Overview

URLmpatriotestogolais.org/tau/index.php?qbot.zip
IP 69.162.134.162 (United States)
ASN#394303 BIGSCOOTS
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-18 19:44:47 UTC
StatusLoading report..
IDS alerts0
Blocklist alert387
urlquery alerts No alerts detected
Tags None

Domain Summary (19)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
cdnjs.cloudflare.com (3) 235 2015-04-17 20:46:33 UTC 2022-11-18 07:25:36 UTC 104.17.25.14
ocsp.pki.goog (12) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
connect.facebook.net (2) 139 2012-05-22 02:51:28 UTC 2020-02-17 13:26:09 UTC 31.13.72.12
ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-18 08:58:13 UTC 142.250.74.164
use.fontawesome.com (3) 942 2018-09-18 10:26:26 UTC 2020-03-18 00:09:30 UTC 172.64.133.15
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-18 14:58:55 UTC 142.250.74.10
translate.google.com (1) 1156 2012-05-30 01:30:32 UTC 2020-04-26 20:04:42 UTC 142.250.74.46
mpatriotestogolais.org (150) 0 2019-11-13 06:25:22 UTC 2022-11-18 19:44:22 UTC 69.162.134.162 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-18 05:29:52 UTC 34.102.187.140
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.148.17.90
fonts.gstatic.com (5) 0 2014-09-09 00:40:21 UTC 2022-11-18 14:58:55 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-11-18 05:46:32 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
www.facebook.com (1) 99 2012-05-21 00:23:41 UTC 2021-06-08 06:38:51 UTC 31.13.72.36
r3.o.lencr.org (6) 344 No data No data 23.36.77.32
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-18 05:27:45 UTC 34.117.237.239
translate.googleapis.com (1) 1005 2014-07-21 13:19:59 UTC 2022-11-18 15:14:27 UTC 142.250.74.138
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-18 2 mpatriotestogolais.org/tau/index.php?qbot.zip Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/link-widget-title/public/css/link (...) Malware
2022-11-18 2 mpatriotestogolais.org/tau/?qbot.zip Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-social-media-icons/css/s (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/uploads/elementor/css/post-3234.css?ver=1 (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/uploads/elementor/css/post-3233.css?ver=1 (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/elementor/assets/lib/eicons/css/e (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/tablepress1/css/default.min.css?v (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/uploads/elementor/css/global.css?ver=1661 (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/uploads/elementor/css/post-3304.css?ver=1 (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/super-sidebar/public/css/super-si (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/elementor/assets/css/frontend-lit (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/elementor-pro/assets/css/frontend (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/revslider/admin/includes/shortcod (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/elementor/assets/lib/font-awesome (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/css/um-fon (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/css/um-fon (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/css/pickad (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/css/um-tip (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/css/um-mod (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/css/simple (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/css/um-sty (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/css/um-old (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/themes/Divi-child/style.css?ver=3.0.106.1 (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/profile-builder/assets/css/style- (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 Malware
2022-11-18 2 mpatriotestogolais.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/link-widget-title/public/js/link- (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/pj-news-ticker/public/js/pj-news- (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/js/um-gdpr (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-social-media-icons/image (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ninja-forms/assets/css/jBox.css?v (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-includes/js/mediaelement/mediaelementplayer-legac (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/contact-form-7/includes/swv/js/in (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-social-media-icons/image (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/email-subscribers/lite/public/js/ (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/codelights-shortcodes-and-widgets (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ninja-forms/assets/css/font-aweso (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ninja-forms/assets/css/display-op (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/revslider/public/assets/js/rs6.mi (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-social-media-icons/js/sh (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/themes/Divi/js/smoothscroll.js?ver=4.19.1 Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-social-media-icons/js/cu (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-social-media-icons/js/sh (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/the-events-calendar/common/src/re (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/the-events-calendar/common/src/re (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-includes/js/underscore.min.js?ver=1.13.4 Malware
2022-11-18 2 mpatriotestogolais.org/wp-includes/js/wp-util.min.js?ver=6.1.1 Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/js/um-crop (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/super-sidebar/public/js/jquery.su (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.1 Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/js/pickada (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-includes/js/dist/vendor/regenerator-runtime.min.j (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 Malware
2022-11-18 2 mpatriotestogolais.org/wp-includes/js/imagesloaded.min.js?ver=4.1.4 Malware
2022-11-18 2 mpatriotestogolais.org/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b Malware
2022-11-18 2 mpatriotestogolais.org/wp-includes/js/masonry.min.js?ver=4.2.2 Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/super-sidebar/public/js/velocity. (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/js/um-raty (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/js/um-file (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/js/um-resp (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/js/um-func (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/js/um-acco (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/js/um-prof (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/js/um-scri (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/js/simpleb (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-includes/js/mediaelement/wp-mediaelement.min.js?v (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-includes/js/mediaelement/mediaelement-migrate.min (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/add-search-to-menu/public/js/ivor (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-includes/js/mediaelement/mediaelement-and-player. (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ninja-forms/assets/js/min/front-e (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ninja-forms/assets/js/min/front-e (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/elementor/assets/js/webpack.runti (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/elementor/assets/js/frontend-modu (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/elementor-pro/assets/js/frontend. (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/elementor-pro/assets/js/elements- (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-includes/js/mediaelement/renderers/vimeo.min.js?v (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/themes/Divi/core/admin/fonts/modules/all/ (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/uploads/2018/09/IMG_0160-300x294.jpeg Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/uploads/2021/11/WhatsApp-Image-2021-11-23 (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-includes/js/mediaelement/mejs-controls.svg Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/plugins/ultimate-member/assets/font/fonta (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/uploads/2018/09/bce44668-89b7-45f2-ba48-0 (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/themes/Divi/js/scripts.min.js?ver=4.19.1 Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/uploads/2018/07/67A368D0-EB80-4837-A3DD-3 (...) Malware
2022-11-18 2 mpatriotestogolais.org/wp-content/uploads/2019/07/VIDEO-2019-07-09-07-50-28 (...) Malware

mnemonic secure dns
Scan Date Severity Indicator Comment
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed
2022-11-18 2 mpatriotestogolais.org Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 69.162.134.162
Date UQ / IDS / BL URL IP
2022-11-18 19:44:47 +0000 0 - 0 - 387 mpatriotestogolais.org/tau/index.php?qbot.zip 69.162.134.162
2022-11-18 04:45:58 +0000 0 - 0 - 18 mpatriotestogolais.org/ 69.162.134.162


Last 5 reports on ASN: BIGSCOOTS
Date UQ / IDS / BL URL IP
2023-01-17 11:16:54 +0000 0 - 0 - 5 nwcleasing.com/ 50.31.65.174
2023-01-15 20:40:33 +0000 0 - 2 - 0 saraquiriconi.com/do-i-eat-junk-food-why-i-pr (...) 69.162.134.22
2023-01-07 20:50:36 +0000 0 - 0 - 13 www.naturalderm.ec/ 50.31.78.11
2022-12-20 14:37:12 +0000 0 - 1 - 0 inwithskin.com/fit-healthy-successful 69.162.134.9
2022-12-19 17:11:09 +0000 0 - 0 - 0 davescomputertips.com/how-safe-is-your-browser/ 67.202.70.109


Last 2 reports on domain: mpatriotestogolais.org
Date UQ / IDS / BL URL IP
2022-11-18 19:44:47 +0000 0 - 0 - 387 mpatriotestogolais.org/tau/index.php?qbot.zip 69.162.134.162
2022-11-18 04:45:58 +0000 0 - 0 - 18 mpatriotestogolais.org/ 69.162.134.162


No other reports with similar screenshot

JavaScript

Executed Scripts (107)

Executed Evals (0)

Executed Writes (1)
#1 JavaScript::Write (size: 382) - SHA256: ed5190be636529fe44951890e8fa47120431aae198c2f6684fd65620546c2fff
< head > < meta http - equiv = "Content-Type"
content = "text/html; charset=UTF8" > < link rel = "stylesheet"
type = "text/css"
href = "https://translate.googleapis.com/translate_static/css/translateelement.css" > < /head><body scroll="no" style="margin:0px;overflow:hidden" dir="ltr" marginHeight=0 marginWidth=0 leftMargin=0 topMargin=0 border=0><div id=":1.menuBody" class="goog-te-menu"></div > < /body>


HTTP Transactions (204)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C15644F69FBFEB99074C7E9711DFC9452EE164FA78EB981B6BAE4FB7E3585F2A"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2414
Expires: Fri, 18 Nov 2022 20:24:49 GMT
Date: Fri, 18 Nov 2022 19:44:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1313
Cache-Control: max-age=140905
Date: Fri, 18 Nov 2022 19:44:35 GMT
Etag: "63775eeb-1d7"
Expires: Sun, 20 Nov 2022 10:53:00 GMT
Last-Modified: Fri, 18 Nov 2022 10:31:07 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 18 Nov 2022 18:44:49 GMT
cache-control: public,max-age=3600
age: 3586
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7934
Expires: Fri, 18 Nov 2022 21:56:49 GMT
Date: Fri, 18 Nov 2022 19:44:35 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: oc1rt3f2fIxUBpDmcf1Xyq3Pnw6Wexnu35Gy+SwrwPWzVu5pGDKHLb6Gxl2ZEFTIDVCub22ripQ=
x-amz-request-id: ERW7DV4EY11ED389
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 18 Nov 2022 19:15:43 GMT
age: 1732
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 18 Nov 2022 19:44:35 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 18 Nov 2022 18:44:49 GMT
cache-control: public,max-age=3600
age: 3586
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4041
Cache-Control: 'max-age=158059'
Date: Fri, 18 Nov 2022 19:44:35 GMT
Last-Modified: Fri, 18 Nov 2022 18:37:14 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /tau/index.php?qbot.zip HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         69.162.134.162
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://mpatriotestogolais.org/tau/?qbot.zip
content-length: 157
content-encoding: br
vary: Accept-Encoding
date: Fri, 18 Nov 2022 19:44:36 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   157
Md5:    d81a30e8b94539501927cdc30647360b
Sha1:   56fec9cfb9056557bb93cb6db87fc476c2d4ff77
Sha256: 77460614f7360fc01aefda429ef85bcb065f43e36f18ec4a1d16c8be7bc67a34

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nzPRUFo9u+A70mnsqhTkIg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.148.17.90
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lB0X1rJEvmfJnf5SzE6u8HxOews=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6806
Expires: Fri, 18 Nov 2022 21:38:03 GMT
Date: Fri, 18 Nov 2022 19:44:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6806
Expires: Fri, 18 Nov 2022 21:38:03 GMT
Date: Fri, 18 Nov 2022 19:44:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6806
Expires: Fri, 18 Nov 2022 21:38:03 GMT
Date: Fri, 18 Nov 2022 19:44:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6806
Expires: Fri, 18 Nov 2022 21:38:03 GMT
Date: Fri, 18 Nov 2022 19:44:37 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd26f9e-1666-47e7-91b0-4b371ede5e61.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5955
x-amzn-requestid: fe915fbe-b1dc-4fbd-8a10-1cb46e08f56c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btqPjHloIAMFidw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63755730-16deb73f48305b0139b1d9bd;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 21:33:36 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: z5S-G5i9-jfmyOFjA9XYxOt97mvYwjuTMsPv01Hw_N0fbOO2mvQz3A==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:39:42 GMT
age: 79495
etag: "9404b0071027ac7ec0055a9edfbd607e3a8ae501"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5955
Md5:    30ad43f65949e7e22e73292e3d684f3d
Sha1:   9404b0071027ac7ec0055a9edfbd607e3a8ae501
Sha256: b97961cbd2245f9927c1c0406451449d28cca24c98c534cace78321ac62eeeb2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CHi9V7-WaWmG6Y0249CZJnhe_RjvleaGFVXoOnJ62cjrcXoLLKwzgw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 07:20:30 GMT
age: 44647
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11667
Md5:    032386e5c9dffff1ba1ee5e8a322d438
Sha1:   dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
Sha256: 0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7631
x-amzn-requestid: b47e545d-1fb6-4a62-ab45-28cdb9d3f0b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-vQE0XoAMFS3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab2e-56365eed3d4c082c53b172b3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qpoQa1Lhe-h27dGooXDCtujesSTg7Tb0Ov-PNLnUP0288ZofwHxkhQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:24:12 GMT
age: 76825
etag: "e88c5832ff0c49bab181d948c3a510d88343bb6f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7631
Md5:    b2b393e36ee2c9649d90db136aa49542
Sha1:   e88c5832ff0c49bab181d948c3a510d88343bb6f
Sha256: 8b524701df43bff56ac52a021ff0fbd964e06f00e84b4861aa557ec6ae6b4ffd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6344
x-amzn-requestid: cac35b04-be3b-4ae1-bb5e-8cedcd7a7db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btqOVFCXIAMFcOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63755728-45c28fa333b748520be29b57;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 21:33:28 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: RQqPegf6sdVW0qmrGnUo6EORLuT7BRikwhtF08LAxWNCpLGwGZnG8Q==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:34:03 GMT
age: 79834
etag: "4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6344
Md5:    a9d32fa3866dd741de610a61a93ad893
Sha1:   4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e
Sha256: 4492338de536cfae6fb42fd37170c60f4fbc281a2a924efe6d2b5af352cd102c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3759
x-amzn-requestid: 8c91ac59-89dc-4218-b69f-0cebb29f301b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-wJHgxoAMF-hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab33-4dac305614a92bc52c038222;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mb2-PTjNmt06Wd5jOjQ5WoLY-0NgI80CKPXtwgzBt4n5km8Pu_WN0Q==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:08:54 GMT
age: 77743
etag: "399ac393209dcdac7d2188d7aa8d95f04570ef7c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3759
Md5:    5d0b6106f00f9fd8b89c2d484a559a1a
Sha1:   399ac393209dcdac7d2188d7aa8d95f04570ef7c
Sha256: 5d8151c9eb558f4a2b8bd2952c6845606ddb0c27e36f6e49aca7e60908cd9fe4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10281
x-amzn-requestid: 11dffc4e-71d7-4195-8890-62c8a2092728
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-77EWaIAMF3WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7f-3c0dc7e43023af827ac26958;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Xbau-BXu_W5Hu8QaCg3tvwfYMb_8L8F_muNp4gVukeNTmiDW4BAXhA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:24:03 GMT
age: 76834
etag: "90a146aef85765630a5e09e46a0a8682e204bec1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10281
Md5:    35da1192dcadc6e329a9e60c16904301
Sha1:   90a146aef85765630a5e09e46a0a8682e204bec1
Sha256: 816d1387a3a91a82f0bdaa2b703b45aa30be206d30d4dd1e8ac5deca13de57ad
                                        
                                            GET /ajax/libs/font-awesome/5.15.4/css/all.min.css?ver=6.1.1 HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mpatriotestogolais.org
Connection: keep-alive
Referer: https://mpatriotestogolais.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 18 Nov 2022 19:44:37 GMT
content-length: 10462
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613fa20b-28de"
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4376343
expires: Wed, 08 Nov 2023 19:44:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=St%2F9%2BE8A5omZStjMkqsD2KCrRbWipki01LlYdRqx5WzP%2F45Kwhjd26JM5yEAhTAFG2buFriEf9G53yNGQVWO6Ukb29rN2PYMoGygLMkLUfVajopTYE7261GgTzTrGehnJo8PWUwt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76c333ac3b7bfab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (59119)
Size:   10462
Md5:    14e1692fd4263ccfea0b84299bdbf1f5
Sha1:   7783020a9ced5f32c8d38205357c7d10798be1fd
Sha256: 8ff0cd2d1e7f0b6203a762fb9811256d4445a3ad0d97f07102e038ba0eb3db72
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Tue, 15 Nov 2022 23:43:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47826)
Size:   11616
Md5:    c4d7cc056b49b00e05cc29cc59aa3d5a
Sha1:   48c426bec60099d2a8628df430ed682c72aab42a
Sha256: 8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/buttonizer-multifunctional-button/assets/legacy/frontend.css?v=531d09ab379f2b486866f03fec6c12cd&ver=6.1.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Mon, 14 Nov 2022 11:44:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 934
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7116)
Size:   934
Md5:    51f6b077a53c67c61080d5ef84004326
Sha1:   d0377af4e71fe6ca0d36dd413c5f1ba878957e6d
Sha256: 92a8d89590251e5e7ecff2987e57045e43cf27ac27cebfa889e1e2bb1d088113

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 19 Oct 2022 11:45:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   848
Md5:    c962ba8e7d42ff9da18392b41dad5151
Sha1:   7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
Sha256: 322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/link-widget-title/public/css/link-widget-title-public.css?ver=1.0.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Mon, 14 Nov 2022 23:48:41 GMT
accept-ranges: bytes
content-length: 98
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   98
Md5:    e6094661d8923e95b233019ebff7c8f0
Sha1:   cfd836d385d475baffee45d85cfeb9bb36e70d9e
Sha256: 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/document-gallery/assets/css/style.min.css?ver=4.4.3 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Tue, 19 Jun 2018 22:44:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 247
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1079), with no line terminators
Size:   247
Md5:    f0452297fce3e4f4a622e09b32fb7fff
Sha1:   b93f8150cac9c0dd788eeb6f0bc7168c4a811144
Sha256: 44cc23c966b57badda9fcd1bf2f2aff2ec69c60abc1644fd3707189d8ec47db4

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /tau/?qbot.zip HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

search
                                         69.162.134.162
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://mpatriotestogolais.org/wp-json/>; rel="https://api.w.org/"
x-tec-api-version: v1
x-tec-api-root: https://mpatriotestogolais.org/wp-json/tribe/events/v1/
x-tec-api-origin: https://mpatriotestogolais.org
content-encoding: br
vary: Accept-Encoding
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26348), with CRLF, LF line terminators
Size:   35224
Md5:    e9a4128a7d9c56260432be7a09e1261a
Sha1:   5fbf63b4a4b04148d3ae2ad353caedad6c295a04
Sha256: 45c321cf73bb0ce58eb65b9e40881e4636ebbd241267b21f062bab8ddea17269

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/pj-news-ticker/public/css/pj-news-ticker.css?ver=1.9.5 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Tue, 20 Jul 2021 23:46:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 174
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   174
Md5:    3b13a56062f347cd2dbab7625179bb9f
Sha1:   dcb1b1c3a5f09836428901d16edbedcd7237584b
Sha256: 187d6bd9471f17e31e6e3b2c6c3dec64592714d379a1f0bca8121c04ae072c63

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/t4b-news-ticker/assets/css/t4bnewsticker.css?v=1.2.6&ver=6.1.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Mon, 15 Aug 2022 23:47:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 544
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   544
Md5:    82a4e3910c9b5e149a23723819d3fc85
Sha1:   0e66cdf06dfe7b74079265aee010c7ca53e62947
Sha256: e7f2541b34f69f405670a2699d73c7c1919f342fd7802a6c9105a0c9b49b86aa

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=2.7.8 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 05 Oct 2022 11:43:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12300
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   12300
Md5:    8984613f53a109cc01f6894ec1a4e934
Sha1:   629668fa02d3618bb28143538d2702213ad4f39b
Sha256: f12987808aca5600c5f572bacfdc190cd554ed9655c18a8bfe5ee528a099e8a8

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/add-search-to-menu/public/css/ivory-search.min.css?ver=5.4.10 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Fri, 04 Nov 2022 11:53:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1503
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6811), with no line terminators
Size:   1503
Md5:    6b02501929ae5325081692b96875c0de
Sha1:   b0ff9cc3b3fc6b7a7217c6f41da308a02a886aff
Sha256: b13e2838d2541e0e840d05e3de75fd47e31305cf1326294f3363d1927095ee9b

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/css/post-3234.css?ver=1661054409 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Sun, 21 Aug 2022 04:00:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 238
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (623), with no line terminators
Size:   238
Md5:    4ff8a590dfb488967b3767ae3d15c2de
Sha1:   498682759d47b1b8de698c74ba9bb457b2dccebb
Sha256: f3962e768f3d048bed8bbda33a16c88f4f1858896d7e273ea695596639bfb843

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/css/post-3233.css?ver=1661054409 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Sun, 21 Aug 2022 04:00:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 308
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1120), with no line terminators
Size:   308
Md5:    ebe80804ca40f1b80431a6c5bc9cbf4d
Sha1:   a3e1cffd7c1cdf58a0e96ae6d1edda28a1d2219c
Sha256: 12ef5cfd0fe1848e3da68334b08a4db4ce0193184cbd1ea5450af619fa8742ff

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Mon, 14 Nov 2022 00:37:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3629
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19233)
Size:   3629
Md5:    af3bdf44d09914e8adb51fec560d8816
Sha1:   84bb225e096bab405868dd504e62133ba75cf1c1
Sha256: 4325dab21d3eb9efb8e285a0926be743f27e46446ccf5f9be65bb4b60c024152

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/tablepress1/css/default.min.css?ver=1.14 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Thu, 24 Mar 2022 00:10:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2016
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5092), with no line terminators
Size:   2016
Md5:    f13e1637411c99de7b2ffd9f9a0d4556
Sha1:   f7b837efa8147941b89a06978a3a918c1feb90a2
Sha256: 19891fc9eeecce9fef6583a72ccb9f3bc2d213a67b9bc4ae481b69d2e4206ec3

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/css/global.css?ver=1661054409 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Sun, 21 Aug 2022 04:00:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2617
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14578)
Size:   2617
Md5:    f66906a0267db13e89becb419c6bce44
Sha1:   18bc868c72fd4b9cdab3bc6b93b0456429329ade
Sha256: 8d8be8163f8dc33bd65b9ca99a675726f6c29a6e1aee23aa93e653e7dc236b76

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/css/post-3304.css?ver=1661054409 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Sun, 21 Aug 2022 04:00:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 597
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3584), with no line terminators
Size:   597
Md5:    f59b5daa62d2455c654ff4fccee411b4
Sha1:   0cb03c84a990dac5b9de69c466309bdff9b7578a
Sha256: 9e6c1150ebe0453b2484c1274633bbcdca88036943d36a7f8272c41b307627fd

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/super-sidebar/public/css/super-sidebar.css?ver=1.2.0 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Mon, 22 Nov 2021 07:07:55 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2092
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2092
Md5:    f8ace6a0d0aa15787c838afbf95e52c2
Sha1:   0fad3796e2b47cd0e5d7071d449fe3628b802be1
Sha256: 2b23eb831368a00e25701c405158d70057d6b21ac75d660ff237e7de523012f8

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Mon, 14 Nov 2022 00:37:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12400
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65497)
Size:   12400
Md5:    eae4534b9e0b15aaf7ad9f3111688549
Sha1:   4bde4256711207e4a95c1376f0b453cd660a63d8
Sha256: b9adb98eaf24ecee30ef9b280527781e217f6e3829b8e22e5a42f7f14819cfec

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.5.2 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Sun, 21 Aug 2022 03:59:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13297
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65493)
Size:   13297
Md5:    f66f5151257f1fb1b0c4ed50bcc17f15
Sha1:   b2eef8c46a2d6eb070f279c293032f5ac98e9b8f
Sha256: 5fadaacea9b809b14c813eaf4f0822c36babbfa56afe05b2b5fa9a89ea09bba9

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/et-cache/notfound/et-divi-dynamic.css?ver=1668728623 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Thu, 17 Nov 2022 23:43:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10670
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14525)
Size:   10670
Md5:    b6bac6a2409584b40a81f30d2c3a1526
Sha1:   c7f9f664e3d03f84983d555a211357fc98cd9579
Sha256: 45faa656f208c07368726427da919d62d90322c5dcab860e31cc42a1070d2118

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/revslider/admin/includes/shortcode_generator/divi/styles/style.min.css?ver=1.0.0 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Sat, 27 Nov 2021 10:42:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5854
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8657), with no line terminators
Size:   5854
Md5:    ae1ef24e069135f3ccecfae45dcf5cfd
Sha1:   290b9e6ada0b451a35cc74746e1eef5ef1889690
Sha256: 68d53639beaa182d73cb0d912360dd8e2a09d36b30f13b62c420ab2333fde58a

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Mon, 14 Nov 2022 00:37:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6657
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   6657
Md5:    5dbbe85d6a3308dceb97d91b740b0f11
Sha1:   3f70abf9963371962665167f98ba52365481496d
Sha256: 751d4fdd16bd33cc9c93bcaadcd316922ca9bbd74cb6a9e1705c8bef4330dabf

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-member/assets/css/um-profile.css?ver=2.5.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 26 Oct 2022 23:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2054
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   2054
Md5:    aad0409caf2c359db4fc1555fe59ff5a
Sha1:   a5efa4f11035b429b6eca51427bb131760693581
Sha256: 180c37b1cc4a56bc75a95a0b45c69ef519fa154c09a0e318ecc18c826131f4a0

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-member/assets/css/select2/select2.min.css?ver=4.0.13 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 26 Oct 2022 23:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1803
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14965), with CRLF line terminators
Size:   1803
Md5:    c9da0e6818828d918ef7d42993ef6501
Sha1:   4ac08597900c753123fb1c1151778943e826cddf
Sha256: c3afa49ca8da1537454dc998cdbe766922a6b593162631676fcb6196b8e1b717

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-member/assets/css/um-crop.css?ver=2.5.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 26 Oct 2022 23:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 852
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   852
Md5:    3aadde2f376f8fb74594a047c1a60b18
Sha1:   d5a2c55f28b82995bb21b77c6fa1f62683ae6e83
Sha256: 74af900a90d551b3f5224f2c12f339cc206dea551503cf9a465535d06de9dca3

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-member/assets/css/um-misc.css?ver=2.5.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 26 Oct 2022 23:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 629
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   629
Md5:    1e361523ad4b41d7e46f33ba1a9d9270
Sha1:   cea819034c7fac15c797679659caf43414dec15d
Sha256: bad108f56182b00a25eccffe5eb7a8ee7d4e3ec87fe8b986d3e5f3ea84609722

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-member/assets/css/um-fonticons-fa.css?ver=2.5.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 26 Oct 2022 23:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4419
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   4419
Md5:    203c79ef105517f21436e6c5f7866081
Sha1:   d4a48b9fc97464db54948ad59466931ae2c9aaad
Sha256: ba5355df2bab7fb5e09da06d449faff5e9badf0be16b1abf762cd28636087e4e

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-member/assets/css/um-fonticons-ii.css?ver=2.5.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 26 Oct 2022 23:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5029
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   5029
Md5:    090d56ca1e6016ae6aee2b71b0788bfd
Sha1:   c6d574b79fa48ce3430f17d62a125022919998da
Sha256: 7b763cb5cb16fd9d5f0b2dc2e9e4a7c1bd672a99207ceb4e57e9aeeeb937460b

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-member/assets/css/um-account.css?ver=2.5.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 26 Oct 2022 23:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1026
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1026
Md5:    59170963d5c0fc2595c971d273cf559a
Sha1:   72e21d9638be0fd6f8fc283a6e6401053cf0a78e
Sha256: 0b3ec88062ab089f6e8762f99bd50a4cafc68f2eb6cb54d716cf5954ef6b2384

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-member/assets/css/pickadate/default.css?ver=2.5.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 26 Oct 2022 23:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1076
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  troff or preprocessor input, Unicode text, UTF-8 text, with CRLF line terminators
Size:   1076
Md5:    e309ba900abdea5b5fc45223470bd84c
Sha1:   4d38239f1f48f74a6e3ec72419d9664ceea2b0a5
Sha256: d1e01da55942a1c4123cdf629ddf11486f95f6e4606af6d7b2b01a8c82612cbd

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-member/assets/css/pickadate/default.time.css?ver=2.5.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 26 Oct 2022 23:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 647
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  troff or preprocessor input, ASCII text, with CRLF line terminators
Size:   647
Md5:    48b46fc5a9e8c31f80f66bf87ce8ebc8
Sha1:   a392fc2c33390664e9c3dea2630073833f1c1b4c
Sha256: 02aff32edf425ffcfad74edf6a587c15405068914e7e51270da7c51deda5fa2d

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-member/assets/css/um-tipsy.css?ver=2.5.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 26 Oct 2022 23:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 441
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   441
Md5:    791eca9a148a8f82e13800b1c02d52f4
Sha1:   16a8f131f5d1e440659147eb2c9893fe16180bb3
Sha256: cf136ed55674379e0133bf59e3ec619d708c62885020a72f6c8e547d9f52b6a7

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-member/assets/css/pickadate/default.date.css?ver=2.5.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 26 Oct 2022 23:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1146
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  troff or preprocessor input, ASCII text, with CRLF line terminators
Size:   1146
Md5:    83f4496e7d110ac4e5466e5f99fce7b5
Sha1:   06b22a073da2fafbb762eeb178aff35c277cc9ec
Sha256: a71d20a114f5ff570d20fbc240575ee63dd0a81827385eaa4c376119a93df415

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-member/assets/css/um-modal.css?ver=2.5.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 26 Oct 2022 23:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 830
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   830
Md5:    517e9cc44d07574418a28e2dbcc473be
Sha1:   c510b5bd27e5a93ce59f882c23c0d980fe143a1a
Sha256: ac46e08f17effd7f5a8c9733997bad1c4679ad7d162b1edcbfde80803552c18c

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-member/assets/css/um-raty.css?ver=2.5.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 26 Oct 2022 23:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 392
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   392
Md5:    e1a97213e08ca891317558a436e1da5b
Sha1:   e5caa66afaa2b78243f61c31784e8b554b836784
Sha256: 4570184add307c3a72d939b5916141e7c61b4afbab09adde5f6568837c7557a9

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-member/assets/css/simplebar.css?ver=2.5.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 26 Oct 2022 23:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 890
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   890
Md5:    8f0c68bda57a989276038a5deabaf8a2
Sha1:   82170e2d3eab88d61ab154f15921cb6bc94f1385
Sha256: e468f2b5edfce1653504858f4b4310f29ec7dee8ea006cfac79f31cc9e72c65d

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-member/assets/css/um-fileupload.css?ver=2.5.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 26 Oct 2022 23:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 845
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  troff or preprocessor input, ASCII text, with CRLF line terminators
Size:   845
Md5:    e6d3e381cb1cad09ca0d9991d7a4d9bc
Sha1:   4b66ac9eefff20b0140378a4d37b4d89a46967d4
Sha256: 71b8a9157a561f3d81480d82ae31abdffb9a69da97e647323b8463ba0208e128

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-member/assets/css/um-responsive.css?ver=2.5.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 26 Oct 2022 23:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1708
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1708
Md5:    16a2dfd1e000e877e8391ba1d9356bdd
Sha1:   201759f2021b25758ec1af2f0749ecc27cdd6e26
Sha256: b4a5fe9a1635a9b423bf14991bc76f2e260adc2512b9bfa61c6097c75c8e0672

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-member/assets/css/um-styles.css?ver=2.5.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 26 Oct 2022 23:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4141
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  troff or preprocessor input, ASCII text, with CRLF line terminators
Size:   4141
Md5:    861f41bc607eb64d1c29df9665e67485
Sha1:   4fc019fac2efe27b532c8b8e55e9f4bc6321dcf2
Sha256: a88c73480edb4bfa02d63ecdedcc84053c6035bc8a31caa9eaa1f420f819e07b

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-member/assets/css/um-old-default.css?ver=2.5.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 26 Oct 2022 23:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1089
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  CSV text\012- troff or preprocessor input, ASCII text, with CRLF line terminators
Size:   1089
Md5:    5df94c75874c13cb4479b27130d9bf33
Sha1:   557c1319d7dc501d6faf2050092a371fd6087033
Sha256: 4b2a1611edc81173f5169b05e3da8737c722df2061dae1a393bd90ad639e37ef

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/Divi-child/style.css?ver=3.0.106.1520814785 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Mon, 12 Mar 2018 00:33:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 311
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   311
Md5:    28d1a8b4bcc2a031be4122fa0c2e071d
Sha1:   37cd892ea35f5a6cfc6b5672a79d0d185d433b34
Sha256: 9d0d966d0c3afee0c4111328fd97fa306ff28736298bd0a935c7cb481ecd9531

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/profile-builder/assets/css/style-front-end.css?ver=3.8.5 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 16 Nov 2022 11:42:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4985
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4985
Md5:    544bfc3cf69fe7c5655076b7b82799c8
Sha1:   f5a3085b310b089e2266a9105d5df4d45d36b776
Sha256: c90fc66a113dc1ec41fa88826bf99aaab3556aef1a7821a41bc9981ba8366ea5

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1397
Cache-Control: 'max-age=158059'
Date: Fri, 18 Nov 2022 19:44:38 GMT
Last-Modified: Fri, 18 Nov 2022 19:21:21 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Tue, 20 Sep 2022 00:46:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30324
Md5:    3a1740685bd5c0bbd5f2b812e1eb7fb4
Sha1:   488e07695da787fed18361c50292aef35abb5e81
Sha256: 4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 18 Nov 2020 20:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   3995
Md5:    7e058b51f939eacfa31cdface14dded5
Sha1:   9d732e5afdeb42edef9e1b9631b7e95e054787cc
Sha256: 4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 19:44:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/link-widget-title/public/js/link-widget-title-public.js?ver=1.0.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Mon, 14 Nov 2022 23:48:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 412
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   412
Md5:    e92d50e4ea8815af34e820ce2690e56e
Sha1:   83366b2b3d854db08b7eeb50b953f89978ad6410
Sha256: 887aee3fb3d8faf634a6b3f09f93447a4c87b7fb4d83b8679effbcab7bf5292a

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/pj-news-ticker/public/js/pj-news-ticker.js?ver=1.9.5 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Tue, 20 Jul 2021 23:46:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 824
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   824
Md5:    94cc40bb719b74fe52d18ea4a41f8bab
Sha1:   bf86a56415480bdf82666281ff7666249316de59
Sha256: b686fb0226f28f76da09d99ade65eddc98a811b5b435002c8fc580c1019ffee1

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/t4b-news-ticker/assets/js/jquery.liscroll.js?ver=1.2.6 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Mon, 15 Aug 2022 23:47:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 891
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   891
Md5:    310d43c3a61890b820db6db07122b3af
Sha1:   ce944ca175adc6fa107e5c1a41047854d3be33ea
Sha256: 4c379cdc2c9ce22692e3c251d11042b65e34eb3fae6e3d6fd088091ecfdde257

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-member/assets/js/um-gdpr.min.js?ver=2.5.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 26 Oct 2022 23:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 215
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (416), with no line terminators
Size:   215
Md5:    bbb9b4be30807537255354f94184bc12
Sha1:   2ba76090666187efa7fcb810052596b68dc80c37
Sha256: d437288b21943587e23e9ae0404e4934e5a4473dc87594b0544f069f704bf555

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 19:44:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 19:44:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1668728623 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Thu, 17 Nov 2022 23:43:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2505
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9834), with no line terminators
Size:   2505
Md5:    7d84a6e465b3766401f9f5caef73d297
Sha1:   91dfbc26a2965de9d7cc7b2e43f3fcde0eb395bc
Sha256: 8c4c6e2e65faf3a60a0748ff99baeb36e42c1f3f242794566f0c0a47d20f2dd2

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/11/logo-150x150-white-version.png HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Sun, 21 Nov 2021 10:52:51 GMT
accept-ranges: bytes
content-length: 69179
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 250 x 289, 8-bit/color RGBA, non-interlaced\012- data
Size:   69179
Md5:    2574d1432722b75cc24327a5eb5587ec
Sha1:   f1d293327d4a22d2c1738d004a56e8b8c98382aa
Sha256: dd583c1de38bc0278f813dfb28a639fbbe40ad102d750debd2c3de24ee73af1f

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/email-subscribers/lite/public/images/spinner.gif HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Fri, 18 Nov 2022 11:45:34 GMT
accept-ranges: bytes
content-length: 3208
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 32 x 32\012- data
Size:   3208
Md5:    80cd1b1264ba5e75e17297cfae6dedb6
Sha1:   a8b2cba86918ac7aae92e04746d7dbc349554cb2
Sha256: 7837e876f1eef549b3250b78380ec2df00ad6da4da6c27667424b1636854df3c

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_facebook.png HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 05 Oct 2022 11:43:14 GMT
accept-ranges: bytes
content-length: 1357
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Size:   1357
Md5:    fd252856427200b657dbc55dddbd1217
Sha1:   af4029bf1ab66c8211b37fe27f7e0e3bfa588f41
Sha256: 0dce5940cfbb1995ffa0933df7bdd96af2b9bfff5f4ae12dc1641ad0ce920019

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-social-media-icons/images/share_icons/fb_icons/en_US.svg HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: image/svg+xml
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 05 Oct 2022 11:43:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1778
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1245)
Size:   1778
Md5:    6c3ab9b03c9e080606092fa45259efc1
Sha1:   8a214c8b719bf8d59d58deeca24f7560338251be
Sha256: d46d1c496f534efa729616623bb581c55f511cd81da834f1b20b66dd9f3b3fb8

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_twitter.png HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 05 Oct 2022 11:43:14 GMT
accept-ranges: bytes
content-length: 1529
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Size:   1529
Md5:    b4699c9022529206d2a3f5674a8c6f7d
Sha1:   9949e3326520912ca0d7bd6582b1d655d98bb1fd
Sha256: 6b598958eccff91e50b3f1d35a8193f70e72c2b327abb8fc46b17c46c483cce9

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Sat, 08 Jun 2019 07:15:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 982
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4186), with no line terminators
Size:   982
Md5:    24f4d7f425e792ab35adaab50816e54a
Sha1:   9e25bf79b674ddb7ba09ad7f118c50ec473c02c8
Sha256: 1c78bfb4d523785a4ebd37bb1f79f214f9bdb16673f7cc50805f7f1a26ad7f83

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ninja-forms/assets/css/jBox.css?ver=6.1.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Mon, 05 Sep 2022 23:53:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3172
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (499)
Size:   3172
Md5:    f7efc11077dcdb162e14433d9f85c287
Sha1:   0917455b5a921c63fd57c18c1210815f08411fdf
Sha256: 5ef04d5b80296e34ab81e3174b4febd0bc7303d99db7489662f504b8522c17cd

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 30 Sep 2020 02:23:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2394
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11256), with no line terminators
Size:   2394
Md5:    ce94f62588d05264ac0148712111cb11
Sha1:   518bcd922f54169aeb199c0ccbc5877165ac218e
Sha256: 84ab658a69c39f424be0b27f61d612447d01606fce33beb962cbea53627d8c81

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 19 Oct 2022 11:45:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3706
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (12310), with no line terminators
Size:   3706
Md5:    dc6411bfa6891b75944f0074c945752d
Sha1:   03c1a8b686c287068c61ab90f58d905496d65085
Sha256: 96abeabc9cc7b4c2b7d46579f2827c67ccd02fbaef0343ae052f71accd381b0d

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/document-gallery/assets/js/gallery.min.js?ver=4.4.3 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Tue, 19 Jun 2018 22:44:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1334
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (524)
Size:   1334
Md5:    ae494bab4e0cbb90f1728bbe84f35d0a
Sha1:   7b753716cb2f217bc138008a0396576658eafcb0
Sha256: 2b3517c26fea8fb4c0e75ab52766ccaeeda9c4b5c3dce3e467963564cd902a8a

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/codelights-shortcodes-and-widgets/css/cl-popup.css?ver=1.4 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Mon, 11 Feb 2019 00:13:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1222
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1222
Md5:    524fad255a88ef57804494778b0e8fdc
Sha1:   00077442d279ec307144e3363430d52263b138e7
Sha256: aaf823b11499d1040b2130e53b1ecbb966e172eed1c28e50b3f3b30801c5f064

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 19 Oct 2022 11:45:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2817
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9937), with no line terminators
Size:   2817
Md5:    4317b1c024df372435f6482deadddeb3
Sha1:   5c8824a17e40a44ea8fc51568b98bdb1e2e7fab5
Sha256: 3798fb16289ba55459fb6d3b2efa915e3c019c5942759abb7bd19a0ef622b85d

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-social-media-icons/images/share_icons/Twitter_Tweet/en_US_Tweet.svg HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: image/svg+xml
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 05 Oct 2022 11:43:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1445
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1559)
Size:   1445
Md5:    4ebc8c243b241c4b46ad0f73067492eb
Sha1:   0127c67d82ca48dd9968d68ae67884685c9d378f
Sha256: 03c71470d61c1291ed14b8ae4742f6bb97a78a2e61a5f2b509b565f1febc23c2

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/email-subscribers/lite/public/js/email-subscribers-public.js?ver=5.5.0 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Fri, 18 Nov 2022 11:45:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1435
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1435
Md5:    f48271a181616577063d4aefbde63b7e
Sha1:   3603c6e1da9a0806c09ed9238386d38ed8fcf170
Sha256: 60db47858633a89f6097b9498a1f92068634d371ce8368f241ebe4fdc3ec020c

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_youtube.png HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Wed, 05 Oct 2022 11:43:14 GMT
accept-ranges: bytes
content-length: 3138
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   3138
Md5:    6eb8a223dab62b511100cd3ce154045c
Sha1:   6131cb215e22ff63bdb3418d78e01a4bb4a6a1be
Sha256: 271f9e7d9503571e0063b2184d49d0935574b5316a7f579f2b9066fadec16bf5

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/codelights-shortcodes-and-widgets/css/cl-core.css?ver=1.4 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Mon, 11 Feb 2019 00:13:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1077
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1077
Md5:    2ac67bc56941e1105b75d0c5f1ba8ed1
Sha1:   37d50822996dccc6ba4eff3fd5fd9f4f30d9cf52
Sha256: 3824427b66afdd5136f9b9e6f437dff966e9d789ea39d6d7f1b8b6752d79e9e9

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ninja-forms/assets/css/font-awesome.min.css?ver=6.1.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Mon, 05 Sep 2022 23:53:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5878
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27303)
Size:   5878
Md5:    7f91c596474be2ddbf15257459ba8740
Sha1:   83ec6a757f917013c91cb74dedda311764c324a0
Sha256: c3331deb1b613d0994eb7841bb8019df2f81bbf6a0f51da9d5881f36cd5409f8

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/ninja-forms/assets/css/display-opinions-light.css?ver=6.1.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Mon, 05 Sep 2022 23:53:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6197
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (44588)
Size:   6197
Md5:    fec18b40ef80feb568122bcbc49d7f07
Sha1:   3e12b8205b9a8efd0906ee4c3bc59c51dfad2ad7
Sha256: e5e3f998d1608c93cace582df71e8ed519bbc501aef241c0f7a4f64e7d60694b

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.9 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Sat, 27 Nov 2021 10:42:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11758
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (12602)
Size:   11758
Md5:    7d1694c1ffa2002c380123f7b2a10999
Sha1:   9a739260c33fa947ce26c045ad74810e35ae4125
Sha256: 167a0baefbb0e0cc23898b89754857039300983548b1cad1cb31ac710cab6cda

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Thu, 04 Mar 2021 08:46:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 35110
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (58981)
Size:   35110
Md5:    54c5bfb8a890d87139d9abfe01662c83
Sha1:   f9eddf5b8a3269e6d6fa40b4f13083705e6267c6
Sha256: 9685e5cabe4efc8c85e986725af8009b306416aad3ecc9086ca5bb12b84ce4ef

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/buttonizer-multifunctional-button/assets/legacy/frontend.min.js?v=531d09ab379f2b486866f03fec6c12cd&ver=6.1.1 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Mon, 14 Nov 2022 11:44:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 65846
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64398)
Size:   65846
Md5:    35f7f1e7a89e3a9bbdc62cf032b25c90
Sha1:   1126b72ed992de1a7fdd3635a9c25d9f008c5834
Sha256: 0573c72b94a1aaef4897c45329d2e56996a26e9438755b236c0df8938f854e7e

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.9 HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Sat, 27 Nov 2021 10:42:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 95388
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64288)
Size:   95388
Md5:    7b28f509b0ff1087b242dca3dc019a63
Sha1:   76e3edba18c657ec02d6fe9f9c049965ac1767d9
Sha256: 1572c2029035b15c0b114ecb6e48b1b7442b09942f694c4c289fe5e2f0e28445

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/10/IMG_9317-300x300.jpg HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Tue, 05 Oct 2021 01:55:22 GMT
accept-ranges: bytes
content-length: 18592
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Size:   18592
Md5:    d146e1f3d67be719d51d52d34e7a09f2
Sha1:   5c66c3367185d435b627f6471f991ad2662dc698
Sha256: 314e3c7347ef498ededcd21023662f4ffa30b0c1a7894e49b8d67e531f407e41

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/10/IMG_9318-300x300.jpg HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         69.162.134.162
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 19:44:37 GMT
last-modified: Tue, 05 Oct 2021 01:55:24 GMT
accept-ranges: bytes
content-length: 18316
date: Fri, 18 Nov 2022 19:44:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Size:   18316
Md5:    6c13ac23d4374609f2a44c365b3d3564
Sha1:   56f9f4d1e7e111b5a67caacbadc7e23d7e5fa06c
Sha256: 8652c07f0392c4eb739446037ad4e05437eb3257c6c8bd0652a0396d455d504d

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/10/IMG_9319-300x300.jpg HTTP/1.1 
Host: mpatriotestogolais.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpatriotestogolais.org/tau/?qbot.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search