r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4500
Expires: Mon, 26 Sep 2022 06:24:07 GMT
Date: Mon, 26 Sep 2022 05:09:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 04:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fxP_0AwF_4yhMR-spIU_ttRIc7rV50oS7pAMoQUFK7z0XhyyfyNs5Q==
Age: 3229
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b3e81b5bd7bd8e12288a8159e44ceb3f
977945964ffcbf49ac78f840db9da822c50c82f0
4721814da286852318f7ebf9857bd4bf01f0beea2c9eb7ddb9f290e3fa472232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4721814DA286852318F7EBF9857BD4BF01F0BEEA2C9EB7DDB9F290E3FA472232"
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11627
Expires: Mon, 26 Sep 2022 08:22:54 GMT
Date: Mon, 26 Sep 2022 05:09:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LTxsVAMIr+VZ76r0RRTNiWiLeV6lxy35SBpVl7r16hqptFNn1feoXdrFBmT7O/uBrgs9bhHU8cI=
x-amz-request-id: ZPZ80BK1M84YXJE5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 26 Sep 2022 04:48:34 GMT
age: 1233
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 05:09:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 26 Sep 2022 05:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 26 Sep 2022 05:22:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: r3Jotw4UTuidv5xyZbaM6eaYOvEJVN5kAZnRSJTRrQv2qocj0MaQXA==
Age: 709
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4287
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:09:08 GMT
Last-Modified: Mon, 26 Sep 2022 03:57:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:09:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
142.250.74.138200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32065)
Hash 6d973c8b7e2439d958e09c0a1ab9fe50
05ae0830200c20b9a2dfd5a825adc400481a60fb
f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.devexhub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 05:22:45 GMT
expires: Mon, 25 Sep 2023 05:22:45 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 85583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.43.46.140101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.46.140:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oJZAAHVAGP5XZ7VD1VM4CA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vF2a3LDr9oB7XTQvgwtIAUxM71k=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:09:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.devexhub.com/ppc-services
103.53.43.17200 OK 249 kB URL HTTP/1.1 www.devexhub.com/ppc-services
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (34434), with CRLF, LF line terminators
Size 249 kB (248809 bytes)
Hash 49ce6fd11475884617ba577a63b51086
fbba0c5c268d8892d067c25e8afbc74bd1cbd3a2
d8fa11b941cc5771ea39e3a72fccb8263bf1d8c8472e4c33d062ad95b971376a
Analyzer Verdict Alert fortinet Malware
GET /ppc-services HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 05:08:59 GMT
Server: nginx/1.17.6
Content-Type: text/html; charset=UTF-8
Link: <http://www.devexhub.com/wp-json/>; rel="https://api.w.org/", <http://www.devexhub.com/wp-json/wp/v2/pages/889>; rel="alternate"; type="application/json", <http://www.devexhub.com/?p=889>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
Accept-Ranges: none
X-Server-Cache: true
X-Proxy-Cache: MISS
Transfer-Encoding: chunked
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 650b6e71248092b05b7f35e8703da4fb
a675c71ea7c50c6a3576eb9626630b0445016d32
122a0ec921f9b9a6b845d4f75df0a4d950f2ce3c34a79cecc67d80962255c1ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4192
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:09:09 GMT
Last-Modified: Mon, 26 Sep 2022 03:59:17 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1db3e1d6bf7a5e2d0c87eab75a6e52fe
b923a169beb9248ea6a5070a04b57bc0aa44799b
f35aafc9c21937ac03d9b711aa18ef518aaaec6d0f9dbcecb42f757a0e70915c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:09:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
polyfill.io/v3/polyfill.min.js?version=3.109.0&features=Array.prototype.find%2CCustomEvent%2CElement.prototype.closest%2CElement.prototype.dataset%2CEvent%2CMutationObserver%2CNodeList.prototype.forEach%2CObject.assign%2CObject.keys%2CString.prototype.endsWith%2CURL%2CURLSearchParams%2CXMLHttpRequest&flags=gated&ver=6.0.2
151.101.193.26200 OK 101 B URL HTTP/2 polyfill.io/v3/polyfill.min.js?version=3.109.0&features=Array.prototype.find%2CCustomEvent%2CElement.prototype.closest%2CElement.prototype.dataset%2CEvent%2CMutationObserver%2CNodeList.prototype.forEach%2CObject.assign%2CObject.keys%2CString.prototype.endsWith%2CURL%2CURLSearchParams%2CXMLHttpRequest&flags=gated&ver=6.0.2
IP 151.101.193.26:0
Hash 62d93342fdf65b194cf154a43e2b61d8
d4bb66f3550b32e864e0acaaa0195cf6ba752f04
e457929cb4608cdef3c3e180d8e71dad05da40d045e84d70e31ed8601bb4f5ec
GET /v3/polyfill.min.js?version=3.109.0&features=Array.prototype.find%2CCustomEvent%2CElement.prototype.closest%2CElement.prototype.dataset%2CEvent%2CMutationObserver%2CNodeList.prototype.forEach%2CObject.assign%2CObject.keys%2CString.prototype.endsWith%2CURL%2CURLSearchParams%2CXMLHttpRequest&flags=gated&ver=6.0.2 HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.devexhub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=utf-8
last-modified: Wed, 21 Sep 2022 18:47:57 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/96.0.0
date: Mon, 26 Sep 2022 05:09:09 GMT
vary: User-Agent, Accept-Encoding
server-timing: cache-bma1680, PASS, fastly;desc="Edge time";dur=12
content-length: 101
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 92e6cd3d8c8a6ebcea2f6f670492d0a9
b52dc6b05a5d99c0817bda4ff588539ca54d74fb
e9ac862a82be025d95b20186ecdd6814cdd1e9e8bdaf3db342ec79076a5ad8c7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3169
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:09:09 GMT
Last-Modified: Mon, 26 Sep 2022 04:16:20 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.css
104.17.24.14200 OK 1.1 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.css
IP 104.17.24.14:0
Hash d07006efff5c8b17361e377529d02dbd
c55b5d1c218c26788ae359494f8baeb0b57faea4
63446e1f575aa9c52a6b9f8e851ddce87862443ebe2e73bf4f897f4dcb38f3c4
GET /ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.devexhub.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:09:09 GMT
content-type: text/css; charset=utf-8
content-length: 1136
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-1288"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 4612528
expires: Sat, 16 Sep 2023 05:09:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQ%2Bodr%2Fipg3kr5sOVDOwMvE3oA5lGTrqbKT9XjinWnQm4HyYuwE3v3mFIjoM977SH%2F0yo%2BZTockK2bldtc32Na9kBYi6nWO%2BTKQLwKU7yUjVznO94TcICkeBcWPiM5Ng8tvUz4P7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75097c5fca13b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.css
104.17.24.14200 OK 439 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.css
IP 104.17.24.14:0
Hash 32fcb18855701531fd034b8fc41e048a
b7a4a9c97e09f3f16751dd3bd08c47d40fbca43b
8251c216c17bcc5a7d41eeb9a02ee64084dd9f26c788aea528abb2d804fa06ef
GET /ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.devexhub.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:09:09 GMT
content-type: text/css; charset=utf-8
content-length: 439
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-564"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 287682
expires: Sat, 16 Sep 2023 05:09:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NEKPeCmiBDfEoFGzRc4KO1hl0Zw3RE%2FeHFCdGI2nbhHeGLA%2B2NJYOMDgo8riaQuvZCmIyBd8Pk4gBXJuC2072KxQ%2BxcY93P1gUu6q5oiHuLQIuHz4AGozzkiHJOiYYctVQi40Luo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75097c5fda25b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 650b6e71248092b05b7f35e8703da4fb
a675c71ea7c50c6a3576eb9626630b0445016d32
122a0ec921f9b9a6b845d4f75df0a4d950f2ce3c34a79cecc67d80962255c1ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4192
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:09:09 GMT
Last-Modified: Mon, 26 Sep 2022 03:59:17 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js
104.17.24.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (31997)
Hash da09af9c30411ac4ea58fa932c2bcdf1
3021a222be0168efcad5db279a305485935aeff5
19e819601b91eb75c0609dd6343a344f280a94b83e06e58595bafff5b12ca7f4
GET /ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.devexhub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:09:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 10158
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-ad36"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7213064
expires: Sat, 16 Sep 2023 05:09:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErI8fR1%2BtbOJCsJ90%2Fsqjqf4kJ%2BFulJEtOgR4BG9RQ4MuBjnm7rD0gPA4G1XNMbQTovMe4jO1R5yEhpNs49z%2FYEL%2BYzggrk0CrnS2KfM7p3qZ8kRo7yzxhpFfvDwSTy5SBvwkxKn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75097c5fd97bb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-158363032-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-158363032-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 3c8d46be6bb046650d0f196a0bd69464
61bf47a6ea7c8730e624aee7f12332d4b925fe7d
24506b032e4609f2a03c6eeff1ba1ae8cd35d359d91e84e9233c0d7ebcd68f10
GET /gtag/js?id=UA-158363032-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.devexhub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 05:09:09 GMT
expires: Mon, 26 Sep 2022 05:09:09 GMT
cache-control: private, max-age=900
last-modified: Mon, 26 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42264
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1db3e1d6bf7a5e2d0c87eab75a6e52fe
b923a169beb9248ea6a5070a04b57bc0aa44799b
f35aafc9c21937ac03d9b711aa18ef518aaaec6d0f9dbcecb42f757a0e70915c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:09:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.devexhub.com/wp-content/cache/autoptimize/css/autoptimize_single_70f101e79c861f465ceb92dbf682dc44.css?ver=1652360718
103.53.43.17302 Found 312 B URL HTTP/1.1 www.devexhub.com/wp-content/cache/autoptimize/css/autoptimize_single_70f101e79c861f465ceb92dbf682dc44.css?ver=1652360718
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 73beea65a34c30f4b87ff8518d588f4b
93593a5de3e62a3b0511cbd81e7671ccf0eee7da
5d808c9232e9b34c1a273b80731cb3e6260b5df821c5cc6e49962b7af1e07476
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/autoptimize/css/autoptimize_single_70f101e79c861f465ceb92dbf682dc44.css?ver=1652360718 HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.devexhub.com/ppc-services
HTTP/1.1 302 Found
Date: Mon, 26 Sep 2022 05:09:09 GMT
Server: Apache
Location: https://www.devexhub.com/wp-content/cache/autoptimize/css/autoptimize_single_70f101e79c861f465ceb92dbf682dc44.css?ver=1652360718
Content-Length: 312
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.devexhub.com/wp-content/cache/autoptimize/css/autoptimize_single_4a392d0e2841bb06a54c6ff093cb1f19.css?ver=1652360712
103.53.43.17302 Found 312 B URL HTTP/1.1 www.devexhub.com/wp-content/cache/autoptimize/css/autoptimize_single_4a392d0e2841bb06a54c6ff093cb1f19.css?ver=1652360712
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 171bb9b31e057af2ba43f63a28dee973
cbc37742e08e45d0826ce7b587e451104f363ebc
2443202d4c3cc6b0aad8d9f8e4a42857bcf86ac20519f531ad83c787cb520d76
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/autoptimize/css/autoptimize_single_4a392d0e2841bb06a54c6ff093cb1f19.css?ver=1652360712 HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.devexhub.com/ppc-services
HTTP/1.1 302 Found
Date: Mon, 26 Sep 2022 05:09:09 GMT
Server: Apache
Location: https://www.devexhub.com/wp-content/cache/autoptimize/css/autoptimize_single_4a392d0e2841bb06a54c6ff093cb1f19.css?ver=1652360712
Content-Length: 312
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
use.fontawesome.com/releases/v5.15.3/css/all.css
172.64.133.15200 OK 13 kB URL HTTP/2 use.fontawesome.com/releases/v5.15.3/css/all.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (59158)
Hash aceb3a6ac0f0d258934de1db05b1e47f
2ee8889c4cfeeeae8fb8f3435c2cd1600f6e2ca7
40d4625d55527ece707b54abc2bb9d0bf80cd76adfef49760465059f045bbcf1
GET /releases/v5.15.3/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.devexhub.com
Connection: keep-alive
Referer: http://www.devexhub.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:09:09 GMT
content-type: text/css
x-amz-id-2: TYKxrmMfOIbFubBL0pFqty72W1urJEn2yRQuBVMOrb8TArMu8pkV3DjKhMpGvYyG2jWA5kJYQus=
x-amz-request-id: X21HJEXKNC9E18MY
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:41:15 GMT
etag: W/"74bab4578692993514e7f882cc15c218"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWyhrGo8nFDRF3I6qwQ6fuvT4Imniojy4Ld7kA5Tcxi%2FGA81c4mqOWpmqfiz2driDoTYovwMYGUU8am7L6MSoweVNsSKJMxw%2Fwy3rGq5CTHVFx7TYxNHxPdNmMwslfWCiZBko3z0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75097c5f7da19b86-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?display=swap&family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CJost%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
142.250.74.10200 OK 2.4 kB URL HTTP/2 fonts.googleapis.com/css?display=swap&family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CJost%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
IP 142.250.74.10:0
Hash 409cfab1a45ecec606226207c8decdba
fb0cc12a3f7bf033c42ea4b96a077d5046263832
d310a952a05e775e7686f1f9a8c7efc9fc3b4fcabe35eb57e8bd3668f7aecfac
GET /css?display=swap&family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CJost%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.devexhub.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 05:09:09 GMT
date: Mon, 26 Sep 2022 05:09:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.3/css/v4-shims.css
172.64.133.15200 OK 4.7 kB URL HTTP/2 use.fontawesome.com/releases/v5.15.3/css/v4-shims.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (26516)
Hash 6e9eea4bf3e72a96b3ccac504981e76b
81f6d9f44a4681e96d3c16aa56c253d3e6140e27
e82054a4b80f58066b39c944471b89b1e3cb86c2fe2bc20119389024b0dd5f4a
GET /releases/v5.15.3/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.devexhub.com
Connection: keep-alive
Referer: http://www.devexhub.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:09:09 GMT
content-type: text/css
x-amz-id-2: ezx6+emfoOYRyF1Gi9hPVGb1vE4ME+u7QiMegHRYbQwf6fCJfJXQEExlW3NJ2A5gAw6fkN5Od8w=
x-amz-request-id: X21G38WAB06NW3D8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:41:15 GMT
etag: W/"c55205bce667f5d812354fd1353e7389"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSNhASiCjThkRsJjVJU9SnOInuT71LC3ZaRyn8qUg57zMAPuJhp2X4uVcrIcKXZ1UNfHaXy6h%2BGL0ADCU2ltO90UthyG28U0HVsv3gQaZQwLer5GTeRDWS%2FH4a84znKaKGNnqc8x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75097c5f7da79b86-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7679
Expires: Mon, 26 Sep 2022 07:17:08 GMT
Date: Mon, 26 Sep 2022 05:09:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mToVKJcSAtJB1AOuQ-Y9o_EZzyhUuZJivVa3DLql5FwzK4NC82kh5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:06:17 GMT
age: 25372
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=2.5.5
104.18.10.207200 OK 18 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=2.5.5
IP 104.18.10.207:0
File type ASCII text, with very long lines (30837)
Hash 889d970ca81241a925117235c1bca71d
02226cd42024bcbcfdce60636df17aa63473cca8
caf59903acc572958bff16420d6cb6d2584a8884372c9ecfa1eba89c74105edf
GET /font-awesome/4.7.0/css/font-awesome.min.css?ver=2.5.5 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.devexhub.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:09:09 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-06-08 14:35:32
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
cdn-requestid: 3399b5ce854889a89b4d9e63354ae037
cdn-cache: HIT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7212149
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75097c5f6b7db4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.5.0/css/all.css?ver=6.0.2
172.64.133.15200 OK 24 kB URL HTTP/2 use.fontawesome.com/releases/v5.5.0/css/all.css?ver=6.0.2
IP 172.64.133.15:0
File type ASCII text, with very long lines (51030)
Hash d9460eb12578049c582699838d281772
b2d0eaa74dc948cf65464b0b1e007240e792dd9b
34ec6716fd75a475e5d2ae615aff0935849f799517d3824a2a4a2799f2a2d7c9
GET /releases/v5.5.0/css/all.css?ver=6.0.2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.devexhub.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:09:09 GMT
content-type: text/css
x-amz-id-2: 7htWlhF9h8J7biSNI2G5x+7LbMhOzyog2BLy6kFkxO7XPrIOkIsNiLaELAnKKX7qzVvm481rW7w=
x-amz-request-id: BNS7B1QJZG5VSR20
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2280821
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvK1UZOfaga%2F2ZGAXYVm15OIY4Ss%2F%2FO6d55fOqIyCwWc9AqdOmNm%2BeVaGKnle32QCQ8ibn37k3jjCoPlQZzcGGc6p99QtwR9WeUS0xGrmMexkEYypnBkJVi9Xd8YvprIGWXeZuM5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75097c5f6e589b21-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?display=swap&family=Josefin+Sans:wght@200;300;400;500;600;700&family=Jost:wght@300;400;500;600;800&display=swap
142.250.74.10200 OK 8.7 kB URL HTTP/2 fonts.googleapis.com/css2?display=swap&family=Josefin+Sans:wght@200;300;400;500;600;700&family=Jost:wght@300;400;500;600;800&display=swap
IP 142.250.74.10:0
Hash bfab4cf96fa83d3b7612006d134e9c16
cfccd4f01ba52588f0f088107f96b7c379d10e48
738371f31ab30604f1505d1292c09fe06c5e9260387442ea80f4f913b71fc3ef
GET /css2?display=swap&family=Josefin+Sans:wght@200;300;400;500;600;700&family=Jost:wght@300;400;500;600;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.devexhub.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 05:09:09 GMT
date: Mon, 26 Sep 2022 05:09:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d79a3a5bd7dc7aa6cab306176fafd11
0d5cb1f3e3ea510308034a5e569c0e65fae30835
57979dfcf6fdc76f04e4790c2b94b876e188ac780aa49d9bfc8a58c498dc4203
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7185
x-amzn-requestid: e7b997d7-f9ce-40c6-b9bb-372ee10d8ad0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTAfEX5oAMFcHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb9c-31e295e33ead940f381121a1;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:43:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p7rimTrmOgUnwPuESSKSrsWlzhiSBJYx9h8XIacxP8DUyyvXye2iyg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:49:56 GMT
age: 26353
etag: "0d5cb1f3e3ea510308034a5e569c0e65fae30835"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZRG0Axnhc5RY5rDbnnbauco9dpPeFdkP01UxkpNYI5pgSbfGKWcikw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:16:26 GMT
age: 24763
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.devexhub.com/wp-content/cache/autoptimize/css/autoptimize_single_3a80e208073a48f637c2c7bed9c5d610.css?ver=1656651920
103.53.43.17302 Found 312 B URL HTTP/1.1 www.devexhub.com/wp-content/cache/autoptimize/css/autoptimize_single_3a80e208073a48f637c2c7bed9c5d610.css?ver=1656651920
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5b45fd07b1387c6f271bb100cd9d945c
782de37bbdd9ddfeb8b26c0cbaed79a798360548
9ce42e8591bbff73e7d85b1c29ef0fd42201f557045e13225ccc7d94ff88119a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/autoptimize/css/autoptimize_single_3a80e208073a48f637c2c7bed9c5d610.css?ver=1656651920 HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.devexhub.com/ppc-services
HTTP/1.1 302 Found
Date: Mon, 26 Sep 2022 05:09:09 GMT
Server: Apache
Location: https://www.devexhub.com/wp-content/cache/autoptimize/css/autoptimize_single_3a80e208073a48f637c2c7bed9c5d610.css?ver=1656651920
Content-Length: 312
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.devexhub.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
103.53.43.17302 Found 265 B URL HTTP/1.1 www.devexhub.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4c40229917c1850e957cd358fd8475d7
aa67bceee429d6e76078b2f011d2eea39c5abe4e
12e73ff75528e429fc6b74ded0d9af882deaa14d4cb3430c809bd85c1a170485
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.devexhub.com/ppc-services
HTTP/1.1 302 Found
Date: Mon, 26 Sep 2022 05:09:09 GMT
Server: Apache
Location: https://www.devexhub.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Content-Length: 265
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.devexhub.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
103.53.43.17302 Found 273 B URL HTTP/1.1 www.devexhub.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 51ef343e5efa637726b5e60e87f2648d
993629a7ea2db9a651adc44c10cf1704b431928d
07f01b7b42f242fca9aefd0fc66c29a3dd4e6bd89e44803a7abd7578ef24be7c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.devexhub.com/ppc-services
HTTP/1.1 302 Found
Date: Mon, 26 Sep 2022 05:09:09 GMT
Server: Apache
Location: https://www.devexhub.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Content-Length: 273
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.devexhub.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
103.53.43.17302 Found 254 B URL HTTP/1.1 www.devexhub.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 67cf5bdaac6a57812fca6741ba9a00e7
394eba150be814c0a571df11c57f1db31c8741f7
2c0f0b72f9809c867681929c2c67290b2d3f9351394a5d3a52f8dd2dfcaca5f4
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.devexhub.com/ppc-services
HTTP/1.1 302 Found
Date: Mon, 26 Sep 2022 05:09:09 GMT
Server: Apache
Location: https://www.devexhub.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Content-Length: 254
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.devexhub.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.0.4
103.53.43.17302 Found 293 B URL HTTP/1.1 www.devexhub.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.0.4
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cd78a30bf23b842a3bdb41ff946efd25
46f98b82d570d677fd37e597454b64bc90e09647
a2ba33b1493cb72f0ebf5147d833dab526c8e51ddb84b7ac0aaba9b6d4eae4e7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.0.4 HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.devexhub.com/ppc-services
HTTP/1.1 302 Found
Date: Mon, 26 Sep 2022 05:09:09 GMT
Server: Apache
Location: https://www.devexhub.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.0.4
Content-Length: 293
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.devexhub.com/wp-content/cache/autoptimize/js/autoptimize_e04bf2238e94299743eb095e302dedd9.js
103.53.43.17302 Found 288 B URL HTTP/1.1 www.devexhub.com/wp-content/cache/autoptimize/js/autoptimize_e04bf2238e94299743eb095e302dedd9.js
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 08cfa1929e75c8d3866b685fcc837993
d9007c85fdfc55e68f0023b8423410de88b376c7
8c2fbffa393dcc97101177dacc1b647a03e0f5557c83b0a779c73600975f2267
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/autoptimize/js/autoptimize_e04bf2238e94299743eb095e302dedd9.js HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.devexhub.com/ppc-services
HTTP/1.1 302 Found
Date: Mon, 26 Sep 2022 05:09:10 GMT
Server: Apache
Location: https://www.devexhub.com/wp-content/cache/autoptimize/js/autoptimize_e04bf2238e94299743eb095e302dedd9.js
Content-Length: 288
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d80bbc6957e0b054c184f66698ac44d5
51e7338f8b57e8779e4a05137dac4e3d152883dc
5e2e1e95a1fe00f7707c3a933b7326544b593941ff0944d24f7721fbb9c6aade
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E2E1E95A1FE00F7707C3A933B7326544B593941FF0944D24F7721FBB9C6AADE"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 26 Sep 2022 11:09:10 GMT
Date: Mon, 26 Sep 2022 05:09:10 GMT
Connection: keep-alive
pro.fontawesome.com/releases/v5.10.0/css/all.css
104.18.23.52200 OK 30 kB URL HTTP/2 pro.fontawesome.com/releases/v5.10.0/css/all.css
IP 104.18.23.52:0
Hash d381dd6f22ac0fd567967447b352f43d
054483317348fd04c4d17180aeb54d0fe682f1bb
b7e2d2fc2f4e83c7cde7637041e20339d0ca57ee9a66e22d0f91f61815ed5d83
GET /releases/v5.10.0/css/all.css HTTP/1.1
Host: pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.devexhub.com
Connection: keep-alive
Referer: http://www.devexhub.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:09:10 GMT
content-type: text/css
x-amz-id-2: pzhnEuJgpAjCman8y4ZnwTC3B84Ql2afdja9p/5dL9O+pcfPU4ZKvHb1ZvhKM/H9TkJFhF8lniMwNf3PE9dVkQ==
x-amz-request-id: X21ZTNAV9HFNA7C7
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 28 Jun 2021 16:54:32 GMT
etag: W/"aa1272633e7e552395d147a499bad186"
cache-control: max-age=31556926
cf-cache-status: MISS
server: cloudflare
cf-ray: 75097c5fce16b50b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.devexhub.com/wp-content/cache/autoptimize/css/autoptimize_single_4a392d0e2841bb06a54c6ff093cb1f19.css?ver=1652360712
103.53.43.17200 OK 347 B URL HTTP/2 www.devexhub.com/wp-content/cache/autoptimize/css/autoptimize_single_4a392d0e2841bb06a54c6ff093cb1f19.css?ver=1652360712
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1103), with no line terminators
Hash c51978c4e54d49c67872d1ec8f636a7d
bd2b3faf008a42bbdad60b62f704863a149e4540
01dd745a14f9ff23965242f2e9593d8289632481ccf736e5947e3fa86d3ae024
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/autoptimize/css/autoptimize_single_4a392d0e2841bb06a54c6ff093cb1f19.css?ver=1652360712 HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.devexhub.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 05:58:14 GMT
accept-ranges: none
cache-control: max-age=30672000, public, immutable
expires: Sat, 16 Sep 2023 05:09:10 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 347
content-type: text/css
date: Mon, 26 Sep 2022 05:09:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.devexhub.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
103.53.43.17200 OK 8.3 kB URL HTTP/2 www.devexhub.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash e49f0561a452c9d04fb7d1510a23cc8c
9e8fc2e3129da4fe2790eee565a6478b864bea83
ab4f9f418b022ab34d617ee2f95d70afff005ed4d4d92e313ce84a56b40bce75
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.devexhub.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 05:24:26 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
content-length: 8254
content-type: application/javascript
date: Mon, 26 Sep 2022 05:09:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.devexhub.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.0.4
103.53.43.17200 OK 4.6 kB URL HTTP/2 www.devexhub.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.0.4
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (7862)
Hash 8846ff14a06fcf1ff3e1ba18d0f7ffe0
6948b345a269912abd8e34126f2fc315bff00812
772a5731cedcc335f614ef06b6bf8eb7beb3e33ece584d7885c054cd2ed0bcc6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.0.4 HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.devexhub.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 12 May 2022 13:04:46 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
content-length: 4573
content-type: application/javascript
date: Mon, 26 Sep 2022 05:09:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.devexhub.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
103.53.43.17200 OK 2.7 kB URL HTTP/2 www.devexhub.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (6475), with no line terminators
Hash 45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.devexhub.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 05:24:26 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
content-length: 2675
content-type: application/javascript
date: Mon, 26 Sep 2022 05:09:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.devexhub.com/wp-content/cache/autoptimize/css/autoptimize_single_70f101e79c861f465ceb92dbf682dc44.css?ver=1652360718
103.53.43.17200 OK 2.5 kB URL HTTP/2 www.devexhub.com/wp-content/cache/autoptimize/css/autoptimize_single_70f101e79c861f465ceb92dbf682dc44.css?ver=1652360718
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (21417), with no line terminators
Hash 0c8c405cafa52fd806a4429ab7cca124
9758478c01cc1892a2e2ca03a6824d413c310cbb
333c26c7279ab5ace1c956de96e8dd63c02328ec6389367c496011a3986d5ad4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/autoptimize/css/autoptimize_single_70f101e79c861f465ceb92dbf682dc44.css?ver=1652360718 HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.devexhub.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 05:58:14 GMT
accept-ranges: none
cache-control: max-age=30672000, public, immutable
expires: Sat, 16 Sep 2023 05:09:10 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2461
content-type: text/css
date: Mon, 26 Sep 2022 05:09:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.devexhub.com/wp-content/cache/autoptimize/css/autoptimize_single_3a80e208073a48f637c2c7bed9c5d610.css?ver=1656651920
103.53.43.17200 OK 726 B URL HTTP/2 www.devexhub.com/wp-content/cache/autoptimize/css/autoptimize_single_3a80e208073a48f637c2c7bed9c5d610.css?ver=1656651920
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (3361), with no line terminators
Hash 9da3b6e4faa2a8087002ce4a796f6ae6
97234a9298923c403e3de73d49859c85a256e173
f7b424015208418d6a23ad00ed16c2066d60276b50787d56124a1891ea924438
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/autoptimize/css/autoptimize_single_3a80e208073a48f637c2c7bed9c5d610.css?ver=1656651920 HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.devexhub.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 06:03:58 GMT
accept-ranges: none
cache-control: max-age=30672000, public, immutable
expires: Sat, 16 Sep 2023 05:09:10 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 726
content-type: text/css
date: Mon, 26 Sep 2022 05:09:10 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bc7883d0a03d9c3559288a600fecc70a
b0e538996510ec8c861264cba4bf79fa73f6f7d6
c3bdc9bb12c7c951ca2d861c95156de2c724acc82386e882864c464132e07ac3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:09:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:09:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:09:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:09:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:09:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:09:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
142.250.74.163200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 26592, version 1.0\012- data
Hash c2d66029cf6ae68a19e1398fc02feda6
c37e5907e49d2ed5b11f59841a3d16c911da7a5c
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
GET /s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.devexhub.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26592
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 02:33:13 GMT
expires: Tue, 26 Sep 2023 02:33:13 GMT
cache-control: public, max-age=31536000
age: 9358
last-modified: Mon, 11 Jul 2022 20:56:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2
142.250.74.163200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 26304, version 1.0\012- data
Hash 29404b5009a74d47f2a7923da5741fd5
c8c7a68af3f7e4f92d932203efda0c38e4d170ab
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
GET /s/jost/v14/92zatBhPNqw73oTd4g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.devexhub.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26304
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 02:52:26 GMT
expires: Tue, 26 Sep 2023 02:52:26 GMT
cache-control: public, max-age=31536000
age: 8205
last-modified: Mon, 11 Jul 2022 20:29:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.devexhub.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 380103
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:09:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3430.6744684136406!2d76.69037331509092!3d30.69943399428775!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x390fec126dd417d1%3A0xdbd3526b6a992104!2sDevex%20Hub!5e0!3m2!1sen!2sin!4v1609234000453!5m2!1sen!2sin
142.250.74.164200 OK 1.8 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3430.6744684136406!2d76.69037331509092!3d30.69943399428775!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x390fec126dd417d1%3A0xdbd3526b6a992104!2sDevex%20Hub!5e0!3m2!1sen!2sin!4v1609234000453!5m2!1sen!2sin
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3618)
Hash 299f8d5a646220e451e3ac8f1af385a3
815710a30b1bbced2214b4822548c225396d283e
0f7354f1dbbf3825a7571c57f6210903e4130d1973644de7153ce1c7bc85c684
GET /maps/embed?pb=!1m18!1m12!1m3!1d3430.6744684136406!2d76.69037331509092!3d30.69943399428775!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x390fec126dd417d1%3A0xdbd3526b6a992104!2sDevex%20Hub!5e0!3m2!1sen!2sin!4v1609234000453!5m2!1sen!2sin HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.devexhub.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Mon, 26 Sep 2022 05:09:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-UgPevk5RwajXP7n5V9ESkA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1792
x-xss-protection: 0
server-timing: gfet4t7; dur=134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4474bfba80fa3257384d1c908e1353bf
9a2869a3888743d575e6f87d2a7479d5d97fa123
63378e949c0ea9564e7660ea0522ce7a59727a0a5232b81b77f8525899f67a2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:09:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.devexhub.com/wp-content/themes/zakra/img/bubble-bg.gif
103.53.43.17302 Found 250 B URL HTTP/1.1 www.devexhub.com/wp-content/themes/zakra/img/bubble-bg.gif
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6dc57ce001e053ec6627410d518c4ad2
9a50e303440103709dfc116459da41c1eb7a8030
e1371fb46cae96b6d78b4f317330010aa447f68f45b7e779c911bce386025b75
GET /wp-content/themes/zakra/img/bubble-bg.gif HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.devexhub.com/ppc-services
HTTP/1.1 302 Found
Date: Mon, 26 Sep 2022 05:09:11 GMT
Server: Apache
Location: https://www.devexhub.com/wp-content/themes/zakra/img/bubble-bg.gif
Content-Length: 250
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.devexhub.com/wp-content/themes/zakra/assets/fonts/themegrill-icons.woff2?5d42b271f668d2d6461ba91fc5a5a839
103.53.43.17302 Found 301 B URL HTTP/1.1 www.devexhub.com/wp-content/themes/zakra/assets/fonts/themegrill-icons.woff2?5d42b271f668d2d6461ba91fc5a5a839
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b644055275824df6852c76f43819862c
d236115c7c40fd694681b26030c3e8693b8336d5
e21e51653753fac289ae499ca88a1aa1df3005caef22b1c71037ccaa2a2a2179
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/zakra/assets/fonts/themegrill-icons.woff2?5d42b271f668d2d6461ba91fc5a5a839 HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.devexhub.com/ppc-services
HTTP/1.1 302 Found
Date: Mon, 26 Sep 2022 05:09:11 GMT
Server: Apache
Location: https://www.devexhub.com/wp-content/themes/zakra/assets/fonts/themegrill-icons.woff2?5d42b271f668d2d6461ba91fc5a5a839
Content-Length: 301
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
use.fontawesome.com/releases/v5.15.3/webfonts/fa-solid-900.woff2
172.64.133.15200 OK 78 kB URL HTTP/2 use.fontawesome.com/releases/v5.15.3/webfonts/fa-solid-900.woff2
IP 172.64.133.15:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
GET /releases/v5.15.3/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.devexhub.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:09:11 GMT
content-type: font/woff2
content-length: 78196
x-amz-id-2: lQSQ2i3ldsT5OjCYENgVIJCzYE1X6lXPGl3Xbz3mFGfGJYkmSEQ44aXYwA/6SUvPIRVxn/U+3ZQ=
x-amz-request-id: FQF972ZSQQZ75W4G
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:41:36 GMT
etag: "e8a427e15cc502bef99cfd722b37ea98"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flEKlz3sPC2J92d75O7JX%2FfcJQkb9mQZLS5%2FPi97Zmknb8PNgGZMs2FnBvazQ2xv%2FrZoRybUxajFmUHr%2BWWdTsFP7Ly0u01%2FA4QNZk85Eayv81kgxehb6jy4t5%2BxbS%2FC5jlSJaz1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75097c6a28379b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.3/webfonts/fa-brands-400.woff2
172.64.133.15200 OK 77 kB URL HTTP/2 use.fontawesome.com/releases/v5.15.3/webfonts/fa-brands-400.woff2
IP 172.64.133.15:0
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
GET /releases/v5.15.3/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.devexhub.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:09:11 GMT
content-type: font/woff2
content-length: 76764
x-amz-id-2: 6UJxzjX7hAMk9FKy2U7MCRVK+qOtB0IWKjKW3DBfZr8QqNLrD1qXPCC7wpbDHxH0bimXc4/iE4Y=
x-amz-request-id: FQF79TDE627ZTB2F
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:41:36 GMT
etag: "f7307680c7fe85959f3ecf122493ea7d"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sj9orRsG9FkDTXz9mzZuAPbK%2BZADpkqAPqXzbXQV43rDFfEWMtQMsJPJlLdNLghprxpFDu%2BR4GH%2BV2zrVF%2FrF2OHoo1VAkW8niNgHD4Dpf4df0jY3gCsrssdM7S1Iefcmm4w1j4B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75097c6a48959b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.devexhub.com/wp-content/uploads/2021/01/cropped-logo.png
103.53.43.17200 OK 12 kB URL HTTP/1.1 www.devexhub.com/wp-content/uploads/2021/01/cropped-logo.png
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 416 x 464, 8-bit/color RGBA, non-interlaced\012- data
Hash 1be3415db54c2d27bce6c99216e861eb
55587e0ec7701b7021b2cbe854a9fad12a4b931c
2d77284cd6b4e0c222157caf3cdeb2236b5ad2ca4c43dd40901a2c3d8a8d1ec6
GET /wp-content/uploads/2021/01/cropped-logo.png HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.devexhub.com/ppc-services
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 05:09:11 GMT
Server: Apache
Last-Modified: Fri, 25 Jun 2021 13:18:42 GMT
Accept-Ranges: bytes
Content-Length: 11509
Content-Type: image/png
pro.fontawesome.com/releases/v5.10.0/webfonts/fa-brands-400.woff2
104.18.23.52200 OK 75 kB URL HTTP/2 pro.fontawesome.com/releases/v5.10.0/webfonts/fa-brands-400.woff2
IP 104.18.23.52:0
File type Web Open Font Format (Version 2), TrueType, length 74668, version 330.15728\012- data
Hash 2de2a530b2c689d8dc9548acfcf670a1
46f0568e726dd22473628ca81933ea7ff079e735
03a811b7e81f930c938141ba6c0a439f59acfe1a3c4a6768b7901741a32b459e
GET /releases/v5.10.0/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.devexhub.com
Connection: keep-alive
Referer: https://pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:09:11 GMT
content-type: font/woff2
content-length: 74668
x-amz-id-2: TGczFIBDtlE4m0Gl6Yev4tntdDhSm07xjjiT+qxZEVBqxTOo/b5sKEwG0703brRqrIw4Hb0hllC1lsT3TJnW5A==
x-amz-request-id: FQF40V11H1SBK2C9
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 28 Jun 2021 16:56:06 GMT
etag: "2de2a530b2c689d8dc9548acfcf670a1"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 75097c6abf45b50b-OSL
X-Firefox-Spdy: h2
pro.fontawesome.com/releases/v5.10.0/webfonts/fa-solid-900.woff2
104.18.23.52200 OK 123 kB URL HTTP/2 pro.fontawesome.com/releases/v5.10.0/webfonts/fa-solid-900.woff2
IP 104.18.23.52:0
File type Web Open Font Format (Version 2), TrueType, length 123004, version 330.15728\012- data
Size 123 kB (123004 bytes)
Hash 88fd444847dc842d15e229df26571b03
bde84da4343e573a148af56adde21bddf74bb2a6
d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37
GET /releases/v5.10.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.devexhub.com
Connection: keep-alive
Referer: https://pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:09:12 GMT
content-type: font/woff2
content-length: 123004
x-amz-id-2: j4L7twC6EW/qIJObawK0+zHTvVAW1EdHdeqJlP2k5tSXRO6rDP5FMuKEVZVUFs/mqS4YsxlkQ+Y=
x-amz-request-id: FQF48YFCHV9EKNWV
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 28 Jun 2021 16:56:06 GMT
etag: "88fd444847dc842d15e229df26571b03"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 75097c6abf40b50b-OSL
X-Firefox-Spdy: h2
www.devexhub.com/wp-content/uploads/2022/05/ppc-768x526.jpg
103.53.43.17200 OK 40 kB URL HTTP/1.1 www.devexhub.com/wp-content/uploads/2022/05/ppc-768x526.jpg
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, description=Pay Per Click Concept. Tiny Characters at Huge Computer Desktop with Cursor Clicking on Ad Button. Ppc Business, Cpc Advertisin], baseline, precision 8, 768x526, components 3\012- data
Hash 40cef67c50d128d83787a9bce87e8ccd
9046cf3a7d3885671516ab8ba30242cc8ff694a8
e076a85dea6ecc1048fee3ee47018f95316e609cfcf1d21cd7864f41d29b2d01
GET /wp-content/uploads/2022/05/ppc-768x526.jpg HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.devexhub.com/ppc-services
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 05:09:11 GMT
Server: Apache
Last-Modified: Fri, 06 May 2022 05:20:49 GMT
Accept-Ranges: bytes
Content-Length: 40412
Content-Type: image/jpeg
www.devexhub.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
103.53.43.17200 OK 41 kB URL HTTP/2 www.devexhub.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash ce8480baf0328fd4d682d538d1847204
b22e169a764b2362182b040e1ec3777826dbc289
a023fd98fe712244e0bd9fdbc4216ee7b68536150b6ca2268c1c2e6d4b5e04c2
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.devexhub.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 20 Apr 2022 16:31:48 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 26 Sep 2022 05:09:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.devexhub.com/wp-content/themes/zakra/img/bubble-bg.gif
103.53.43.17200 OK 240 kB URL HTTP/2 www.devexhub.com/wp-content/themes/zakra/img/bubble-bg.gif
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type GIF image data, version 89a, 1600 x 650\012- data
Size 240 kB (240402 bytes)
Hash 39a1027214f2c43f98ec0dfa81395f17
f511a23ff5933c261e31cbfa1af8fdac759c9535
4812f5eded0edd189c78493294251a6a44eeb4e797387c0adb5fb9c91ccf35d3
GET /wp-content/themes/zakra/img/bubble-bg.gif HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.devexhub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 15 Jan 2021 18:04:18 GMT
accept-ranges: bytes
content-length: 240402
content-type: image/gif
date: Mon, 26 Sep 2022 05:09:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.devexhub.com/wp-content/themes/zakra/assets/fonts/themegrill-icons.woff2?5d42b271f668d2d6461ba91fc5a5a839
103.53.43.17200 OK 1.3 kB URL HTTP/2 www.devexhub.com/wp-content/themes/zakra/assets/fonts/themegrill-icons.woff2?5d42b271f668d2d6461ba91fc5a5a839
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 1320, version 1.0\012- data
Hash 26a09c1dc7fd18341da6c6cde110e123
d8710ef9efffc5a97bc62e3f9f1e98b779b07cd4
b84099a6f7f94d98d7e0f52cf017c2a1cc0b2a9aa1d3f542f8e1379a8bc83a99
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/zakra/assets/fonts/themegrill-icons.woff2?5d42b271f668d2d6461ba91fc5a5a839 HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.devexhub.com
Referer: http://www.devexhub.com/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Dec 2020 17:01:40 GMT
accept-ranges: bytes
content-length: 1320
content-type: font/woff2
date: Mon, 26 Sep 2022 05:09:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.devexhub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Mon, 26 Sep 2022 04:41:09 GMT
expires: Mon, 26 Sep 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 1683
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-3009576.js?sv=6
143.204.55.37200 OK 2.1 kB URL HTTP/2 static.hotjar.com/c/hotjar-3009576.js?sv=6
IP 143.204.55.37:0
File type ASCII text, with very long lines (3790)
Hash 4aa8d178a16e2aa925dbe228363baf57
6636c07e5dd29d2e82572c61766c94c778843f71
d28789a1f51de31431528e761f1d510bf28ff44623a200fc7665f4a5159b693e
GET /c/hotjar-3009576.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.devexhub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Mon, 26 Sep 2022 05:09:12 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/63b8d7062694047f8af5caca6826f232
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NRjAMaKBoxz7Ftml92bZOscurYvYQ9QDVFHw5yXNVUgsUhHgkv7ktg==
X-Firefox-Spdy: h2
www.clarity.ms/tag/dc5r28gn29?ref=bwt
13.107.213.53200 OK 1.4 kB URL HTTP/2 www.clarity.ms/tag/dc5r28gn29?ref=bwt
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1363), with no line terminators
Hash 1aaa6a3db309c00957ff921b1bf9be30
7c180efef337b24ad1f5f3ccc497b3fdd80d2d68
3b95169a5fce97c7d0271da8229998144f57933fbb92e20e927dc780b12f9cc9
GET /tag/dc5r28gn29?ref=bwt HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.devexhub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-length: 1363
content-type: application/x-javascript
expires: -1
set-cookie: CLID=ffacc0b338f7404583720857f42b542f.20220926.20230926; expires=Tue, 26 Sep 2023 05:09:12 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0+DMxYwAAAAA6a4qAwNaJTaKeanXE1/gOQU1TMDRFREdFMTkyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 26 Sep 2022 05:09:12 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d095ec6a56142cb2084481b06881ef4
82ff236023008fbfb871aaa7c1e976e0cf15e91a
791ac45152415413d4af27f3dde61a021c9c57dcf7ca5b0e65300ebc3cd8815d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:09:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.devexhub.com/wp-content/themes/zakra/assets/fonts/themegrill-icons.woff?5d42b271f668d2d6461ba91fc5a5a839
103.53.43.17302 Found 300 B URL HTTP/1.1 www.devexhub.com/wp-content/themes/zakra/assets/fonts/themegrill-icons.woff?5d42b271f668d2d6461ba91fc5a5a839
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 607a87cc0a4559c5f5c9625b9ae01e34
1df68d24615846be2a769648b281263694be01d7
b31336c3709c140a0ec8d933b162614d85c816eda76e8f91f7b0e594ca3303e2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/zakra/assets/fonts/themegrill-icons.woff?5d42b271f668d2d6461ba91fc5a5a839 HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.devexhub.com/ppc-services
HTTP/1.1 302 Found
Date: Mon, 26 Sep 2022 05:09:12 GMT
Server: Apache
Location: https://www.devexhub.com/wp-content/themes/zakra/assets/fonts/themegrill-icons.woff?5d42b271f668d2d6461ba91fc5a5a839
Content-Length: 300
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-158363032-1&cid=603462552.1664168951&jid=1900365884&gjid=482714936&_gid=164815682.1664168951&_u=YEBAAUAAAAAAAC~&z=227083496
64.233.162.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-158363032-1&cid=603462552.1664168951&jid=1900365884&gjid=482714936&_gid=164815682.1664168951&_u=YEBAAUAAAAAAAC~&z=227083496
IP 64.233.162.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-158363032-1&cid=603462552.1664168951&jid=1900365884&gjid=482714936&_gid=164815682.1664168951&_u=YEBAAUAAAAAAAC~&z=227083496 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.devexhub.com
Connection: keep-alive
Referer: http://www.devexhub.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.devexhub.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 26 Sep 2022 05:09:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.devexhub.com/wp-content/uploads/2021/07/cropped-logo.ico
103.53.43.17200 OK 1.2 kB URL HTTP/2 www.devexhub.com/wp-content/uploads/2021/07/cropped-logo.ico
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 097961fc4c657d9dd6cfc061d67a8322
8ec899dd9d9d5a8c5e645c58e865845e81fa353d
b8ba3f6aa41be55d495be554fdfa42d2d94fe8c66ed2ca3240bd414a39706659
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2021/07/cropped-logo.ico HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.devexhub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:09:12 GMT
server: Apache
content-type: image/x-icon
content-length: 1150
last-modified: Fri, 23 Jul 2021 07:31:02 GMT
cache-control: max-age=604800
expires: Mon, 03 Oct 2022 05:09:12 GMT
x-server-cache: true
x-proxy-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d095ec6a56142cb2084481b06881ef4
82ff236023008fbfb871aaa7c1e976e0cf15e91a
791ac45152415413d4af27f3dde61a021c9c57dcf7ca5b0e65300ebc3cd8815d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:09:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.devexhub.com/wp-content/themes/zakra/assets/fonts/themegrill-icons.woff?5d42b271f668d2d6461ba91fc5a5a839
103.53.43.17200 OK 1.7 kB URL HTTP/2 www.devexhub.com/wp-content/themes/zakra/assets/fonts/themegrill-icons.woff?5d42b271f668d2d6461ba91fc5a5a839
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format, TrueType, length 1748, version 1.0\012- data
Hash 02af1dfcf1adec0630f97dab36e9a37c
ee9139b90424493f610532004db135de3f3f00f9
a924ce617289f182da44549239bebc56fa22e8dc2c44da62ac5184006ea32347
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/zakra/assets/fonts/themegrill-icons.woff?5d42b271f668d2d6461ba91fc5a5a839 HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.devexhub.com
Referer: http://www.devexhub.com/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Dec 2020 17:01:40 GMT
accept-ranges: bytes
content-length: 1748
content-type: font/woff
date: Mon, 26 Sep 2022 05:09:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.41/clarity.js
13.107.213.53200 OK 24 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.41/clarity.js
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (54809)
Hash 1a7d206cf77e52160f7d49ab1c167fe5
08d824c483c1a2428bdc4e583d61a5ca8d1afb74
5404eb1ed3f4542d873f4e0610572ad480353446ea8e6f7e2bb76034cf051652
GET /eus2/s/0.6.41/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.devexhub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8ccdebe9ad570"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0+TMxYwAAAADBl25m5RdMRquQdYHvXX0JQU1TMDRFREdFMTkyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 26 Sep 2022 05:09:12 GMT
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=8201C7C2FF42482B908614C31411E709&RedC=c.clarity.ms&MXFR=3A6A263CDD3F65EA35B83417D93F6B4B
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=8201C7C2FF42482B908614C31411E709&RedC=c.clarity.ms&MXFR=3A6A263CDD3F65EA35B83417D93F6B4B
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=8201C7C2FF42482B908614C31411E709&RedC=c.clarity.ms&MXFR=3A6A263CDD3F65EA35B83417D93F6B4B HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.devexhub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=8201C7C2FF42482B908614C31411E709&MUID=1DD5074FDF366A7702531564DEC36B60
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=1DD5074FDF366A7702531564DEC36B60; domain=c.bing.com; expires=Sat, 21-Oct-2023 05:09:13 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BE8B3F1249BC4D0DBEF336B0083DB2D7 Ref B: OSL30EDGE0515 Ref C: 2022-09-26T05:09:13Z
date: Mon, 26 Sep 2022 05:09:13 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=8201C7C2FF42482B908614C31411E709&MUID=1DD5074FDF366A7702531564DEC36B60
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=8201C7C2FF42482B908614C31411E709&MUID=1DD5074FDF366A7702531564DEC36B60
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=8201C7C2FF42482B908614C31411E709&MUID=1DD5074FDF366A7702531564DEC36B60 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.devexhub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Mon, 26-Sep-2022 05:19:13 GMT; path=/; SameSite=None; Secure;
date: Mon, 26 Sep 2022 05:09:13 GMT
content-length: 42
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1052
Origin: http://www.devexhub.com
Connection: keep-alive
Referer: http://www.devexhub.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: http://www.devexhub.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Mon, 26 Sep 2022 05:09:12 GMT
X-Firefox-Spdy: h2
www.devexhub.com/wp-content/cache/autoptimize/js/autoptimize_e04bf2238e94299743eb095e302dedd9.js
103.53.43.17200 OK 286 kB URL HTTP/2 www.devexhub.com/wp-content/cache/autoptimize/js/autoptimize_e04bf2238e94299743eb095e302dedd9.js
IP 103.53.43.17:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (32019)
Size 286 kB (285664 bytes)
Hash f6a835b9bf599138c99314d8de58ffc5
d6028a8755e12b675956e6476370d5f0766abe46
81b21d5bdbdb3fd24da2270fe32d19ef39091d47e76d05715e8b5da083dda8a5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/autoptimize/js/autoptimize_e04bf2238e94299743eb095e302dedd9.js HTTP/1.1
Host: www.devexhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.devexhub.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 06:03:58 GMT
accept-ranges: none
cache-control: max-age=30672000, public, immutable
expires: Sat, 16 Sep 2023 05:09:10 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 26 Sep 2022 05:09:10 GMT
server: Apache
X-Firefox-Spdy: h2