y},k.u=(k.R=void 0,[]),k.F=((k.O=(k.N=void 0,void 0),k.Y=1,k.U=0,(k.Rn=[],k).C=k,c=window.performance||{},k.j=[],(k.J=0,k).T=0,k.B=0,k.S=((k.A=void 0,k.X=void 0,k).i=[],k.H=(k.P=(k.xh=false,[]),k.g=(k.G=0,25),0),k.L=(k.l=void 0,void 0),k.D=false,k.Z=8001,false),k).K=[],null),0),c).timeOrigin||(c.timing||{}).navigationStart||0,0)),V(426,k,0),k),function(y,e,K,N){V((e=v(y,(N=(K=(N=(e=u(y),u(y)),u(y)),v(y,N)),e)),K),y,e in N|0)}),163),k,function(y,e,K,N){!l(y,e,true,false)&&(e=re(y),N=e.Ck,K=e.h,y.C==y||K==y.P0&&N==y)&&(V(e.un,y,K.apply(N,e.o)),y.T=y.s())}),p)(341,k,function(y,e,K,N){if(N=y.Rn.pop()){for(K=P(y);0<K;K--)e=u(y),N[e]=y.u[e];y.u=(N[236]=y.u[236],N[307]=y.u[307],N)}else V(278,y,y.B)}),k),function(y,e){(e=v(y,u(y)),Uk)(e,y.C)}),function(y,e,K,N){(e=v(y,(N=v((K=(N=u((e=u(y),y)),u(y)),y),N),e))==N,V)(K,y,+e)})),k),function(y){xz(4,y)}),function(y,e,K,N,Q,Z){if(!l(y,e,true,true)){if("object"==(y=v((N=(Q=v((e=v((N=(e=(Q=(Z=u(y),u)(y),u(y)),u)(y),y),e),y),Q),v(y,N)),y),Z),qX)(y)){for(K in Z=[],y)Z.push(K);y=Z}for(Z=(e=0<e?e:1,K=y.length,0);Z<K;Z+=e)Q(y.slice(Z,(Z|0)+(e|0)),N)}})),p(193,k,function(y,e,K,N,Q){0!==(Q=v(y,(K=(e=v((N=v(y,(N=(Q=u((K=u(y),y)),e=u(y),u(y)),N)),y),e),v(y.C,K)),Q)),K)&&(N=Ba(e,N,y,1,K,Q),K.addEventListener(Q,N,W),V(270,y,[K,Q,N]))}),687)),k),function(y){sk(y,4)}),k),0),k),function(){}),function(y,e,K,N,Q,Z,w){for(w=(e=(K=(N=u(y),Z=eM(y),Q="",v(y,115)),K.length),0);Z--;)w=((w|0)+(eM(y)|0))%e,Q+=q[K[w]];V(N,y,Q)})),function(y,e,K){K=v((e=(K=(e=u(y),u(y)),0!=v(y,e)),y),K),e&&V(278,y,K)})),function(y,e,K,N,Q){for(K=(e=(N=u(y),eM)(y),0),Q=[];K<e;K++)Q.push(P(y));V(N,y,Q)})),function(y,e,K){(e=u((K=u(y),y)),V)(e,y,""+v(y,K))})),V)(408,k,[0,0,0]),[])),function(y,e,K,N,Q,Z,w,U,h,T,Y,J){function f(b,a){for(;e<b;)T|=P(y)<<e,e+=8;return T>>=(a=T&(e-=b,(1<<b)-1),b),a}for(K=(h=(U=(Y=(e=T=(Z=u(y),0),f(3)|0)+1,f(5)),0),[]),Q=0;Q<U;Q++)J=f(1),K.push(J),h+=J?0:1;for(Q=(N=(h=((h|0)-1).toString(2).length,[]),0);Q<U;Q++)K[Q]||(N[Q]=f(h));for(h=0;h<U;h++)K[h]&&(N[h]=u(y));for(w=[];Y--;)w.push(v(y,u(y)));p(Z,y,function(b,a,O,VB,X){for(O=(VB=(X=[],[]),0);O<U;O++){if(a=N[O],!K[O]){for(;a>=X.length;)X.push(u(b));a=X[a]}VB.push(a)}b.L=h8(b,w.slice()),b.N=h8(b,VB)})})),k),{}),k),function(y){al(y,1)}),function(y,e,K){l(y,e,true,false)||(e=u(y),K=u(y),V(K,y,function(N){return eval(N)}(Gu(v(y.C,e)))))})),499),k,function(y){sk(y,3)}),0),k),function(y,e,K,N){K=(N=P((e=u(y),y)),u(y)),V(K,y,v(y,e)>>>N)}),0),function(y,e,K,N){V((e=v(y,(N=v(y,(K=u((N=u(y),y)),N)),K)),K),y,e+N)})),function(y,e){y=(e=u(y),v)(y.C,e),y[0].removeEventListener(y[1],y[2],W)})),k),function(y,e,K,N,Q){V((K=v(y,(N=(Q=v(y,(Q=(N=(K=(e=u(y),u(y)),u(y)),u)(y),Q)),v(y,N)),K)),e),y,Ba(K,N,y,Q))}),k),function(y,e,K){V((K=v(y,(e=(K=u(y),u(y)),K)),K=qX(K),e),y,K)}),0)),S(4))),k),function(y,e,K,N,Q,Z){l(y,e,true,false)||(N=re(y.C),e=N.o,Z=N.Ck,Q=N.h,K=e.length,N=N.un,e=0==K?new Z[Q]:1==K?new Z[Q](e[0]):2==K?new Z[Q](e[0],e[1]):3==K?new Z[Q](e[0],e[1],e[2]):4==K?new Z[Q](e[0],e[1],e[2],e[3]):2(),V(N,y,e))}),function(y,e,K,N){N=u((e=u(y),y)),K=u(y),y.C==y&&(N=v(y,N),K=v(y,K),v(y,e)[N]=K,358==e&&(y.A=void 0,2==N&&(y.O=L(32,y,false),y.A=void 0)))})),function(y){al(y,4)})),[])),k),H),k),2048),k).an=0,0),0]),120),k,k),k),function(y,e,K,N){V((K=v((e=v(y,(N=u((K=u((e=u(y),y)),y)),e)),y),K),N),y,e[K])}),p(472,k,function(y,e,K,N){N=(e=u(y),u)(y),K=u(y),V(K,y,v(y,e)||v(y,N))}),[Rl])),[A,n])),k),[Il,R]),true),k,true)},J8=function(R,n){return d[R](d.prototype,{pop:n,replace:n,length:n,document:n,splice:n,parent:n,stack:n,floor:n,prototype:n,console:n,call:n,propertyIsEnumerable:n})},pX=function(R,n,k,q,c){for(q=(R=R.replace(/\\r\\n/g,"\\n"),n=0,[]),k=0;n<R.length;n++)c=R.charCodeAt(n),128>c?q[k++]=c:(2048>c?q[k++]=c>>6|192:(55296==(c&64512)&&n+1<R.length&&56320==(R.charCodeAt(n+1)&64512)?(c=65536+((c&1023)<<10)+(R.charCodeAt(++n)&1023),q[k++]=c>>18|240,q[k++]=c>>12&63|128):q[k++]=c>>12|224,q[k++]=c>>6&63|128),q[k++]=c&63|128);return q},LX=function(R,n,k,q,c,y){if(!n.R){n.J++;try{for(k=(q=(y=void 0,n).B,0);--R;)try{if((c=void 0,n).L)y=Zn(n,n.L);else{if(k=v(n,278),k>=q)break;y=(c=(V(426,n,k),u(n)),v)(n,c)}(y&&y[ue]&2048?y(n,R):M(n,0,[x,21,c]),l)(n,R,false,false)}catch(e){v(n,409)?M(n,22,e):V(409,n,e)}if(!R){if(n.Lk){n.J--,LX(338687074593,n);return}M(n,0,[x,33])}}catch(e){try{M(n,22,e)}catch(K){r(n,K)}}n.J--}},Zn=function(R,n){return(n=n.create().shift(),R.L.create()).length||R.N.create().length||(R.L=void 0,R.N=void 0),n},Dn=function(R,n,k,q){function c(){}return{invoke:(k=QB((q=void 0,R),function(y){c&&(n&&z(n),q=y,c(),c=void 0)},!!n)[0],function(y,e,K,N){function Q(){q(function(Z){z(function(){y(Z)})},K)}if(!e)return e=k(K),y&&y(e),e;q?Q():(N=c,c=function(){N(),z(Q)})})}},v=function(R,n){if(void 0===(R=R.u[n],R))throw[x,30,n];if(R.value)return R.create();return R.create(1*n*n+42*n+-40),R.prototype},D=function(R,n,k,q){for(k=(q=(R|0)-1,[]);0<=q;q--)k[(R|0)-1-(q|0)]=n>>8*q&255;return k},Uk=function(R,n){V(278,((n.Rn.push(n.u.slice()),n.u)[278]=void 0,n),R)},r=function(R,n){R.R=((R.R?R.R+"~":"E:")+n.message+":"+n.stack).slice(0,2048)},fX=function(R,n,k){return n.W(function(q){k=q},false,R),k},Ba=function(R,n,k,q,c,y){function e(){if(k.C==k){if(k.u){var K=[m,R,n,void 0,c,y,arguments];if(2==q)var N=B(false,(C(k,K),k),false);else if(1==q){var Q=!k.P.length;C(k,K),Q&&B(false,k,false)}else N=ca(k,K);return N}c&&y&&c.removeEventListener(y,e,W)}}return e},S=function(R,n){for(n=[];R--;)n.push(255*Math.random()|0);return n},ca=function(R,n,k,q,c){if(c=n[0],c==g)R.g=25,R.v(n);else if(c==F){q=n[1];try{k=R.R||R.v(n)}catch(y){r(R,y),k=R.R}q(k)}else if(c==jM)R.v(n);else if(c==A)R.v(n);else if(c==Il){try{for(k=0;k<R.j.length;k++)try{q=R.j[k],q[0][q[1]](q[2])}catch(y){}}catch(y){}(0,n[R.j=[],1])(function(y,e){R.W(y,true,e)},function(y){(C((y=!R.P.length,R),[ue]),y)&&B(false,R,true)})}else{if(c==m)return k=n[2],V(126,R,n[6]),V(15,R,k),R.v(n);c==ue?(R.K=[],R.i=[],R.u=null):c==Rl&&"loading"===H.document.readyState&&(R.F=function(y,e){function K(){e||(e=true,y())}H.document.addEventListener("DOMContentLoaded",(e=false,K),W),H.addEventListener("load",K,W)})}},al=function(R,n,k,q){G((k=u(R),q=u(R),q),R,D(n,v(R,k)))},$z=function(R,n){if((R=null,n=H.trustedTypes,!n)||!n.createPolicy)return R;try{R=n.createPolicy("bg",{createHTML:zu,createScript:zu,createScriptURL:zu})}catch(k){H.console&&H.console.error(k.message)}return R},zu=function(R){return R},M=function(R,n,k,q,c,y){if(!R.D){if((k=v(R,(n=(0==(q=((c=void 0,k&&k[0]===x)&&(c=k[2],n=k[1],k=void 0),v)(R,236),q).length&&(y=v(R,426)>>3,q.push(n,y>>8&255,y&255),void 0!=c&&q.push(c&255)),""),k&&(k.message&&(n+=k.message),k.stack&&(n+=":"+k.stack)),307)),3)<k){R.C=(c=(n=pX((k-=((n=n.slice(0,(k|0)-3),n.length)|0)+3,n)),R.C),R);try{G(421,R,D(2,n.length).concat(n),9)}finally{R.C=c}}V(307,R,k)}},H=this||self,t=function(R,n,k){k=this;try{Tu(n,R,this)}catch(q){r(this,q),n(function(c){c(k.R)})}},h8=function(R,n,k){return k=d[R.I](R.In),k[R.I]=function(){return n},k.concat=function(q){n=q},k},W={passive:true,capture:true},re=function(R,n,k,q,c,y){for(q=(c=(n=(k=u((y=R[le]||{},R)),y.un=u(R),y.o=[],R.C==R?(P(R)|0)-1:1),u(R)),0);q<n;q++)y.o.push(u(R));for(y.Ck=v(R,c);n--;)y.o[n]=v(R,y.o[n]);return y.h=v(R,k),y},z=H.requestIdleCallback?function(R){requestIdleCallback(function(){R()},{timeout:4})}:H.setImmediate?function(R){setImmediate(R)}:function(R){setTimeout(R,0)},de=function(R,n){n.push(R[0]<<24|R[1]<<16|R[2]<<8|R[3]),n.push(R[4]<<24|R[5]<<16|R[6]<<8|R[7]),n.push(R[8]<<24|R[9]<<16|R[10]<<8|R[11])},le=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),x=((t.prototype.V="toString",t.prototype.Lk=false,t).prototype.Qy=void 0,{}),g=[],Il=[],jM=[],A=[],m=[],ue=(t.prototype.kh=void 0,[]),F=[],Rl=[],d=(E=((de,function(){})(S),yB,Ek,t.prototype),E.zc=function(){return Math.floor(this.G+(this.s()-this.H))},x.constructor),va=(E.s=(t.prototype.I="create",(E.dE=(E.W=function(R,n,k,q,c){if((k="array"===qX(k)?k:[k],this).R)R(this.R);else try{q=!this.P.length,c=[],C(this,[g,c,k]),C(this,[F,R,c]),n&&!q||B(true,this,n)}catch(y){r(this,y),R(this.R)}},function(R,n,k,q,c,y){for(c=q=0,y=[];q<R.length;q++)for(c+=n,k=k<<n|R[q];7<c;)c-=8,y.push(k>>c&255);return y}),(E.eN=(E.s9=function(R,n,k){return((n=(n^=n<<13,n^=n>>17,(n^n<<5)&k))||(n=1),R)^n},function(R,n,k,q,c){for(q=c=0;c<R.length;c++)q+=R.charCodeAt(c),q+=q<<10,q^=q>>6;return c=new Number((q+=q<<3,q^=q>>11,R=q+(q<<15)>>>0,R&(1<<n)-1)),c[0]=(R>>>n)%k,c}),E.FH=function(){return Math.floor(this.s())},window.performance||{}).now)?function(){return this.B0+window.performance.now()}:function(){return+new Date}),void 0),CX=((t.prototype.v=function(R,n){return n={},va=(R={},function(){return n==R?-40:9}),function(k,q,c,y,e,K,N,Q,Z,w,U,h,T,Y,J){n=(Y=n,R);try{if(h=k[0],h==A){T=k[1];try{for(Q=(y=atob(T),e=[],K=0);Q<y.length;Q++)J=y.charCodeAt(Q),255<J&&(e[K++]=J&255,J>>=8),e[K++]=J;V(358,this,(this.B=(this.i=e,this.i).length<<3,[0,0,0]))}catch(f){M(this,17,f);return}LX(8001,this)}else if(h==g)k[1].push(v(this,307),v(this,421).length,v(this,352).length,v(this,305).length),V(15,this,k[2]),this.u[349]&&Pa(this,8001,v(this,349));else{if(h==F){this.C=(Z=(U=D(2,(v(this,(K=k[2],305)).length|0)+2),this.C),this);try{w=v(this,236),0<w.length&&G(305,this,D(2,w.length).concat(w),10),G(305,this,D(1,this.Y),109),G(305,this,D(1,this[F].length)),y=0,y-=(v(this,305).length|0)+5,y+=v(this,289)&2047,q=v(this,421),4<q.length&&(y-=(q.length|0)+3),0<y&&G(305,this,D(2,y).concat(S(y)),15),4<q.length&&G(305,this,D(2,q.length).concat(q),156)}finally{this.C=Z}if(c=((Q=S(2).concat(v(this,305)),Q[1]=Q[0]^6,Q[3]=Q[1]^U[0],Q)[4]=Q[1]^U[1],this.rE(Q)))c="!"+c;else for(c="",y=0;y<Q.length;y++)N=Q[y][this.V](16),1==N.length&&(N="0"+N),c+=N;return v(this,(v((v((V(307,this,(e=c,K.shift())),this),421).length=K.shift(),this),352).length=K.shift(),305)).length=K.shift(),e}if(h==jM)Pa(this,k[2],k[1]);else if(h==m)return Pa(this,8001,k[1])}}finally{n=Y}}}(),t.prototype).rE=function(R,n,k,q){if(n=window.btoa){for(q=(k=0,"");k<R.length;k+=8192)q+=String.fromCharCode.apply(null,R.slice(k,k+8192));R=n(q).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else R=void 0;return R},/./);(t.prototype.Ax=0,t.prototype).yy=0;var be,Fn=A.pop.bind((t.prototype[Il]=[0,0,1,1,0,1,1],t).prototype[g]),Gu=function(R,n){return(n=$z())&&1===R.eval(n.createScript("1"))?function(k){return n.createScript(k)}:function(k){return""+k}}(((be=J8(t.prototype.I,{get:(CX[t.prototype.V]=Fn,Fn)}),t.prototype).O9=void 0,H));40<(I=H.botguard||(H.botguard={}),I.m)||(I.m=41,I.bg=Dn,I.a=QB),I.bDL_=function(R,n,k){return k=new t(R,n),[function(q){return fX(q,k)}]};}).call(this);'));
}).call(this);
#2 JavaScript::Eval (size: 21675) - SHA256: 287fff56625b7a75c12ff4637ca57b6cd66671bac2c3ae0dfe488e76e628b013
(function() {
    var p = function(R, n, k) {
            k[V(R, n, k), Rl] = 2796
        },
        nX = function(R, n) {
            return R(function(k) {
                k(n)
            }), [function() {
                return n
            }]
        },
        kz = function(R, n, k, q, c) {
            for (n = (q = (c = n[3] | 0, 0), n[2]) | 0; 14 > q; q++) c = c >>> 8 | c << 24, k = k >>> 8 | k << 24, k += R | 0, c += n | 0, k ^= n + 2298, R = R << 3 | R >>> 29, c ^= q + 2298, R ^= k, n = n << 3 | n >>> 29, n ^= c;
            return [R >>> 24 & 255, R >>> 16 & 255, R >>> 8 & 255, R >>> 0 & 255, k >>> 24 & 255, k >>> 16 & 255, k >>> 8 & 255, k >>> 0 & 255]
        },
        E, L = function(R, n, k, q, c, y, e, K, N, Q, Z, w, U, h) {
            if (y = v(n, 278), y >= n.B) throw [x, 31];
            for (c = (K = 0, q = R, Q = y, n.c0.length); 0 < q;) Z = Q % 8, N = 8 - (Z | 0), N = N < q ? N : q, U = Q >> 3, w = n.i[U], k && (e = n, e.A != Q >> 6 && (e.A = Q >> 6, h = v(e, 358), e.l = kz(e.O, [0, 0, h[1], h[2]], e.A)), w ^= n.l[U & c]), K |= (w >> 8 - (Z | 0) - (N | 0) & (1 << N) - 1) << (q | 0) - (N | 0), Q += N, q -= N;
            return V(278, n, (k = K, (y | 0) + (R | 0))), k
        },
        yB = function(R, n, k, q) {
            try {
                q = R[((n | 0) + 2) % 3], R[n] = (R[n] | 0) - (R[((n | 0) + 1) % 3] | 0) - (q | 0) ^ (1 == n ? q << k : q >>> k)
            } catch (c) {
                throw c;
            }
        },
        eM = function(R, n) {
            return n = P(R), n & 128 && (n = n & 127 | P(R) << 7), n
        },
        qX = function(R, n, k) {
            if ((n = typeof R, "object") == n)
                if (R) {
                    if (R instanceof Array) return "array";
                    if (R instanceof Object) return n;
                    if ("[object Window]" == (k = Object.prototype.toString.call(R), k)) return "object";
                    if ("[object Array]" == k || "number" == typeof R.length && "undefined" != typeof R.splice && "undefined" != typeof R.propertyIsEnumerable && !R.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == k || "undefined" != typeof R.call && "undefined" != typeof R.propertyIsEnumerable && !R.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == n && "undefined" == typeof R.call) return "object";
            return n
        },
        C = function(R, n) {
            R.P.splice(0, 0, n)
        },
        G = function(R, n, k, q, c, y) {
            if (n.C == n)
                for (c = v(n, R), 421 == R ? (R = function(e, K, N, Q) {
                        if (c.mm != (Q = ((K = c.length, K) | 0) - 4 >> 3, Q)) {
                            Q = (c.mm = (N = [0, 0, y[1], y[2]], Q), (Q << 3) - 4);
                            try {
                                c.nk = kz(KX(c, Q), N, KX(c, (Q | 0) + 4))
                            } catch (Z) {
                                throw Z;
                            }
                        }
                        c.push(c.nk[K & 7] ^ e)
                    }, y = v(n, 408)) : R = function(e) {
                        c.push(e)
                    }, q && R(q & 255), n = k.length, q = 0; q < n; q++) R(k[q])
        },
        NX = function(R, n, k, q) {
            for (; R.P.length;) {
                k = (R.F = null, R).P.pop();
                try {
                    q = ca(R, k)
                } catch (c) {
                    r(R, c)
                }
                if (n && R.F) {
                    n = R.F, n(function() {
                        B(true, R, true)
                    });
                    break
                }
            }
            return q
        },
        QB = function(R, n, k, q) {
            return (q = I[R.substring(0, 3) + "_"]) ? q(R.substring(3), n, k) : nX(n, R)
        },
        sk = function(R, n, k, q, c) {
            G(((c = (k = u((c = u((q = n & 4, n &= 3, R)), R)), v(R, c)), q) && (c = pX("" + c)), n && G(k, R, D(2, c.length)), k), R, c)
        },
        l = function(R, n, k, q, c, y, e, K, N) {
            if ((R.C = (((K = (y = (N = (c = (e = 0 < (k || R.X++, R).U && R.S && R.xh && 1 >= R.J && !R.L && !R.F && (!k || 1 < R.Z - n) && 0 == document.hidden, 4 == R.X)) || e ? R.s() : R.T, N - R.T), y) >> 14, R).O && (R.O ^= K * (y << 2)), R).Y += K, K || R.C), c) || e) R.X = 0, R.T = N;
            if (!e || N - R.H < R.U - (q ? 255 : k ? 5 : 2)) return false;
            return !((V(278, (q = v(R, (R.Z = n, k ? 426 : 278)), R), R.B), R.P).push([jM, q, k ? n + 1 : n]), R.F = z, 0)
        },
        Ek = function(R, n, k) {
            if (3 == R.length) {
                for (k = 0; 3 > k; k++) n[k] += R[k];
                for (k = [(R = 0, 13), 8, 13, 12, 16, 5, 3, 10, 15]; 9 > R; R++) n[3](n, R % 3, k[R])
            }
        },
        u = function(R, n) {
            if (R.L) return Zn(R, R.N);
            return n = L(8, R, true), n & 128 && (n ^= 128, R = L(2, R, true), n = (n << 2) + (R | 0)), n
        },
        KX = function(R, n) {
            return R[n] << 24 | R[(n | 0) + 1] << 16 | R[(n | 0) + 2] << 8 | R[(n | 0) + 3]
        },
        we = function(R, n, k, q, c, y, e, K) {
            return (c = d[n.I]((k = [-2, 42, -72, -(y = va, 46), -26, -71, k, 61, (K = q & 7, 9), 2], n.MJ)), c)[n.I] = function(N) {
                e = N, K += 6 + 7 * q, K &= 7
            }, c.concat = function(N) {
                return (N = (e = (N = +(N = R % 16 + 1, k)[K + 59 & 7] * R * N - N * e - -2440 * e + (y() | 0) * N + 1 * R * R * N - 2562 * R * e - 61 * R * R * e + K + 61 * e * e, void 0), k[N]), k[(K + 69 & 7) + (q & 2)] = N, k)[K + (q & 2)] = 42, N
            }, c
        },
        V = function(R, n, k) {
            if (278 == R || 426 == R) n.u[R] ? n.u[R].concat(k) : n.u[R] = h8(n, k);
            else {
                if (n.D && 358 != R) return;
                305 == R || 421 == R || 352 == R || 236 == R || 408 == R ? n.u[R] || (n.u[R] = we(R, n, k, 54)) : n.u[R] = we(R, n, k, 113)
            }
            358 == R && (n.O = L(32, n, false), n.A = void 0)
        },
        P = function(R) {
            return R.L ? Zn(R, R.N) : L(8, R, true)
        },
        B = function(R, n, k, q, c, y) {
            if (n.P.length) {
                (n.S = !(n.S && 0(), 0), n).xh = k;
                try {
                    q = n.s(), n.H = q, n.T = q, n.X = 0, c = NX(n, k), y = n.s() - n.H, n.G += y, y < (R ? 0 : 10) || 0 >= n.g-- || (y = Math.floor(y), n.K.push(254 >= y ? y : 254))
                } finally {
                    n.S = false
                }
                return c
            }
        },
        xz = function(R, n, k, q) {
            for (k = (q = u(n), 0); 0 < R; R--) k = k << 8 | P(n);
            V(q, n, k)
        },
        I, Pa = function(R, n, k, q) {
            return v(R, (LX((q = v(R, 278), R.i && q < R.B ? (V(278, R, R.B), Uk(k, R)) : V(278, R, k), n), R), V(278, R, q), 15))
        },
        Tu = function(R, n, k, q, c) {
            for (c = (q = (k.In = (k.MJ = J8(k.I, (k.v0 = (k.NJ = be, CX), k.c0 = k[F], {get: function() {
                        return this.concat()
                    }
                })), d)[k.I](k.MJ, {
                    value: {
                        value: {}
                    }
                }), []), 0); 128 > c; c++) q[c] = String.fromCharCode(c);
            B((C((C(k, (C(k, (p(340, (V((V(305, k, [160, ((V(307, (V(327, (V(236, k, (p(59, k, (p(127, k, (p(119, (V(421, k, (V(270, k, (p(87, (p(158, (p(396, k, (p(448, k, (k.on = (p(362, (k.E9 = (p((p(250, k, (p(371, (V(15, (p(354, k, (V(352, k, ((p(442, k, (p(227, k, (p(103, k, (p(11, k, (p(121, (V(289, (p(173, (V(409, k, (p(275, k, (p(317, (p(375, k, (p(432, ((p((p(295, (V(278, k, (k.B0 = (k.wE = (k.P0 = function(y) {
                this.C = y
            }, k.u = (k.R = void 0, []), k.F = ((k.O = (k.N = void 0, void 0), k.Y = 1, k.U = 0, (k.Rn = [], k).C = k, c = window.performance || {}, k.j = [], (k.J = 0, k).T = 0, k.B = 0, k.S = ((k.A = void 0, k.X = void 0, k).i = [], k.H = (k.P = (k.xh = false, []), k.g = (k.G = 0, 25), 0), k.L = (k.l = void 0, void 0), k.D = false, k.Z = 8001, false), k).K = [], null), 0), c).timeOrigin || (c.timing || {}).navigationStart || 0, 0)), V(426, k, 0), k), function(y, e, K, N) {
                V((e = v(y, (N = (K = (N = (e = u(y), u(y)), u(y)), v(y, N)), e)), K), y, e in N | 0)
            }), 163), k, function(y, e, K, N) {
                !l(y, e, true, false) && (e = re(y), N = e.Ck, K = e.h, y.C == y || K == y.P0 && N == y) && (V(e.un, y, K.apply(N, e.o)), y.T = y.s())
            }), p)(341, k, function(y, e, K, N) {
                if (N = y.Rn.pop()) {
                    for (K = P(y); 0 < K; K--) e = u(y), N[e] = y.u[e];
                    y.u = (N[236] = y.u[236], N[307] = y.u[307], N)
                } else V(278, y, y.B)
            }), k), function(y, e) {
                (e = v(y, u(y)), Uk)(e, y.C)
            }), function(y, e, K, N) {
                (e = v(y, (N = v((K = (N = u((e = u(y), y)), u(y)), y), N), e)) == N, V)(K, y, +e)
            })), k), function(y) {
                xz(4, y)
            }), function(y, e, K, N, Q, Z) {
                if (!l(y, e, true, true)) {
                    if ("object" == (y = v((N = (Q = v((e = v((N = (e = (Q = (Z = u(y), u)(y), u(y)), u)(y), y), e), y), Q), v(y, N)), y), Z), qX)(y)) {
                        for (K in Z = [], y) Z.push(K);
                        y = Z
                    }
                    for (Z = (e = 0 < e ? e : 1, K = y.length, 0); Z < K; Z += e) Q(y.slice(Z, (Z | 0) + (e | 0)), N)
                }
            })), p(193, k, function(y, e, K, N, Q) {
                0 !== (Q = v(y, (K = (e = v((N = v(y, (N = (Q = u((K = u(y), y)), e = u(y), u(y)), N)), y), e), v(y.C, K)), Q)), K) && (N = Ba(e, N, y, 1, K, Q), K.addEventListener(Q, N, W), V(270, y, [K, Q, N]))
            }), 687)), k), function(y) {
                sk(y, 4)
            }), k), 0), k), function() {}), function(y, e, K, N, Q, Z, w) {
                for (w = (e = (K = (N = u(y), Z = eM(y), Q = "", v(y, 115)), K.length), 0); Z--;) w = ((w | 0) + (eM(y) | 0)) % e, Q += q[K[w]];
                V(N, y, Q)
            })), function(y, e, K) {
                K = v((e = (K = (e = u(y), u(y)), 0 != v(y, e)), y), K), e && V(278, y, K)
            })), function(y, e, K, N, Q) {
                for (K = (e = (N = u(y), eM)(y), 0), Q = []; K < e; K++) Q.push(P(y));
                V(N, y, Q)
            })), function(y, e, K) {
                (e = u((K = u(y), y)), V)(e, y, "" + v(y, K))
            })), V)(408, k, [0, 0, 0]), [])), function(y, e, K, N, Q, Z, w, U, h, T, Y, J) {
                function f(b, a) {
                    for (; e < b;) T |= P(y) << e, e += 8;
                    return T >>= (a = T & (e -= b, (1 << b) - 1), b), a
                }
                for (K = (h = (U = (Y = (e = T = (Z = u(y), 0), f(3) | 0) + 1, f(5)), 0), []), Q = 0; Q < U; Q++) J = f(1), K.push(J), h += J ? 0 : 1;
                for (Q = (N = (h = ((h | 0) - 1).toString(2).length, []), 0); Q < U; Q++) K[Q] || (N[Q] = f(h));
                for (h = 0; h < U; h++) K[h] && (N[h] = u(y));
                for (w = []; Y--;) w.push(v(y, u(y)));
                p(Z, y, function(b, a, O, VB, X) {
                    for (O = (VB = (X = [], []), 0); O < U; O++) {
                        if (a = N[O], !K[O]) {
                            for (; a >= X.length;) X.push(u(b));
                            a = X[a]
                        }
                        VB.push(a)
                    }
                    b.L = h8(b, w.slice()), b.N = h8(b, VB)
                })
            })), k), {}), k), function(y) {
                al(y, 1)
            }), function(y, e, K) {
                l(y, e, true, false) || (e = u(y), K = u(y), V(K, y, function(N) {
                    return eval(N)
                }(Gu(v(y.C, e)))))
            })), 499), k, function(y) {
                sk(y, 3)
            }), 0), k), function(y, e, K, N) {
                K = (N = P((e = u(y), y)), u(y)), V(K, y, v(y, e) >>> N)
            }), 0), function(y, e, K, N) {
                V((e = v(y, (N = v(y, (K = u((N = u(y), y)), N)), K)), K), y, e + N)
            })), function(y, e) {
                y = (e = u(y), v)(y.C, e), y[0].removeEventListener(y[1], y[2], W)
            })), k), function(y, e, K, N, Q) {
                V((K = v(y, (N = (Q = v(y, (Q = (N = (K = (e = u(y), u(y)), u(y)), u)(y), Q)), v(y, N)), K)), e), y, Ba(K, N, y, Q))
            }), k), function(y, e, K) {
                V((K = v(y, (e = (K = u(y), u(y)), K)), K = qX(K), e), y, K)
            }), 0)), S(4))), k), function(y, e, K, N, Q, Z) {
                l(y, e, true, false) || (N = re(y.C), e = N.o, Z = N.Ck, Q = N.h, K = e.length, N = N.un, e = 0 == K ? new Z[Q] : 1 == K ? new Z[Q](e[0]) : 2 == K ? new Z[Q](e[0], e[1]) : 3 == K ? new Z[Q](e[0], e[1], e[2]) : 4 == K ? new Z[Q](e[0], e[1], e[2], e[3]) : 2(), V(N, y, e))
            }), function(y, e, K, N) {
                N = u((e = u(y), y)), K = u(y), y.C == y && (N = v(y, N), K = v(y, K), v(y, e)[N] = K, 358 == e && (y.A = void 0, 2 == N && (y.O = L(32, y, false), y.A = void 0)))
            })), function(y) {
                al(y, 4)
            })), [])), k), H), k), 2048), k).an = 0, 0), 0]), 120), k, k), k), function(y, e, K, N) {
                V((K = v((e = v(y, (N = u((K = u((e = u(y), y)), y)), e)), y), K), N), y, e[K])
            }), p(472, k, function(y, e, K, N) {
                N = (e = u(y), u)(y), K = u(y), V(K, y, v(y, e) || v(y, N))
            }), [Rl])), [A, n])), k), [Il, R]), true), k, true)
        },
        J8 = function(R, n) {
            return d[R](d.prototype, {
                pop: n,
                replace: n,
                length: n,
                document: n,
                splice: n,
                parent: n,
                stack: n,
                floor: n,
                prototype: n,
                console: n,
                call: n,
                propertyIsEnumerable: n
            })
        },
        pX = function(R, n, k, q, c) {
            for (q = (R = R.replace(/\r\n/g, "\n"), n = 0, []), k = 0; n < R.length; n++) c = R.charCodeAt(n), 128 > c ? q[k++] = c : (2048 > c ? q[k++] = c >> 6 | 192 : (55296 == (c & 64512) && n + 1 < R.length && 56320 == (R.charCodeAt(n + 1) & 64512) ? (c = 65536 + ((c & 1023) << 10) + (R.charCodeAt(++n) & 1023), q[k++] = c >> 18 | 240, q[k++] = c >> 12 & 63 | 128) : q[k++] = c >> 12 | 224, q[k++] = c >> 6 & 63 | 128), q[k++] = c & 63 | 128);
            return q
        },
        LX = function(R, n, k, q, c, y) {
            if (!n.R) {
                n.J++;
                try {
                    for (k = (q = (y = void 0, n).B, 0); --R;) try {
                        if ((c = void 0, n).L) y = Zn(n, n.L);
                        else {
                            if (k = v(n, 278), k >= q) break;
                            y = (c = (V(426, n, k), u(n)), v)(n, c)
                        }(y && y[ue] & 2048 ? y(n, R) : M(n, 0, [x, 21, c]), l)(n, R, false, false)
                    } catch (e) {
                        v(n, 409) ? M(n, 22, e) : V(409, n, e)
                    }
                    if (!R) {
                        if (n.Lk) {
                            n.J--, LX(338687074593, n);
                            return
                        }
                        M(n, 0, [x, 33])
                    }
                } catch (e) {
                    try {
                        M(n, 22, e)
                    } catch (K) {
                        r(n, K)
                    }
                }
                n.J--
            }
        },
        Zn = function(R, n) {
            return (n = n.create().shift(), R.L.create()).length || R.N.create().length || (R.L = void 0, R.N = void 0), n
        },
        Dn = function(R, n, k, q) {
            function c() {}
            return {
                invoke: (k = QB((q = void 0, R), function(y) {
                    c && (n && z(n), q = y, c(), c = void 0)
                }, !!n)[0], function(y, e, K, N) {
                    function Q() {
                        q(function(Z) {
                            z(function() {
                                y(Z)
                            })
                        }, K)
                    }
                    if (!e) return e = k(K), y && y(e), e;
                    q ? Q() : (N = c, c = function() {
                        N(), z(Q)
                    })
                })
            }
        },
        v = function(R, n) {
            if (void 0 === (R = R.u[n], R)) throw [x, 30, n];
            if (R.value) return R.create();
            return R.create(1 * n * n + 42 * n + -40), R.prototype
        },
        D = function(R, n, k, q) {
            for (k = (q = (R | 0) - 1, []); 0 <= q; q--) k[(R | 0) - 1 - (q | 0)] = n >> 8 * q & 255;
            return k
        },
        Uk = function(R, n) {
            V(278, ((n.Rn.push(n.u.slice()), n.u)[278] = void 0, n), R)
        },
        r = function(R, n) {
            R.R = ((R.R ? R.R + "~" : "E:") + n.message + ":" + n.stack).slice(0, 2048)
        },
        fX = function(R, n, k) {
            return n.W(function(q) {
                k = q
            }, false, R), k
        },
        Ba = function(R, n, k, q, c, y) {
            function e() {
                if (k.C == k) {
                    if (k.u) {
                        var K = [m, R, n, void 0, c, y, arguments];
                        if (2 == q) var N = B(false, (C(k, K), k), false);
                        else if (1 == q) {
                            var Q = !k.P.length;
                            C(k, K), Q && B(false, k, false)
                        } else N = ca(k, K);
                        return N
                    }
                    c && y && c.removeEventListener(y, e, W)
                }
            }
            return e
        },
        S = function(R, n) {
            for (n = []; R--;) n.push(255 * Math.random() | 0);
            return n
        },
        ca = function(R, n, k, q, c) {
            if (c = n[0], c == g) R.g = 25, R.v(n);
            else if (c == F) {
                q = n[1];
                try {
                    k = R.R || R.v(n)
                } catch (y) {
                    r(R, y), k = R.R
                }
                q(k)
            } else if (c == jM) R.v(n);
            else if (c == A) R.v(n);
            else if (c == Il) {
                try {
                    for (k = 0; k < R.j.length; k++) try {
                        q = R.j[k], q[0][q[1]](q[2])
                    } catch (y) {}
                } catch (y) {}(0, n[R.j = [], 1])(function(y, e) {
                    R.W(y, true, e)
                }, function(y) {
                    (C((y = !R.P.length, R), [ue]), y) && B(false, R, true)
                })
            } else {
                if (c == m) return k = n[2], V(126, R, n[6]), V(15, R, k), R.v(n);
                c == ue ? (R.K = [], R.i = [], R.u = null) : c == Rl && "loading" === H.document.readyState && (R.F = function(y, e) {
                    function K() {
                        e || (e = true, y())
                    }
                    H.document.addEventListener("DOMContentLoaded", (e = false, K), W), H.addEventListener("load", K, W)
                })
            }
        },
        al = function(R, n, k, q) {
            G((k = u(R), q = u(R), q), R, D(n, v(R, k)))
        },
        $z = function(R, n) {
            if ((R = null, n = H.trustedTypes, !n) || !n.createPolicy) return R;
            try {
                R = n.createPolicy("bg", {
                    createHTML: zu,
                    createScript: zu,
                    createScriptURL: zu
                })
            } catch (k) {
                H.console && H.console.error(k.message)
            }
            return R
        },
        zu = function(R) {
            return R
        },
        M = function(R, n, k, q, c, y) {
            if (!R.D) {
                if ((k = v(R, (n = (0 == (q = ((c = void 0, k && k[0] === x) && (c = k[2], n = k[1], k = void 0), v)(R, 236), q).length && (y = v(R, 426) >> 3, q.push(n, y >> 8 & 255, y & 255), void 0 != c && q.push(c & 255)), ""), k && (k.message && (n += k.message), k.stack && (n += ":" + k.stack)), 307)), 3) < k) {
                    R.C = (c = (n = pX((k -= ((n = n.slice(0, (k | 0) - 3), n.length) | 0) + 3, n)), R.C), R);
                    try {
                        G(421, R, D(2, n.length).concat(n), 9)
                    } finally {
                        R.C = c
                    }
                }
                V(307, R, k)
            }
        },
        H = this || self,
        t = function(R, n, k) {
            k = this;
            try {
                Tu(n, R, this)
            } catch (q) {
                r(this, q), n(function(c) {
                    c(k.R)
                })
            }
        },
        h8 = function(R, n, k) {
            return k = d[R.I](R.In), k[R.I] = function() {
                return n
            }, k.concat = function(q) {
                n = q
            }, k
        },
        W = {
            passive: true,
            capture: true
        },
        re = function(R, n, k, q, c, y) {
            for (q = (c = (n = (k = u((y = R[le] || {}, R)), y.un = u(R), y.o = [], R.C == R ? (P(R) | 0) - 1 : 1), u(R)), 0); q < n; q++) y.o.push(u(R));
            for (y.Ck = v(R, c); n--;) y.o[n] = v(R, y.o[n]);
            return y.h = v(R, k), y
        },
        z = H.requestIdleCallback ? function(R) {
            requestIdleCallback(function() {
                R()
            }, {
                timeout: 4
            })
        } : H.setImmediate ? function(R) {
            setImmediate(R)
        } : function(R) {
            setTimeout(R, 0)
        },
        de = function(R, n) {
            n.push(R[0] << 24 | R[1] << 16 | R[2] << 8 | R[3]), n.push(R[4] << 24 | R[5] << 16 | R[6] << 8 | R[7]), n.push(R[8] << 24 | R[9] << 16 | R[10] << 8 | R[11])
        },
        le = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        x = ((t.prototype.V = "toString", t.prototype.Lk = false, t).prototype.Qy = void 0, {}),
        g = [],
        Il = [],
        jM = [],
        A = [],
        m = [],
        ue = (t.prototype.kh = void 0, []),
        F = [],
        Rl = [],
        d = (E = ((de, function() {})(S), yB, Ek, t.prototype), E.zc = function() {
            return Math.floor(this.G + (this.s() - this.H))
        }, x.constructor),
        va = (E.s = (t.prototype.I = "create", (E.dE = (E.W = function(R, n, k, q, c) {
            if ((k = "array" === qX(k) ? k : [k], this).R) R(this.R);
            else try {
                q = !this.P.length, c = [], C(this, [g, c, k]), C(this, [F, R, c]), n && !q || B(true, this, n)
            } catch (y) {
                r(this, y), R(this.R)
            }
        }, function(R, n, k, q, c, y) {
            for (c = q = 0, y = []; q < R.length; q++)
                for (c += n, k = k << n | R[q]; 7 < c;) c -= 8, y.push(k >> c & 255);
            return y
        }), (E.eN = (E.s9 = function(R, n, k) {
            return ((n = (n ^= n << 13, n ^= n >> 17, (n ^ n << 5) & k)) || (n = 1), R) ^ n
        }, function(R, n, k, q, c) {
            for (q = c = 0; c < R.length; c++) q += R.charCodeAt(c), q += q << 10, q ^= q >> 6;
            return c = new Number((q += q << 3, q ^= q >> 11, R = q + (q << 15) >>> 0, R & (1 << n) - 1)), c[0] = (R >>> n) % k, c
        }), E.FH = function() {
            return Math.floor(this.s())
        }, window.performance || {}).now) ? function() {
            return this.B0 + window.performance.now()
        } : function() {
            return +new Date
        }), void 0),
        CX = ((t.prototype.v = function(R, n) {
            return n = {}, va = (R = {}, function() {
                    return n == R ? -40 : 9
                }),
                function(k, q, c, y, e, K, N, Q, Z, w, U, h, T, Y, J) {
                    n = (Y = n, R);
                    try {
                        if (h = k[0], h == A) {
                            T = k[1];
                            try {
                                for (Q = (y = atob(T), e = [], K = 0); Q < y.length; Q++) J = y.charCodeAt(Q), 255 < J && (e[K++] = J & 255, J >>= 8), e[K++] = J;
                                V(358, this, (this.B = (this.i = e, this.i).length << 3, [0, 0, 0]))
                            } catch (f) {
                                M(this, 17, f);
                                return
                            }
                            LX(8001, this)
                        } else if (h == g) k[1].push(v(this, 307), v(this, 421).length, v(this, 352).length, v(this, 305).length), V(15, this, k[2]), this.u[349] && Pa(this, 8001, v(this, 349));
                        else {
                            if (h == F) {
                                this.C = (Z = (U = D(2, (v(this, (K = k[2], 305)).length | 0) + 2), this.C), this);
                                try {
                                    w = v(this, 236), 0 < w.length && G(305, this, D(2, w.length).concat(w), 10), G(305, this, D(1, this.Y), 109), G(305, this, D(1, this[F].length)), y = 0, y -= (v(this, 305).length | 0) + 5, y += v(this, 289) & 2047, q = v(this, 421), 4 < q.length && (y -= (q.length | 0) + 3), 0 < y && G(305, this, D(2, y).concat(S(y)), 15), 4 < q.length && G(305, this, D(2, q.length).concat(q), 156)
                                } finally {
                                    this.C = Z
                                }
                                if (c = ((Q = S(2).concat(v(this, 305)), Q[1] = Q[0] ^ 6, Q[3] = Q[1] ^ U[0], Q)[4] = Q[1] ^ U[1], this.rE(Q))) c = "!" + c;
                                else
                                    for (c = "", y = 0; y < Q.length; y++) N = Q[y][this.V](16), 1 == N.length && (N = "0" + N), c += N;
                                return v(this, (v((v((V(307, this, (e = c, K.shift())), this), 421).length = K.shift(), this), 352).length = K.shift(), 305)).length = K.shift(), e
                            }
                            if (h == jM) Pa(this, k[2], k[1]);
                            else if (h == m) return Pa(this, 8001, k[1])
                        }
                    } finally {
                        n = Y
                    }
                }
        }(), t.prototype).rE = function(R, n, k, q) {
            if (n = window.btoa) {
                for (q = (k = 0, ""); k < R.length; k += 8192) q += String.fromCharCode.apply(null, R.slice(k, k + 8192));
                R = n(q).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else R = void 0;
            return R
        }, /./);
    (t.prototype.Ax = 0, t.prototype).yy = 0;
    var be, Fn = A.pop.bind((t.prototype[Il] = [0, 0, 1, 1, 0, 1, 1], t).prototype[g]),
        Gu = function(R, n) {
            return (n = $z()) && 1 === R.eval(n.createScript("1")) ? function(k) {
                return n.createScript(k)
            } : function(k) {
                return "" + k
            }
        }(((be = J8(t.prototype.I, {get: (CX[t.prototype.V] = Fn, Fn)
        }), t.prototype).O9 = void 0, H));
    40 < (I = H.botguard || (H.botguard = {}), I.m) || (I.m = 41, I.bg = Dn, I.a = QB), I.bDL_ = function(R, n, k) {
        return k = new t(R, n), [function(q) {
            return fX(q, k)
        }]
    };
}).call(this);
#3 JavaScript::Eval (size: 22) - SHA256: 9bb0c662c12831d4a6a9d504b2534e28f08b91591da1303a05ad2b3e12a6e49e
0,
function(y) {
    xz(1, y)
}
#4 JavaScript::Eval (size: 64) - SHA256: cc158dc49db31ac40a09769c14f1e96ce12d8ee44ddb54a5321c32cd0536ef78
0,
function(y, e, K) {
    (e = (K = u((e = u(y), y)), y.u[e] && v(y, e)), V)(K, y, e)
}
#5 JavaScript::Eval (size: 22) - SHA256: 2ed176c7f9d5b3c8ca6ccdb0e994b6ddc34944c41fc4db7451fd7a3d27fed6f1
0,
function(y) {
    xz(2, y)
}

Executed Writes (0)


HTTP Transactions (158)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16256
Expires: Fri, 02 Dec 2022 13:51:58 GMT
Date: Fri, 02 Dec 2022 09:21:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5938
Cache-Control: max-age=96548
Date: Fri, 02 Dec 2022 09:21:02 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 12:10:10 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13221
Expires: Fri, 02 Dec 2022 13:01:23 GMT
Date: Fri, 02 Dec 2022 09:21:02 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 09:19:54 GMT
cache-control: public,max-age=3600
age: 68
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: +vfdhDeiwrdz9OsSjtejUoWQZM4Or2bxUhT8iV/vpXUOeVPdUgdXH8wAQ7YZX1fgrOGRRZUVA8H2jMyYSwtDGA==
x-amz-request-id: G9TPNSYFXFVRH5J8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 08:46:38 GMT
age: 2064
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 02 Dec 2022 09:21:02 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 09:08:57 GMT
cache-control: public,max-age=3600
age: 725
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /behold-bataan/pawikan-conservation-center/ HTTP/1.1 
Host: bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         162.240.12.240
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 09:21:02 GMT
Server: Apache
X-Redirect-By: WordPress
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://bataan.gov.ph/behold-bataan/pawikan-conservation-center/
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  data
Size:   20
Md5:    7029066c27ac6f5ef18d660d5741979a
Sha1:   46c6643f07aa7f6bfe7118de926b86defc5087c4
Sha256: 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5940
Cache-Control: max-age=91486
Date: Fri, 02 Dec 2022 09:21:03 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:45:49 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 22WzyrUg0QEClkk6U9D+kg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.187.71.185
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TQU5KDhl4yb0TcSPN/GXWwFWyfg=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14720
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 09:21:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14720
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 09:21:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14720
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 09:21:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14720
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 09:21:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14720
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 09:21:04 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:00:48 GMT
age: 12016
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6174
Md5:    b986f9fcbeca91ed5c8d58fbfaf47d19
Sha1:   6e6c8bd2bce144cc4da1cd7be375b046b60dca79
Sha256: 07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 41468
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2942
Md5:    b47431190f34eccf0a6efb98e2a32b7d
Sha1:   9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
Sha256: 08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 15495
x-amzn-requestid: 977cdbce-3a9c-4006-a5a1-5c4c82bd4a94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDIFxzIAMFzEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-4b2cb3a16ca745537a8caf8c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KnOx0PJ8BR9OoAzXfuWk_Je_yawqzY4isC0hYTZRvJ74YiVs8jqyIQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:25:42 GMT
age: 39322
etag: "f799dfd89a4f5a452dc837b8616549f578fb4184"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   15495
Md5:    82ea44d6cb116fb1f5752ce9bb87e345
Sha1:   f799dfd89a4f5a452dc837b8616549f578fb4184
Sha256: e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6752
x-amzn-requestid: f398ce98-353e-4783-aa42-dbf1ad036ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepE6roAMF4zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0753d209291e197e7c6422a6;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yQ2Oc2viJ7EoRW4QSMG30tsGK73zxYQsXKKcWP3vleI0CTBVRfB1Fg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:31:16 GMT
age: 38988
etag: "ea65ad98933ec58afa3fa5c7642491d77db7e6c2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6752
Md5:    f0fc684e61682c4078a82ee3d901ae52
Sha1:   ea65ad98933ec58afa3fa5c7642491d77db7e6c2
Sha256: 5e953012dba2b85cfda5befe2448ab87fbc2432a071e11a33b44be4f5148a4a4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tuKmV_nb4HVbqkhtCnZY3b33VB-bB6UxaBl6HsY_JgWesbUB8SPt-g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:09:38 GMT
age: 40286
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7334
Md5:    498ab4412ed5cf977bc23e4e870894b0
Sha1:   23753fe8af09ec8ffa10eed4d201a71833885c99
Sha256: 036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 41533
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7591
Md5:    d147ccb10bda82b153a596c3c967cd6a
Sha1:   ffd0763f997e71a8c1458523fc17cafe8849dfdf
Sha256: 1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
                                        
                                            GET /behold-bataan/pawikan-conservation-center/ HTTP/1.1 
Host: bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
link: <https://www.bataan.gov.ph/wp-json/>; rel="https://api.w.org/", <https://www.bataan.gov.ph/?p=917>; rel=shortlink
vary: Accept-Encoding,User-Agent
x-mod-pagespeed: 1.13.35.2-0
content-encoding: gzip
cache-control: max-age=0, no-cache
content-length: 26731
date: Fri, 02 Dec 2022 09:21:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (24775)
Size:   26731
Md5:    311e3ef83def4ea1d95f03f2139201b5
Sha1:   3db2ea9eb9ba19083b9f74d798822525f4a7f8bd
Sha256: 48be6784e71fd870c3c006e442cfd3c42b30328115aefc3eb074cee8cdf4f9a3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 09:21:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 09:21:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 09:21:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=Roboto+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CCabin%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 09:21:05 GMT
date: Fri, 02 Dec 2022 09:21:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1601
Md5:    52b4ae5ed8ea9fefd95b0df5059f1258
Sha1:   1dd1d596992fb684e71220d7ce8983f2843944a4
Sha256: e511c1efec99d596b5c3e5cd523ab5f7ba0076601f600fee17a1447f284a61a8
                                        
                                            GET /css?family=Nunito+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CCabin%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 09:21:05 GMT
date: Fri, 02 Dec 2022 09:21:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884)
Size:   1449
Md5:    25aa7cf0d81f1b88b2c5d699bb4a22d6
Sha1:   b7e592a9d22ff8b166bb5aa02e2477952e2f04f8
Sha256: b1f4d494de615796463c8c628dbc6bfa58083bbe31bb8411879ee8d5cd57411c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 09:21:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 15 Sep 2021 17:24:08 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 932
date: Fri, 02 Dec 2022 09:21:05 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   932
Md5:    b1eb322499f2dbc18499a9a46edd88fd
Sha1:   47213d17cb0eb45bd12ede49ee77e6c384b3664a
Sha256: e3ec4292fd6b24707fe8b93f5d423120dcbc25aa702e7d434749910f947e4060

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/document-embedder-addons-for-elementor/admin/assets/css/main.css?ver=6.0.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 18 Oct 2021 14:25:46 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 320
date: Fri, 02 Dec 2022 09:21:05 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   320
Md5:    f09e0f18bdc1c580e3925fcb2e01b4ed
Sha1:   12ff949b8e7572c9aaa383e182ba0e8b0a873498
Sha256: 08b1ab2d9967b97b965c767b1bd9125ef6b5d5da10f5a89914938c86eeecb4dc
                                        
                                            GET /wp-content/plugins/ova-dep/assets/css/frontend/ovadep-style.css?ver=6.0.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2869
date: Fri, 02 Dec 2022 09:21:05 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (314)
Size:   2869
Md5:    c52bd9364bd3d04de576e61e2c348fe3
Sha1:   94f93e48509b9719f74fb360bf4a05efd22e77a5
Sha256: 18eb0ca257284dc54beaf8c8e64c7afe64cd47e43ef271cce20a510546c0375c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/ova-portfolio/assets/css/frontend/ovapor-style.css?ver=6.0.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3416
date: Fri, 02 Dec 2022 09:21:05 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3416
Md5:    fdfa5f7384a293cc960cde611b1dabf4
Sha1:   414fb04d341b47ae7708aebc19682a002c1137bb
Sha256: 2074bcf1deee9792513ee5e08bcad64a8736db09098cd9e127d603e8f132073a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/ova-portfolio//assets/libs/fancybox-master/dist/jquery.fancybox.min.css HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: s-maxage=10
content-length: 3096
date: Fri, 02 Dec 2022 09:21:05 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12795), with no line terminators
Size:   3096
Md5:    18b46dae08e98971b16123ea48913d23
Sha1:   e0a1aa82445a38538413b488924613c44861c59d
Sha256: 62c06f2ea24cfdf0003164fca05560cc8b5333f6ef312016458e05ecbb7c8f62
                                        
                                            GET /wp-content/plugins/ova_doc/assets/css/frontend/ovadoc-style.css?ver=6.0.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1619
date: Fri, 02 Dec 2022 09:21:05 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1619
Md5:    ee6b71f0d26a26ff543d508b6f515f94
Sha1:   11921f73f02a6b90c27f0cb486d8ed03f22a0ae1
Sha256: 947651eb0b2323e044cde9fc575251841f497c20c83956e8a5805e53925f64c7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/ova-team/assets/css/frontend/ovateam-style.css?ver=6.0.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2656
date: Fri, 02 Dec 2022 09:21:05 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (769)
Size:   2656
Md5:    0b92776c3fe71c6e8a8fdf48d2c79e7f
Sha1:   bb90ea41730195d60461baf0d5e746bd121e132c
Sha256: 305eb393dad4176f0a81be6915475c7c7de8a8f0c97b86f74c72c6ac2616a222
                                        
                                            GET /wp-content/plugins/ova-sev/assets/css/frontend/ovasev-style.css?ver=6.0.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2156
date: Fri, 02 Dec 2022 09:21:05 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2156
Md5:    d93aef423ec901f615a1c461b023a4aa
Sha1:   64660776f121840adf06a09000bbb9b67c2f0f72
Sha256: 586213bac86fd5a5fb59ba0c7bf2f7a9d7525e283ca3210260269b4ff062e49d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/ova-events/assets/css/frontend/event.css HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 10521
date: Fri, 02 Dec 2022 09:21:05 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   10521
Md5:    037628e2d68f1bea00aae47cdae8c05d
Sha1:   7a3178b1a996d5224a3161f54d55c4a39d6b3790
Sha256: 904f1ddabb29ec4f50b03611a619ccac3e84ef5e2a6f175d71c9bf0986ac7e6f
                                        
                                            GET /wp-content/themes/egovt/assets/libs/bootstrap/css/bootstrap.min.css HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 07 Jan 2019 03:58:44 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 22237
date: Fri, 02 Dec 2022 09:21:05 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65324)
Size:   22237
Md5:    23d2daca08004223f200f86058ac338e
Sha1:   c58936e8bdcadd9d8a07093a2b2313c5e8fd9a96
Sha256: 2a0ad94656ea29dbb48ffec7fc40c5f94f380d220276775584e5d55d5e289612
                                        
                                            GET /wp-content/themes/egovt/assets/libs/select2/select2.min.css HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 21 Nov 2018 02:20:50 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2008
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15274)
Size:   2008
Md5:    3bad61ed7f9eae85246ae53b8dcde0cf
Sha1:   bd55db59343594fe88c4a0b9c795326e64512b77
Sha256: 9df75a65d3175b718a1b37a2bc67e39bf31ab297406a9ade0c1e8076725732b7
                                        
                                            GET /wp-content/themes/egovt/style.css HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sun, 25 Jul 2021 10:09:08 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 502
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (359)
Size:   502
Md5:    cbcd64d74db254fa00ea45912ed27c9e
Sha1:   877c14aa1682699d39f46986748236cf8e31d252
Sha256: 8107ac22470eefeb8234e8113cf648d68a96de34e2b45aa5f1f558d66d7af7f3
                                        
                                            GET /wp-content/themes/egovt/assets/libs/linearicons/style.css HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 17 Aug 2020 02:32:44 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1651
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1651
Md5:    7ab6a673d5e6fb9ea8e3ee4645c42493
Sha1:   38b4d86ba2ccd02ae25aaacbf3919a2e57c13c3b
Sha256: a4ad682d8cad87cb4d62a15777d23087b90e11b156ba5466e52563f2f17767b4
                                        
                                            GET /wp-content/themes/egovt-child/style.css HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 06 Jul 2020 05:50:50 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 301
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   301
Md5:    f8ed178277b09ad62ae7f41561f0d7c3
Sha1:   444924364a0d4030eb67356e0e8f4a946b4eca9c
Sha256: 97a577180a2f1457a2975749414df5cb474c1df1b5adb8cc07207082253a906d
                                        
                                            GET /wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 15 Sep 2021 17:31:24 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 487
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (404)
Size:   487
Md5:    b566374773edb1976c00e88bd8bbe5a2
Sha1:   ccae1c15da77c0bc505538194bab99f533242ac2
Sha256: b40127c7e30f9fe09743cf9493a89cd6752129f31fe468fa15cebdd83d9f0766
                                        
                                            GET /wp-content/uploads/elementor/css/post-6.css?ver=1660871083 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 19 Aug 2022 01:04:43 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 511
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1259)
Size:   511
Md5:    2d0208f495e9ec59187703b235da6951
Sha1:   9c2c11336670af0cf32838561fbac7ff2461f470
Sha256: 744c1895ec508ce571eccb9dcd89e8218b07b20040adee3b7dcce812c1186b5c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/egovt/assets/libs/elegant_font/ele_style.css HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 27 Feb 2019 07:06:14 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4517
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6610)
Size:   4517
Md5:    f0f7d96cf38de3c50695d85d0a093abb
Sha1:   e854ac124729b9a57035866031512003976c3158
Sha256: 2a7063dfe3505f652307daa9d02f1e2c225b5bbb15ded2e61941216086f0de7b
                                        
                                            GET /wp-content/plugins/ova-portfolio/assets/js/frontend/ovapor-script.js?ver=6.0.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2230
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2230
Md5:    5c37f9850721100ee81f03ca65b6f634
Sha1:   aaebf40c6e7247294ed6e37a903940dd7f5506fa
Sha256: 26c8f29966d1532e2796378983b62f52b18404b6dce9219b5ff192622cbe15de
                                        
                                            GET /wp-content/themes/egovt/assets/libs/fontawesome/css/v4-shims.min.css HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Tue, 28 Aug 2018 09:26:38 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4212
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26508)
Size:   4212
Md5:    75e1d3627a3b376273c8d9352a3a7cbe
Sha1:   0062247952c661e3ff477f2e67d2cc35a274eab6
Sha256: 3229c6e9fce29ef011abf1fcfa2609b94e78767a7bf89c8e8bef75bca4e17ebe
                                        
                                            GET /wp-content/plugins/tablepress/css/default.min.css?ver=1.14 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 05 May 2022 00:41:58 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2244
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5092), with no line terminators
Size:   2244
Md5:    fadb046ad02dc98892f8a102040a18ee
Sha1:   6fc3072fcbd94c7722145447bd3dc00f2458f8a6
Sha256: 926ee0e9d5a4ec3f859d7d49cf490a6a8f1694fef7df4bcc8de128123cf3eb9b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/elementor/css/post-917.css?ver=1660876409 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 19 Aug 2022 02:33:29 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: s-maxage=10
content-length: 266
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (825), with no line terminators
Size:   266
Md5:    e3a7bb5a2014b83453fb5de655b64776
Sha1:   5106b819af16b2cdc84211736af2cae703148eee
Sha256: 6d22bddcfcec8262a88d5079f6e2e639deecef6887ddcdc2c038b78604ebe1c0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.2 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 15 Jun 2022 21:39:12 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1646
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11362)
Size:   1646
Md5:    6abb3ee508ebccd7bfc5b451941b7401
Sha1:   0a5776d4b2b0ec1741f6cdadc546ddffdd53277a
Sha256: 8ef94743ab87617e55d72fd2b7828232cc26183d6d3610d9dc01e675f7d8b6f8
                                        
                                            GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.2.3 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 19 Aug 2022 01:14:05 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 829
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3432)
Size:   829
Md5:    ced8198d56ecbb539312dfad5e47d0ce
Sha1:   a9562a4832185c4919b9a5eb543515ee84528b60
Sha256: ba645225151f3241f315c483981bf08908a258c9517bf4e7e0b2732fd155254e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4169
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4169
Md5:    5629711d7fdd5b28441bac39b851299f
Sha1:   4e0bf2b7383097f7c352023a1b1b1b48a50356b6
Sha256: 44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/ova-framework/assets/libs/flaticon/font/flaticon.css HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1261
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1261
Md5:    311c32cf37c819e52818ac576deb17b3
Sha1:   df7e132c0cc9eccc13ec6bbc171128aad81a6e41
Sha256: 9e2834ef051ef7affeabe42c04770588cd9b5ccf8d4a15f79c9eb4727a23a61a
                                        
                                            GET /wp-content/themes/egovt/assets/libs/jquery-ui/jquery-ui.min.css HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Tue, 05 Jan 2021 06:11:34 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7607
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (29135)
Size:   7607
Md5:    c837196ecb9539abdc3d1a1f8018e918
Sha1:   0cefa5b4948cb9cc85b53f1e23add647bda9ee20
Sha256: c9ea7c0c8df4453debbcc78d9c4ab420f5f5a7bca6a930838feb8fdd8cc9257d
                                        
                                            GET /wp-content/plugins/ova-dep/assets/js/script-elementor.js?ver=6.0.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2177
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2177
Md5:    496784f529f4d1a51b35b5bf940bc20a
Sha1:   9587eb70e5d83d991ca2d8282f446ccdbfa271f6
Sha256: 8940a5612854ea09e00d4ecc4907564db7fbab45afa8b10c7ae23c046c1db00f
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sun, 14 Aug 2022 14:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 309
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (483)
Size:   309
Md5:    0ea43e394ddaae5fdb710dbbc8869e58
Sha1:   3b0c93adc80720236096201db5cc2751e703996d
Sha256: 85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/elementor/css/post-664.css?ver=1660871652 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 19 Aug 2022 01:14:12 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1253
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10284), with no line terminators
Size:   1253
Md5:    79ed65cf44aa61ea3e1b93a37da6a2a2
Sha1:   eff14a51700abc4c01976db1a4446cf18b6440da
Sha256: cc5f9782261a9e0821ee63177fef7444a666418f94875bb793cd061547a91ce7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/ova-framework/assets/libs/owl-carousel/assets/owl.carousel.min.css HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1068
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3184)
Size:   1068
Md5:    8864ff6a1198eecf45821c602593ff9a
Sha1:   c6097cea47ac44fcec94781f2af0110cb677ab0a
Sha256: 19eaae3fdfe574cd1b1cfd78d30633a4527bde9711dde88b467fe43ca854cda5
                                        
                                            GET /wp-content/uploads/elementor/css/post-230.css?ver=1666753966 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 26 Oct 2022 03:12:46 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2087
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14658), with CRLF, LF line terminators
Size:   2087
Md5:    0e4506077c00bae2addc70301c2d982c
Sha1:   368bb0190b7a25c7626deb8d838fb5135d9b91cf
Sha256: 5b21b74fbd0abce05392178c4b1090d6e51eb79f4ad2b6a422710525b299a4e4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/ova-sev/assets/js/script-elementor.js?ver=6.0.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1729
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1729
Md5:    6bcaf760a45047a2bcab680d97754ab9
Sha1:   66e86eccaa49581dd13476724cc419258fb235c4
Sha256: fe079376c164dff235221975bf9680c0aaa4d5cec8eca6be50edddaf38840cf6
                                        
                                            GET /wp-content/plugins/ova-portfolio/assets/js/script-elementor.js?ver=6.0.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1928
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1928
Md5:    ff83c3167837f18f477eaae964472b79
Sha1:   10373294e147b6f26ae2d1b4bc054e126e49c5a5
Sha256: 348d15726f84350eb1c25dfed2d55862304cd5cc76b530914201058c0ab5544d
                                        
                                            GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2457
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6475), with no line terminators
Size:   2457
Md5:    27cbbd0a9d7c5ad9402118c4afc36035
Sha1:   7659d08a005f5ecfa6c779e3cda45c30007fd059
Sha256: ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
                                        
                                            GET /wp-content/plugins/ova_doc/assets/js/script-elementor.js?ver=6.0.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1729
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1729
Md5:    6bcaf760a45047a2bcab680d97754ab9
Sha1:   66e86eccaa49581dd13476724cc419258fb235c4
Sha256: fe079376c164dff235221975bf9680c0aaa4d5cec8eca6be50edddaf38840cf6
                                        
                                            GET /wp-content/plugins/ova-framework/assets/libs/prettyphoto/css/prettyPhoto.css HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2769
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (402)
Size:   2769
Md5:    4f21ec76906e28e1c2194ea84546ed6b
Sha1:   85eacc0202364a6682bd58ee3f6680efc1420c7f
Sha256: 86534570cd150f56233dd6fb56369c299e76d93a751dc233c66d35d512a37179
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sun, 14 Aug 2022 14:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5555
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14891)
Size:   5555
Md5:    d9b412d62d7d9059ad76c35f082bc266
Sha1:   4b96ead63fb3cd58fd5d520682e36e91d942ec37
Sha256: c289abedb1b82c051b3f4b740fbc8e50a54ea343c0b4e334ed505d623797b163
                                        
                                            GET /wp-content/themes/egovt/assets/libs/fontawesome/css/all.min.css HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Tue, 28 Aug 2018 09:26:38 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 10603
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (48464)
Size:   10603
Md5:    031e29f87b257c8850d4bcfecdda66c9
Sha1:   d719d5c4d61a316983089901e8c6018c3fed3896
Sha256: 2d36d53c6c747c6fd49af485131057e4d449c10131321514c2cc1b128adc4d3f
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sun, 14 Aug 2022 14:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4229
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26516)
Size:   4229
Md5:    d74abcef3df71d56667a44693f75c454
Sha1:   be993a7b5c88a550ef0dc19c4841f240e41967f8
Sha256: 8c8fb98c0a68a93f2bcf224fcc1bdaa1095fc1b3f5418f2e2c5fddcfa3dee410

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/happy-elementor-addons/assets/fonts/style.min.css?ver=3.6.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 19 Aug 2022 00:36:37 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5315
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25442)
Size:   5315
Md5:    7559da0121e98f7e21071faaf4d8749a
Sha1:   d3d3e42639b915f6c818ee4dd84477fddf87eea7
Sha256: 4bcfb4fb0ffeabb858ee34e88724eb0066efb1cd6c82b7b33965c15aa1d8e6b8
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sun, 14 Aug 2022 14:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7052
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   7052
Md5:    2a2c987c48fb65bb0e78fa2a37120537
Sha1:   ede7a4d5da37f053251e8b8a33be2a23a660473f
Sha256: 3d3136cdfced0eee9b7766b7a17a591f6fb3ba480e71b8930acbea4db4ab71d1
                                        
                                            GET /wp-content/plugins/ova-events/assets/js/frontend/event.js?ver=6.0.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2256
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2256
Md5:    e01e215c777cdf3f0867fcd5fddfeec7
Sha1:   54703b38531b4d70290b95f93811fa6f9333627a
Sha256: 594e888ac284fe8976cabd959d43ac9c263029a42e3b7a1f6a46a17f24051fb2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/elementor/css/global.css?ver=1660871669 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 19 Aug 2022 01:14:29 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 9567
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (50767)
Size:   9567
Md5:    469f18345819c6c632539d07a5cadeb7
Sha1:   caa70c0549637d271acd50adad4b89cdf73b22f0
Sha256: 5f97316c235ac772a4cb033cefa2fe063541f0a95810dfc1b8a3163381c7734e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/ova-team/assets/js/script-elementor.js?ver=6.0.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2217
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2217
Md5:    96cba49a7856dc121900e912b5c0a524
Sha1:   24820ae6bcb7457a4fed8e1bd729f208f63e6cd4
Sha256: 88e80cd7bbd7eb9e6ac8da12c83e82bd22a957fb0b7307e667f13b535b631298

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 15 Sep 2021 17:24:08 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2164
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1871)
Size:   2164
Md5:    3032fcc6ba11ca091b5a86719f829f47
Sha1:   11cd6415926ec6ba618a8bbcf85dfc3eb28ba10d
Sha256: 0720cd210b757dc72acac3517fed894b350800a02f638efa46e0da6b37dc959b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 13 Jun 2020 18:53:26 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: s-maxage=10
content-length: 1834
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5477)
Size:   1834
Md5:    951ae46ca55ec7b0e401e2074bdf8b54
Sha1:   64bbbdc28a351b26cab9c230e134ca8eb4d4f83e
Sha256: fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sun, 14 Aug 2022 14:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 12869
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (59158)
Size:   12869
Md5:    d7913fc87c4606f82b4ee77a8d47fc2f
Sha1:   62a54acf7535ae53425b44dadfe5fdabf3d8300a
Sha256: bb05c88bb0b82e2f14f1efb94b4c3511292f74c3bb7cb0b104d300a42a49492f
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sun, 14 Aug 2022 14:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 12582
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57726)
Size:   12582
Md5:    991d00cd7cb62d50a29295522d554f1f
Sha1:   e128a5238f141e9c4da1979716108d858340fe03
Sha256: b8fcb61816168fc6a7ee01bb09fa4378398838dc6e4f49dc411872876355d113

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sun, 14 Aug 2022 14:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 14104
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65497)
Size:   14104
Md5:    2a31973db73ad2289ddce35a11553d8b
Sha1:   02bdde9c570d9d0c9c09c334a86a22bbb1148fb7
Sha256: 1031715d50efa25bc415296463206570a649b31c66d2acc1a693622cbb4a1b91

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/ova-framework/assets/css/style-elementor.css HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 18064
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (367)
Size:   18064
Md5:    3c009ae25c73dd30d96e0097a6591ca9
Sha1:   4220cc5b1e56fe55faa4ba8d72167fcc23e54e80
Sha256: 923a46cb520f0c2470cb4fe8c78113bba23b6d949debe387fb39223aa3de14a6
                                        
                                            GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1661
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4875)
Size:   1661
Md5:    320b86bb1a9ce650a5e3553b2bb1c430
Sha1:   c56e8668b398641ed5cdcfbd8a8eba7d631cdb9c
Sha256: c9ebbb8d122c6be3880d18172abfe308bb07db900689484fa765a73b8b20b3ec
                                        
                                            GET /wp-content/themes/egovt/assets/css/theme.css HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 03 Jun 2021 05:14:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 27075
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (398)
Size:   27075
Md5:    1dbcb68e2e54f745f412be7c340d3a38
Sha1:   48b26903e1ad7d48a6b756c6be193df416c22f40
Sha256: 12f73377a2e97729f6d42370891d5148d0c5e36d08a3cfb1459961c9269969f2
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 30908
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30908
Md5:    9640915738503451aa21181699feab5b
Sha1:   c053eaf36ef0da96619706b3abda326305063bd6
Sha256: f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
                                        
                                            GET /wp-content/plugins/ova-events/assets/js/script-elementor.js?ver=6.0.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3311
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3311
Md5:    d9d39ce9bb6e0e6010bdbcf8074364f1
Sha1:   af239377a0842e59fb52a05698ec0ab6478b5322
Sha256: 8a9d6af14000327031b81f0aab1ca13eb442fb4db8576b7635e523a24fb25a51
                                        
                                            GET /wp-content/themes/egovt/assets/js/script.js HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 03 Jun 2021 03:41:00 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3502
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3502
Md5:    575a000142547d5305299ed37e90feab
Sha1:   c5efaebf6f546e22e46c7e6e70e1692ba6895519
Sha256: a9409f8a5d5ba56799a98f442ca76397a19609d8d50800bcd1edc52d2bdd201d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.2 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 15 Jun 2022 21:39:12 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3688
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5163)
Size:   3688
Md5:    50fb653e21fa661e62822f2dba3b174c
Sha1:   bb6659addce34563639fde4ae902dd11e2fdef54
Sha256: 27fb244e8252b305797c40d4d488705fcd1aa8c8d7aee492671d3351fd8c399a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 12 Apr 2022 15:12:46 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3865
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3865
Md5:    ca0cf10a1d933e4262c732da8f9008c1
Sha1:   d6fdc041e650cf096841671884db8854490dba72
Sha256: fbd145cb64d3185e42b8a3f6fff22b3e4cc3550934b63a4f874c21c44f920702

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sun, 14 Aug 2022 14:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3506
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4940)
Size:   3506
Md5:    74344b610fe0fcb1c610df7dd1f1da85
Sha1:   a772d73fa466af79f7087dc5f3dbf74825775f96
Sha256: e3cce40f13c81751c407e05f84107a7f671b907dbefc8ce77328c57bfc40b1aa

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3914
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11760)
Size:   3914
Md5:    b3b756ae23b641be60b9eba0ddc7c3d8
Sha1:   99899b4cd589abe27cc9aeea1ecc0266b8775876
Sha256: 1da4297afc5955b4da0d89cc26246ffd4e2f04e5360467b4a12da5dc7edf9f27

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.2.3 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 19 Aug 2022 01:14:05 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4161
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8038)
Size:   4161
Md5:    dd1914883197fd6fc44848e429528fab
Sha1:   efe2c7caa3c38f2fd64a333f6e4f2b07bd2a9bcd
Sha256: c0a7d4f39a4183e6a2ec18028964dfd5683d250de2bb9c8e2e9ebd6d4e8aa5b2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 18 Mar 2022 07:48:15 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4013
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7889)
Size:   4013
Md5:    60929e1111c27364ab283114fa8dd499
Sha1:   258caefce6172870e5bcaf30a58ca6e59188f3b8
Sha256: 9333a6cb933a26794e89ef76e578ca3696da23463b69dd398988fedb2e4dd70d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/ova-framework/assets/js/script-elementor.js?ver=6.0.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4335
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   4335
Md5:    e733128df558e234d239d6fc573b82fa
Sha1:   45b953b159505f76a22b73fd96e898a6ab284c39
Sha256: f53216a94ba1049b309abf6430211d540b893446dd91c6e6a21785f5424bd85b
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sun, 14 Aug 2022 14:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4313
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12220)
Size:   4313
Md5:    3a3a6aed99826d28c73606021d697ff3
Sha1:   464d576941c84235e9065d0468aa5bd840630a3a
Sha256: 2b9e609792bc5aa920ee08d4b175729819480928a46818192ddb6af5a24fabb7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 15 Sep 2021 17:24:08 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5397
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13009)
Size:   5397
Md5:    1bbb93306cd382da0185b37b569197e9
Sha1:   d5b09c90edac92aeba3fd20e144d69ae4d9177d7
Sha256: 9cd723a93b37088d916a0720fc864dd55c3ed57595f74ba6b0eda91276cc4311

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/ova-events/assets/libs/calendar/underscore-min.js?ver=6.0.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7162
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16194)
Size:   7162
Md5:    7e0271e95b102409de1af4d16fbb41df
Sha1:   a2423df8e84c1851e65f5286609ba53e897c1e4a
Sha256: abdfb898ba47840dff631d09f9659df3fc68a1ae0074ad925716152164f9ebf8
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6914
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8189)
Size:   6914
Md5:    7e2b78a6e8a9b90385330755ee1cf3e5
Sha1:   684c325f39d45e42ae44a9e42f5e9fe4fb0b909c
Sha256: 43f124dabb4bc663cc1cc8d3161c1e6365cf8445d873ed5d69bbfdb507cf24a9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7095
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Size:   7095
Md5:    2f4fcc5a628b379672d76b7e91cbdf07
Sha1:   9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
Sha256: a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.2 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 15 Jun 2022 21:39:12 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6965
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (24361)
Size:   6965
Md5:    a78c77feb8902624c045a419db8c5ac3
Sha1:   d4de0f75749a1af9fc1b2fc8f2ab6140646e7cd7
Sha256: 8a594ebd5ecac7ddc8d4b9de4248beeb91d5f9aeaf22918585c11f389115f031

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.2 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 15 Jun 2022 21:39:12 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6969
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21186)
Size:   6969
Md5:    3d62cddfebae56586d88a045c7b3040f
Sha1:   d60919266a32e29f41007186205c34057b275266
Sha256: 324cfbdfb4aa5d53a34e06cb4f191a5fcf4e6fa4b6b3d63322781937d1f2f7b3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/happy-elementor-addons/assets/js/happy-addons.min.js?ver=3.6.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 19 Aug 2022 00:36:37 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 9854
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   9854
Md5:    7053bade3ddb09469703e17d45398e86
Sha1:   335968be675a33478b238eae4706729f41e1d45a
Sha256: 14b3c8c3afb6aad1c3c0fffcaa83278422fa3a79719c63669e3fbd3af293102f
                                        
                                            GET /wp-content/plugins/ova-portfolio/assets/libs/isotope/isotope.pkgd.min.js?ver=6.0.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: s-maxage=10
content-length: 11196
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32019)
Size:   11196
Md5:    0dd1ef745a22def666a40112f52dccf8
Sha1:   fde9a3fd56bd22b8f3aa5a440c0bea54377a08f1
Sha256: 4f1fc854368601a5c6c998f4b1059db228d3184f8f0fb7281be692e5b45a18fb

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 10897
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (36560)
Size:   10897
Md5:    01c8b2443d039a1bfcd1636ba1a4ed1e
Sha1:   aa8f6ae060067210f9172204c244e48d925fd7c0
Sha256: 3ead9dd682f597ca6ad784b9c990ee20c6524b267ef54d4bd232ad5eb733a7d5

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sun, 14 Aug 2022 14:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 12071
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32911)
Size:   12071
Md5:    1139f667aac686ad65e64f044ae23683
Sha1:   9c90fa9fcb7fd66880f03e5b6b9a16be8a7937d9
Sha256: b1f53a698deb78cdd82f7aae944458a14b6daa7e70be4ea1148a89cffa55c1c3
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sun, 14 Aug 2022 14:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 13358
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (40485)
Size:   13358
Md5:    70eb26eb94968dd41f7c219b14a9e237
Sha1:   386f73eac43188bfa6d3914ece7b72732ef6393c
Sha256: 2138442bce1efa4a0fc31ee57fc7ecf5d130f1af77ebe7a0097684ba348159d6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/dist/vendor/moment.min.js?ver=2.29.2 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 12 Apr 2022 16:52:22 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 18523
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (58023), with no line terminators
Size:   18523
Md5:    0f48c2ccae9163e0051f6a9c5246933b
Sha1:   80b59a11c28e3e9e3b966cb8a014f713df082c19
Sha256: d1ddaa0039c2442bb4de110d30d6a86df7b8a0d22a3813ca2fe96b06175b6552

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/egovt/assets/libs/select2/select2.min.js HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 21 Nov 2018 02:20:50 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20731
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (64217), with no line terminators
Size:   20731
Md5:    114c653e345634927f8fea69edc1cfaa
Sha1:   de482cd4514ab02ede1bdb628ed64cf15cf5e28b
Sha256: ff5d2ff703c00aa61ebc25fd982f3f9395376ff78958ceb23805ab6879347bf3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/happy-elementor-addons-pro/assets/js/happy-addons-pro.js?ver=2.4.0 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 19 Aug 2022 00:36:47 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20825
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   20825
Md5:    e6a7c777d12e69f2ca51f48480d844f8
Sha1:   7283edc1c1684c209b7687d4883781904c452f0a
Sha256: 1b83f252289158e3b34d592d4f6c2b9e5c04c5f757616712f2c2ad96322554e8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/egovt/assets/libs/feather.min.js HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 22 Oct 2020 02:31:00 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 22004
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (61490)
Size:   22004
Md5:    98daac5988a6acfd469151665803471d
Sha1:   eaa7a3c65f7ec876da7fa26ba2a7155498bbb26a
Sha256: 2801e38bc669197834f7f678a3e79d6af8b0194c7aeaee0d40a6567c762e610c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/egovt/assets/libs/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 23 May 2018 07:24:46 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 22000
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65297)
Size:   22000
Md5:    04b071b581f6f58476e880c7bb068a43
Sha1:   81aee23960795503fc697a00c8e1ae3e628bbe2e
Sha256: a1ccdcfabd3353ea59d6e244cc5a183381d69d43cc66dffb723f23d219a0fb53

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/ova-portfolio//assets/libs/fancybox-master/dist/jquery.fancybox.min.js?ver=6.0.1 HTTP/1.1 
Host: www.bataan.gov.ph
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bataan.gov.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         162.240.12.240
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 15 Sep 2021 17:24:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: s-maxage=10
content-length: 23343
date: Fri, 02 Dec 2022 09:21:06 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (31972)
Size:   23343
Md5:    a4c84583eb3ee75927a38e0578412fbc
Sha1:   bc8f478eba722530e2ad1a78b7d6b6e6fd8a15b4
Sha256: b1467e3a1d9c52546e81634ae260a760a0f7a622d6371712f90bcb68e0073907
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 09:21:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 09:21:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bataan.gov.ph
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 136033
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bataan.gov.ph
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 22:14:50 GMT
expires: Wed, 29 Nov 2023 22:14:50 GMT
cache-control: public, max-age=31536000
age: 212777
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Size:   15660
Md5:    d7b0b953a50fddaa88089b5b787cf719
Sha1:   2f85bc568b27659a3d6452f58f9fd7678450326d
Sha256: e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 09:21:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 09:21:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bataan.gov.ph
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 02:44:38 GMT
expires: Wed, 29 Nov 2023 02:44:38 GMT
cache-control: public, max-age=31536000
age: 282989
last-modified: Mon, 09 May 2022 18:31:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17324, version 1.0\012- data
Size:   17324
Md5:    51ca5ce70497b58a8cc96b2b26ce2e19
Sha1:   7eb7e4f38f8ebe09b504f6dcc3226a8de63a9042
Sha256: 6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3
                                        
                                            GET /s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bataan.gov.ph
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16980
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:43:01 GMT
expires: Wed, 29 Nov 2023 15:43:01 GMT
cache-control: public, max-age=31536000
age: 236286
last-modified: Mon, 09 May 2022 18:33:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16980, version 1.0\012- data
Size:   16980
Md5:    8a97f720d330e75ccdbda9ae0e9f5e90
Sha1:   8e4fee916581ab48d385187705667cebc7500afe
Sha256: 97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bataan.gov.ph
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 136012
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size:   15740
Md5:    b9c29351c46f3e8c8631c4002457f48a
Sha1:   e57e59c5780995ff2937ab2b511a769212974a87
Sha256: f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
                                        
                                            GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bataan.gov.ph
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:12:20 GMT
expires: Tue, 28 Nov 2023 21:12:20 GMT
cache-control: public, max-age=31536000
age: 302927
last-modified: Mon, 09 May 2022 18:33:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\012- data
Size:   17156
Md5:    7e344afc10a492d516789f072fa6edfd
Sha1:   f38bd0b4e9d0577528f533b8ecd80801a0c6340f
Sha256: c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bataan.gov.ph
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:42:34 GMT
expires: Thu, 30 Nov 2023 19:42:34 GMT
cache-control: public, max-age=31536000
age: 135513
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Size:   15752
Md5:    b20371a6daf29d4a1f2e85dbbf40fb20
Sha1:   0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
Sha256: 7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
                                        
                                            GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bataan.gov.ph
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 23:53:10 GMT
expires: Sat, 25 Nov 2023 23:53:10 GMT
cache-control: public, max-age=31536000
age: 552477
last-modified: Fri, 24 Jun 2022 18:41:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 26100, version 1.0\012- data
Size:   26100
Md5:    312bcfa92b0b0a09c3f404b2c662a0b6
Sha1:   5398ff9ee3c10bffc54e3a9f7e5e7506a822b38a
Sha256: 979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bataan.gov.ph
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 136012
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bataan.gov.ph
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 136031
last-modified: Wed, 11 May 2022 19:24:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response